mlx.su Open in urlscan Pro
172.67.171.26  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request b9787049 Show response mlx.su/paste/view/	34 KB 9 KB	1263ms 1055ms	Document text/html	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/view/b9787049 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a69deda32923c8cfc689e96fd73e1b6d9f43cfff3782f3e0802d6b9161bdffa4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control cf-cache-status DYNAMIC cf-ray 98ce01df6c85073c-TPE content-encoding zstd content-type text/html; charset=UTF-8 date Sat, 11 Oct 2025 11:27:17 GMT expires Sat, 04 Oct 2025 11:27:17 GMT nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} pragma priority u=0,i report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=15Jc%2Fg%2F%2Bv2IWfSkX3LvGpWbv%2FahxCYsQtGTIucA%2FI1TIsgrWUMrlnjlmCvhaZQfzNIzq8vtnfdvRx1xjmuhUN9xDdL8%3D"}]} server cloudflare server-timing cfCacheStatus;desc="DYNAMIC" cfEdge;dur=26,cfOrigin;dur=955 cfExtPri vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	360 KB 128 KB	399ms 157ms	Script application/javascript	172.217.161.72 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.161.72 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s09-in-f8.1e100.net Software Google Tag Manager / Resource Hash 67b66ff493322e6a29a14eb5ed5fd00f4546bafe8ccf3a60797e48639eadfac7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding zstd cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Sat, 11 Oct 2025 11:27:17 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 130551 date Sat, 11 Oct 2025 11:27:17 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET H2	200	richads-ob.js Show response richinfo.co/richpartners/in-page/js/	68 KB 25 KB	1680ms 1102ms	Script application/x-javascript	5.200.15.240 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 5.200.15.240 Rotterdam, Netherlands, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash a3c16789981b4d2b6d56e5df945e814a4a9d75e7994f8e47e9947f243cdbc012 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"d6d62ab56debb0cf7b827038d51e8628" x-amz-version-id wKZ3pvd5vO_6kBJKer5rCdXmJwnpee0O x-amz-request-id ARY18AG3JJ41306R date Sat, 11 Oct 2025 11:27:18 GMT content-type application/x-javascript last-modified Mon, 06 Oct 2025 12:18:23 GMT server openresty/1.21.4.1 x-amz-id-2 qzV8qWBCQr6v0UqQDK6oW6sMqqVVmOZbdNNSqp3LVjxzB8gKoZldveGBDN9t0kX2p4x7Qm4FSdQ=
GET H3	200	168110833636dc087932d2200f08c0554a95fa8fec.css mlx.su/paste/static/asset/	100 KB 18 KB	80ms 79ms	Stylesheet text/css	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d9e018de8f460789f8e0fbf454d12f0ca2857bcbbe57dc1ab3a6bb5ea044471 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/b9787049 Response headers content-encoding gzip cf-cache-status HIT etag "6433bcf5-190a2" age 204178 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BdR1iYKr1mZvM7WFxJltLjAn7v%2FbOadGq8y9qoPkk2JkQQ0gC7%2FC49JC4OHHqphJ6d3x92YlGlXs6Z4rvR4e0xjm%2BgI%3D"}]} expires Thu, 09 Oct 2025 14:37:26 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 11 Oct 2025 11:27:17 GMT content-type text/css last-modified Mon, 10 Apr 2023 07:38:29 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 98ce01e60cc9073c-TPE server cloudflare
GET H3	200	b9787049 mlx.su/paste/view/qr/	328 B 738 B	501ms 500ms	Image image/png	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mlx.su/paste/view/qr/b9787049 Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97fabc07026212b7ff5c71258933adabc66d40fbe18c58b121ca3491defa0b4a Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/b9787049 Response headers cache-control nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-cache-status DYNAMIC pragma report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DHpvzlDjxpe%2FKluz7lPFdcTB1HaE9lIvZZzP%2FrrpfZPsmqDVfo05PRpbUrVs%2Bjrolq%2BJ8gms1bMqnxWV%2FgBbJIi1nUo%3D"}]} cf-ray 98ce01e60cca073c-TPE expires Sun, 11 Oct 2026 11:27:17 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 11 Oct 2025 11:27:17 GMT content-type image/png server cloudflare priority u=2,i
GET H3	200	api.js Show response www.google.com/recaptcha/	2 KB 1 KB	348ms 143ms	Script text/javascript	142.250.199.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.199.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f4.1e100.net Software ESF / Resource Hash cc168d114c3900f0527071e85df84d79b4eaa33c87357c8b8436bb245bc87fd0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control private, max-age=300 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} x-content-type-options nosniff expires Sat, 11 Oct 2025 11:27:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" date Sat, 11 Oct 2025 11:27:17 GMT x-xss-protection 0 content-type text/javascript; charset=utf-8 server ESF x-frame-options SAMEORIGIN
GET H3	200	168110833790a3218725fd31ca20064f5204d6a59d.js Show response mlx.su/paste/static/asset/	267 KB 87 KB	77ms 76ms	Script application/javascript	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/static/asset/168110833790a3218725fd31ca20064f5204d6a59d.js Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a53bed056cf837e2a686743d9c4f9983e69b9f3399ea140a35c14c278ce4c7b Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/view/b9787049 Response headers content-encoding gzip cf-cache-status HIT etag "6433bcfb-42d6d" age 57713 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=viQzS5W1GCs3wpsoyo2wRex9OfOEBy2XJdu08FEaB0UJuKKd8ZEFOGX9xGIkOG0ooE4N7CJDL0yIabLwPNWdxKu%2FeZQ%3D"}]} expires Mon, 13 Oct 2025 17:09:45 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 11 Oct 2025 11:27:17 GMT content-type application/javascript last-modified Mon, 10 Apr 2023 07:38:35 GMT vary Accept-Encoding priority u=2,i=?0 cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 98ce01e69ccd073c-TPE server cloudflare
