urlscan.io logo urlscan.io
SecurityTrails logo

hikarifield.666090.xyz Open in urlscan Pro
2606:4700:3031::6815:4442  Public Scan

Go To Rescan Add Verdict Report
URL: https://hikarifield.666090.xyz/
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 9 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3031::6815:4442, located in United States and belongs to CLOUDFLARENET, US. The main domain is hikarifield.666090.xyz.
TLS certificate: Issued by E1 on April 22nd 2024. Valid for: 3 months.
This is the only time hikarifield.666090.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 163.181.92.237 24429 (TAOBAO Zh...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 203.107.86.226 37963 (ALIBABA-C...)
2 14.215.183.79 4134 (CHINANET-...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 47.106.102.174 37963 (ALIBABA-C...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 15
4    2606:4700:3031::6815:4442 (United States)

ASN13335 (CLOUDFLARENET, US)
hikarifield.666090.xyz
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    163.181.92.237 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sdk.51.la
3    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
1    203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-v6.51.la
2    14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebase.googleapis.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    47.106.102.174 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
collect-perf.51.la
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
firebaseinstallations.googleapis.com
2    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
208 KB
6 51.la
sdk.51.la — Cisco Umbrella Rank: 78995
collect-v6.51.la — Cisco Umbrella Rank: 63196
collect-perf.51.la — Cisco Umbrella Rank: 834764
47 KB
4 googleapis.com
firebase.googleapis.com — Cisco Umbrella Rank: 3899
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 580
1 KB
4 666090.xyz
hikarifield.666090.xyz
169 KB
3 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817
cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2404
304 B
2 gstatic.com
www.gstatic.com
32 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10244
12 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
197 KB
34 9
Domain Requested by
6 pagead2.googlesyndication.com hikarifield.666090.xyz
pagead2.googlesyndication.com
4 hikarifield.666090.xyz hikarifield.666090.xyz
3 sdk.51.la hikarifield.666090.xyz
sdk.51.la
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 firebaseinstallations.googleapis.com www.gstatic.com
2 collect-perf.51.la sdk.51.la
2 region1.google-analytics.com www.googletagmanager.com
2 firebase.googleapis.com www.gstatic.com
2 www.gstatic.com hikarifield.666090.xyz
2 hm.baidu.com hikarifield.666090.xyz
2 www.googletagmanager.com hikarifield.666090.xyz
www.gstatic.com
1 collect-v6.51.la sdk.51.la
1 static.cloudflareinsights.com hikarifield.666090.xyz
34 14
Subject Issuer Validity Valid
hikarifield.666090.xyz
E1		 2024-04-22 -
2024-07-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-20 -
2024-05-21		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hikarifield.666090.xyz/
Frame ID: 9A253377E33171F320113E4C1C578C1D
Requests: 29 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9669247653381980&output=html&adk=1812271804&adf=3025194257&lmt=1713784286&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhikarifield.666090.xyz%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713784285363&bpp=736&bdt=110&idt=940&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=603048846233&frm=20&pv=2&ga_vid=730319728.1713784286&ga_sid=1713784286&ga_hid=1275552427&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321865%2C95331045&oid=2&pvsid=3459490073080764&tmod=1995817340&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=975
Frame ID: 7F671C8D048A5D3324A921EFEA7264A4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 11C5F0AD14D8216B21BED3335F52B86F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HF游戏史低价格表