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	220ms 85ms	Script text/javascript	104.16.79.73 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.79.73 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://mlx.su Referer https://mlx.su/ Response headers cache-control public, max-age=86400 content-encoding gzip etag W/"2024.6.1" cross-origin-resource-policy cross-origin cf-ray 98ce01e7689d844c-TPE access-control-allow-origin * date Sat, 11 Oct 2025 11:27:17 GMT content-type text/javascript;charset=UTF-8 last-modified Thu, 06 Jun 2024 15:52:56 GMT vary Accept-Encoding server cloudflare
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/	805 KB 348 KB	346ms 104ms	Script text/javascript	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash fba1a4f972df20d5c6051fb1d2ee07e0132c98b53fec27c84c2e6b56cb1f52bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://mlx.su Referer https://mlx.su/ Response headers content-encoding gzip age 170113 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 09 Oct 2026 12:12:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 12:12:05 GMT last-modified Mon, 06 Oct 2025 04:00:11 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 355368 x-xss-protection 0 server sffe
GET H3	200	glyphicons-halflings-white.png mlx.su/paste/themes/bootstrap/images/	9 KB 9 KB	74ms 74ms	Image image/png	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mlx.su/paste/themes/bootstrap/images/glyphicons-halflings-white.png Requested by Host: mlx.su URL: https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/paste/static/asset/168110833636dc087932d2200f08c0554a95fa8fec.css Response headers cf-cache-status HIT etag "6433ad70-2249" age 204177 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fHYyO2hY9Thj6Wk9OLjdiUZ9kyVMcDTHARGbNwEp%2F2cL6OTP0qZc505nwcskZrxSlak%2B2puUcS4s5I05FRfZKinBzHQ%3D"}]} expires Fri, 10 Oct 2025 12:50:15 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 11 Oct 2025 11:27:17 GMT content-type image/png last-modified Mon, 10 Apr 2023 06:32:16 GMT vary accept-encoding priority u=3,i cache-control max-age=259200 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 98ce01e86cec073c-TPE accept-ranges bytes content-length 8777 server cloudflare
GET H3	200	text Show response mlx.su/paste/main/get_cm_js/	0 590 B	391ms 390ms	XHR text/html	172.67.171.26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mlx.su/paste/main/get_cm_js/text?_=1760182037838 Requested by Host: mlx.su URL: https://mlx.su/paste/static/asset/168110833790a3218725fd31ca20064f5204d6a59d.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.171.26 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://mlx.su/paste/view/b9787049 X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Response headers cache-control no-store, no-cache, must-revalidate nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status DYNAMIC pragma no-cache report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=v9zHG%2FVKUjCYox4yzSddz3BKRVOPwQ%2Fthf27VRue1qJsG6RR2ubB0%2FzEd2sc%2FMmW2M%2B0PIItCvFzBqfoK7iW3H%2FXG%2Fw%3D"}]} cf-ray 98ce01e8bcee073c-TPE expires Thu, 19 Nov 1981 08:52:00 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Sat, 11 Oct 2025 11:27:18 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding server cloudflare priority u=1,i
POST H2	204	collect analytics.google.com/g/	0 0	209ms 69ms	Fetch text/plain	216.239.38.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-XSN8X7N395&gtm=45je5a80v9108914121za200zd9108914121&_p=1760182037435&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1712116423.1760182038&ul=zh-tw&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115752876~115834636~115834638~115868795~115868797&sid=1760182038&sct=1&seg=0&dl=https%3A%2F%2Fmlx.su%2Fpaste%2Fview%2Fb9787049&dt=Comparing%20Giants%3A%20Is%20it%20possible%20for%20StreamRecorde%20-%20MLX%20Paste&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1963 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.38.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:158:0 report-to {"group":"ascnsrsggc:158:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:158:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mlx.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:158:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 11 Oct 2025 11:27:18 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 551 B	207ms 68ms	Ping text/plain	142.250.157.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XSN8X7N395&cid=1712116423.1760182038&gtm=45je5a80v9108914121za200zd9108914121&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115752876~115834636~115834638~115868795~115868797 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XSN8X7N395 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.157.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS ta-in-f156.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:127:0 report-to {"group":"ascnsrsggc:127:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:127:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://mlx.su cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:127:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 11 Oct 2025 11:27:18 GMT content-type text/plain server Golfe2
GET H2	200	ga-audiences www.google.com.tw/ads/	42 B 408 B	388ms 142ms	Image image/gif	142.251.42.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.tw/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XSN8X7N395&cid=1712116423.1760182038&gtm=45je5a80v9108914121za200zd9108914121&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115752876~115834636~115834638~115868795~115868797&tag_exp=101509157~103116026~103200004~103233427~104527907~104528501~104684208~104684211~104948813~115480710~115752876~115834636~115834638~115868795~115868797&z=111008929 Requested by Host: mlx.su URL: https://mlx.su/paste/view/b9787049 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.42.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s45-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Sat, 11 Oct 2025 11:27:18 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame E049	76 KB 44 KB	366ms 162ms	Document text/html	142.250.199.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&size=normal&anchor-ms=20000&execute-ms=15000&cb=nvmnnti9zkcp Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__zh_tw.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.199.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f4.1e100.net Software ESF / Resource Hash c540d3647957bd5d975ebae4bae05836b39d9025acc2fc1d567ae0deab358d85 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-w_4RaJ8qD-FLVcStnQ3T6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mlx.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-w_4RaJ8qD-FLVcStnQ3T6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Sat, 11 Oct 2025 11:27:18 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/ Frame E049	81 KB 42 KB	349ms 106ms	Stylesheet text/css	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&size=normal&anchor-ms=20000&execute-ms=15000&cb=nvmnnti9zkcp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash 60870879fe9da0249afa57c27bc3e76b009269faf9d3c774d63d08bb82a0e0ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 1109 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Sun, 11 Oct 2026 11:08:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 11 Oct 2025 11:08:50 GMT last-modified Mon, 06 Oct 2025 04:00:11 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 42514 x-xss-protection 0 server sffe
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/ Frame E049	805 KB 347 KB	485ms 243ms	Script text/javascript	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&size=normal&anchor-ms=20000&execute-ms=15000&cb=nvmnnti9zkcp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash fba1a4f972df20d5c6051fb1d2ee07e0132c98b53fec27c84c2e6b56cb1f52bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 170114 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 09 Oct 2026 12:12:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 12:12:05 GMT last-modified Mon, 06 Oct 2025 04:00:11 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 355368 x-xss-protection 0 server sffe
GET		webworker.js www.google.com/recaptcha/api2/ Frame E049	0 0
GET DATA	200 OK	truncated / Frame E049	31 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 06a0bc5cd17cad5b55f7f40c8a51136b3f363a7b47cd503826b2c2e8a4c16f92 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame E049	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4626b90abd24e1dea31de9b475bcce0ade73beba938b240bb12221b4dccf25d7 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame E049	2 KB 2 KB	111ms 110ms	Image image/png	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css Response headers age 170343 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Thu, 16 Oct 2025 12:08:16 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 12:08:16 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT content-type image/png cache-control public, max-age=604800 cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 2228 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame E049	15 KB 15 KB	335ms 182ms	Font font/woff2	172.217.161.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&co=aHR0cHM6Ly9tbHguc3U6NDQz&hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&size=normal&anchor-ms=20000&execute-ms=15000&cb=nvmnnti9zkcp Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.161.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s03-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://www.google.com Referer https://www.google.com/ Response headers age 211006 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 09 Oct 2026 00:50:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 00:50:34 GMT last-modified Mon, 16 Oct 2017 17:32:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15344 x-xss-protection 0 server sffe
GET H2	200	in-page.css 7ool.net/richpartners/in-page/js/	2 KB 1 KB	1298ms 325ms	Stylesheet text/css	109.200.209.144 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page.css Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.144 Newark, United States, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"7b98c1051df4fae82026de8cec85b36f" x-amz-version-id Lpr4NmQoLhQvqLNjGNUiaYqbna.C_Kth x-amz-request-id 3403MDQ9ACDZ9GVR date Sat, 11 Oct 2025 11:27:21 GMT content-type text/css last-modified Mon, 06 Oct 2025 12:18:23 GMT server openresty/1.21.4.1 x-amz-id-2 y4oZ4TkYXg1SMbMqoPlsZK2EGtmdRAgFATtLQ08e3/wXdBErTViyxlNcDrO7DHzWRQKwTipE+oA=