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

34
Requests

97 %
HTTPS

71 %
IPv6

9
Domains

14
Subdomains

15
IPs

3
Countries

673 kB
Transfer

1737 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
hikarifield.666090.xyz/ 		46 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f995affe13ee26cbedb1211d6adc0d74254908f3ef199eb8b7842dbbad6ea0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
87852c465edba05e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 22 Apr 2024 11:11:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Er9ZxVQaOiv6O%2FKtCf%2BLBK2JXVyDEhwIuIOXRr8%2FuVK1bm2pkyeZbLHDBB3aeiCPntrSebQpSNuLNFVlmY7Ad0BQwRloduX2ymT6A9Tn7M3rMlxwAWsQCRO0WCn2Nm1WBHro23rPJWHC%2F4%2BGeo3y72P6gwDg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
style.css
hikarifield.666090.xyz/static/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hikarifield.666090.xyz/static/style.css?v=1.1
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068ee8ca71b7fb1ab8cb6b5bc80becd99d2fc9df956e558a3d99ae83b678c10c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:25 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"f7f93817cd5d97153c491c65291afbb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dp0Ggnzlpyfn5SEEoLAlRT%2FDnS9ovh5lDZozd9tdlC8tkX9XtWfxOpV6iNhmrOjR4%2FvBVJeqJ52NkBPUDligMztLuwQf3oeLzOSiEPMQDgn%2FhtGgedH9bHRqYj2kaxZQ%2BmbeTmXlFfPo35X8pTUTxLH3CQxd"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87852c46df79a05e-FRA
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9669247653381980
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ec8711a27d306f051fb452558993226849fa82a3097d23a557b02f4d7765dfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Origin
https://hikarifield.666090.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50966
x-xss-protection
0
server
cafe
etag
14546991376258047986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 22 Apr 2024 11:11:25 GMT
js
www.googletagmanager.com/gtag/ 		294 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PTPWCH75PE
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f045d343f51ef096eb454df3752844cc8e5904d7ffb579a851bf1628de3229c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Apr 2024 11:11:26 GMT
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 05:53:19 GMT
via
cache15.l2de2[899,899,304-0,H], cache1.l2de2[902,0], ens-cache5.de5[0,0,200-0,H], ens-cache10.de5[0,0]
content-encoding
gzip
x-oss-request-id
661F63CF68CDBA3836F78025
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
451087
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:10:639477166
x-oss-cdn-auth
success
x-swift-savetime
Wed, 17 Apr 2024 05:53:19 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1713333199
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b55c9e17137842860604383e
x-oss-server-time
3
js-sdk-perf.min.js
sdk.51.la/perf/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/perf/js-sdk-perf.min.js
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d3016ff54f8e4330e2206e805401c5db32091aff1ec4fe4663e7436cd262423e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Origin
https://hikarifield.666090.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 09:11:39 GMT
via
cache19.l2de2[0,0,304-0,H], cache23.l2de2[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache5.de5[1,0]
content-encoding
gzip
x-oss-request-id
6624D84BE144DC3238A4106E
content-md5
s8NHADlMxkRP2CI+TvPilQ==
age
93587
x-swift-cachetime
1265324
x-cache
HIT TCP_MEM_HIT dirn:12:590516251
x-oss-cdn-auth
success
x-swift-savetime
Sun, 21 Apr 2024 17:42:55 GMT
content-length
11317
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:25:02 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1713690699
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
17785010825271957679
eagleid
a3b55c9917137842860626609e
x-oss-server-time
23
beacon.min.js
static.cloudflareinsights.com/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
gzip
last-modified
Mon, 15 Apr 2024 22:09:58 GMT
server
cloudflare
etag
W/"2024.4.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87852c4c2aed9751-FRA
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/ 		412 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9669247653381980&plah=hikarifield.666090.xyz&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9669247653381980
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c7a2a83a5749ab9cb14deda5d0e875515dbf974a29e7ab1c7bf8a939491a48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142909
x-xss-protection
0
server
cafe
etag
6334131252194712431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 22 Apr 2024 11:11:26 GMT
collect
collect-v6.51.la/v6/ 		0
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://hikarifield.666090.xyz
Date
Mon, 22 Apr 2024 11:11:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
js-sdk-event.min.js
sdk.51.la/event/ 		74 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/event/js-sdk-event.min.js?u=KPyrJ7PaGAO6zUUY
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.237 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
927638eed00ada53b754ddd8c200a30ed317d3606f5219d553b2c84eaf992041