GET H2	200	in-page-ob.js Show response 7ool.net/richpartners/in-page/js/	52 KB 19 KB	1620ms 648ms	Script application/x-javascript	109.200.209.144 i3Dnet i3D.net B.V
General Check archive.org Show headers Download Go to Full URL https://7ool.net/richpartners/in-page/js/in-page-ob.js Requested by Host: richinfo.co URL: https://richinfo.co/richpartners/in-page/js/richads-ob.js?pubid=972747&siteid=362980 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 109.200.209.144 Newark, United States, ASN49544 (i3Dnet i3D.net B.V, NL), Reverse DNS Software openresty/1.21.4.1 / Resource Hash 9d5c30673aadd8731fb70c9f0e55c36599877cfbafad2eee0663b9ad9a70951f Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://mlx.su/ Response headers x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED content-encoding gzip etag W/"fcceeed4d141f3fccd9455f2bcc675c2" x-amz-version-id zf8LQJqaCzbu3sQMYtRom6Akv4b42waA x-amz-request-id 340A58RK97CMVFZJ date Sat, 11 Oct 2025 11:27:21 GMT content-type application/x-javascript last-modified Mon, 06 Oct 2025 12:18:23 GMT server openresty/1.21.4.1 x-amz-id-2 SxPZ7LP9Q30VVD8HmzVX+K9ugkOZFSUB22LPV0yNAO+YrMeU8GRLPkzUngEUd8ba3FP85/nL5S8=
GET H3	200	bframe Show response www.google.com/recaptcha/api2/ Frame D0A8	7 KB 1 KB	142ms 141ms	Document text/html	142.250.199.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA6U_UgjhBD6qJmLMgbJoqHHCDaiZnY83w4o_Kiz3EATS8jLW_b421d9kyr9AJ1ZSck9hiykKMFmVQ5_-WuVTaGLx99dLw Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__zh_tw.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.199.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt13s52-in-f4.1e100.net Software ESF / Resource Hash b64ab41939ccce5f23275f635495e8586ec379d894d45199bbbdcc7c15b8c0b2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-13zfoT7oRNnt3N8upIDDfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mlx.su/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-13zfoT7oRNnt3N8upIDDfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Sat, 11 Oct 2025 11:27:20 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H2	200	styles__ltr.css www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/ Frame D0A8	81 KB 0	349ms 106ms	Stylesheet text/css	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA6U_UgjhBD6qJmLMgbJoqHHCDaiZnY83w4o_Kiz3EATS8jLW_b421d9kyr9AJ1ZSck9hiykKMFmVQ5_-WuVTaGLx99dLw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash 60870879fe9da0249afa57c27bc3e76b009269faf9d3c774d63d08bb82a0e0ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 1109 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Sun, 11 Oct 2026 11:08:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Sat, 11 Oct 2025 11:08:50 GMT last-modified Mon, 06 Oct 2025 04:00:11 GMT content-type text/css vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes content-length 42514 x-xss-protection 0 server sffe
GET H2	200	recaptcha__zh_tw.js Show response www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/ Frame D0A8	805 KB 0	485ms 243ms	Script text/javascript	172.217.26.227 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/bGi-DxR800F5_ueMVcTwXc6q/recaptcha__zh_tw.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA6U_UgjhBD6qJmLMgbJoqHHCDaiZnY83w4o_Kiz3EATS8jLW_b421d9kyr9AJ1ZSck9hiykKMFmVQ5_-WuVTaGLx99dLw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.26.227 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s51-in-f3.1e100.net Software sffe / Resource Hash fba1a4f972df20d5c6051fb1d2ee07e0132c98b53fec27c84c2e6b56cb1f52bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.google.com/ Response headers content-encoding gzip age 170114 report-to {"group":"recaptcha-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha-scs"}]} x-content-type-options nosniff expires Fri, 09 Oct 2026 12:12:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 12:12:05 GMT last-modified Mon, 06 Oct 2025 04:00:11 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs accept-ranges bytes access-control-allow-origin * content-length 355368 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame D0A8	15 KB 0	335ms 182ms	Font font/woff2	172.217.161.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/bframe?hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q&k=6LfMmQ8UAAAAAAKtB73g5iI8h6ubkRTUoSrsUUCE&bft=0dAFcWeA6U_UgjhBD6qJmLMgbJoqHHCDaiZnY83w4o_Kiz3EATS8jLW_b421d9kyr9AJ1ZSck9hiykKMFmVQ5_-WuVTaGLx99dLw Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.161.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS kix07s03-in-f3.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Origin https://www.google.com Referer https://www.google.com/ Response headers age 211006 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 09 Oct 2026 00:50:34 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 09 Oct 2025 00:50:34 GMT last-modified Mon, 16 Oct 2017 17:32:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15344 x-xss-protection 0 server sffe
GET		info us.convers.link/users/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google.com

URL

https://www.google.com/recaptcha/api2/webworker.js?hl=zh-TW&v=bGi-DxR800F5_ueMVcTwXc6q

Domain

us.convers.link

URL

https://us.convers.link/users/info?callback=userinfo_rp_ip

46 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer string| base_url object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| CryptoJS object| LZString function| CodeMirror object| ST function| $ function| jQuery object| FileReaderJS object| linkify object| __cfBeacon object| $embed_field string| w_href object| google_tag_manager object| google_tag_data object| gaGlobal object| recaptcha object| closure_lm_9141 function| _0x4ca3 function| _0xd016 function| DOMReady function| userinfo_rp_ip function| _0x1b8f05 function| _0x1755 function| _0x3bf1 function| process function| _0x5b9bd3 function| _0x2f82a9 function| showInPage function| clickInPage function| closePopup function| showNotifyByDelay function| isCapped function| getCookie function| setCookie function| addPopup function| getDefaultsOptions function| getTemplateInfo

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mlx.su/	1970-01-21 08:57:48	Name: stikked Value: k712notro2nnmfbvavj7f4sro1ibkbfl
			.mlx.su/	1970-01-21 18:32:22	Name: _ga_XSN8X7N395 Value: GS2.1.s1760182038$o1$g0$t1760182038$j60$l0$h0
			.mlx.su/	1970-01-21 18:32:22	Name: _ga Value: GA1.1.1712116423.1760182038

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7ool.net
analytics.google.com
fonts.gstatic.com
mlx.su
richinfo.co
static.cloudflareinsights.com
stats.g.doubleclick.net
us.convers.link
www.google.com
www.google.com.tw
www.googletagmanager.com
www.gstatic.com
us.convers.link
www.google.com
104.16.79.73
109.200.209.144
142.250.157.156
142.250.199.100
142.251.42.131
172.217.161.195
172.217.161.72
172.217.26.227
172.67.171.26
216.239.38.181
5.200.15.240
06a0bc5cd17cad5b55f7f40c8a51136b3f363a7b47cd503826b2c2e8a4c16f92
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3a53bed056cf837e2a686743d9c4f9983e69b9f3399ea140a35c14c278ce4c7b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4626b90abd24e1dea31de9b475bcce0ade73beba938b240bb12221b4dccf25d7
5d9e018de8f460789f8e0fbf454d12f0ca2857bcbbe57dc1ab3a6bb5ea044471
60870879fe9da0249afa57c27bc3e76b009269faf9d3c774d63d08bb82a0e0ad
67b66ff493322e6a29a14eb5ed5fd00f4546bafe8ccf3a60797e48639eadfac7
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
97fabc07026212b7ff5c71258933adabc66d40fbe18c58b121ca3491defa0b4a
9d5c30673aadd8731fb70c9f0e55c36599877cfbafad2eee0663b9ad9a70951f
a3c16789981b4d2b6d56e5df945e814a4a9d75e7994f8e47e9947f243cdbc012
a69deda32923c8cfc689e96fd73e1b6d9f43cfff3782f3e0802d6b9161bdffa4
b64ab41939ccce5f23275f635495e8586ec379d894d45199bbbdcc7c15b8c0b2
c32db7b04d099a77cec006a811b99040d697726093aa780db55f23ec67882282
c540d3647957bd5d975ebae4bae05836b39d9025acc2fc1d567ae0deab358d85
cc168d114c3900f0527071e85df84d79b4eaa33c87357c8b8436bb245bc87fd0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
fba1a4f972df20d5c6051fb1d2ee07e0132c98b53fec27c84c2e6b56cb1f52bd