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Origin
https://hikarifield.666090.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 10:53:22 GMT
content-encoding
gzip
via
cache12.l2de2[1427,1427,200-0,M], cache23.l2de2[1428,0], ens-cache5.de5[0,0,200-0,H], ens-cache5.de5[2,0]
x-oss-request-id
662641A2805403323128127D
content-md5
Wy2BPkv8hhmIoHgIIZm53g==
age
1084
x-swift-cachetime
1296000
x-cache
HIT TCP_HIT dirn:13:444586862
x-oss-cdn-auth
success
x-swift-savetime
Mon, 22 Apr 2024 10:53:22 GMT
content-length
21348
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:58 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1713783202
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
12997830976545422151
eagleid
a3b55c9917137842861146915e
x-oss-server-time
3
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?ba7228ac1d26d44bdb720a5c86c3636e
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
a729ceefccc55279ca76f4a30a9f06b96d2adf4aaf7d1218acf5b0a00f25a2e8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 11:11:26 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
3e9b4f06fd6760eda7cbd080c12b2dd4
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11267
Ciallo%EF%BD%9E(%E2%88%A0%E3%83%BB%CF%89%EF%BC%9C)%E2%8C%92%E2%98%86.wav
hikarifield.666090.xyz/ 		147 KB
147 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://hikarifield.666090.xyz/Ciallo%EF%BD%9E(%E2%88%A0%E3%83%BB%CF%89%EF%BC%9C)%E2%8C%92%E2%98%86.wav
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f54dc38bd5d91b47dd31efab4bf62d6403bd8b4e24bc0dd401b5ea2cee21a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://hikarifield.666090.xyz/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
DYNAMIC
etag
"b573a635b1af936230b94613f3a143d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ZVZJLMcPu%2BAqQjKNdUkBXTdM7NdN54gHjviy%2F%2Boq5A8w4bD27TXuEwIWAP3JH1JrnCCxPTWxn5mNj%2BYWA%2Bln99xvwANRK5%2BlgcXSk8SBuCkWv6SjtmVuNrwbcNWR5D%2FndvcwjEoFl7gld28Czmwkppgd6K4"}],"group":"cf-nel","max_age":604800}
content-type
audio/wav
access-control-allow-origin
*
cf-ray
87852c4c7e7fa05e-FRA
alt-svc
h3=":443"; ma=86400
content-length
150018
firebase-app.js
www.gstatic.com/firebasejs/10.11.0/ 		99 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.0/firebase-app.js
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4a24c142809dd31b40f6c2bc7ac064d370ec3ce84696ce9426f9597de16d0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Origin
https://hikarifield.666090.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22507
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 14:27:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 16:50:01 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/10.11.0/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.0/firebase-analytics.js
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b9be5798b1d7e7db9eab699a958f729c17f72fe9165fb215f053462618e78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Origin
https://hikarifield.666090.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:50:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9402
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 14:27:49 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 16:50:01 GMT
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:224708739925:web:869efaf7d54f76b517e5dc/ 		274 B
383 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:224708739925:web:869efaf7d54f76b517e5dc/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/10.11.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d62ee79f95147a071f02387f614b6b12fae7aacde54ca70321d45b1c07872f61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
accept
application/json
Referer
https://hikarifield.666090.xyz/
x-goog-api-key
AIzaSyA_hoOfl4t9JVRpX-ZFFHO4OiX8_um9Oa4
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hikarifield.666090.xyz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:224708739925:web:869efaf7d54f76b517e5dc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:224708739925:web:869efaf7d54f76b517e5dc/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://hikarifield.666090.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://hikarifield.666090.xyz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 22 Apr 2024 11:11:26 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PTPWCH75PE&gtm=45je44h0v9183327394za200&_p=1713784285372&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=730319728.1713784286&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713784286&sct=1&seg=0&dl=https%3A%2F%2Fhikarifield.666090.xyz%2F&dt=HF%E6%B8%B8%E6%88%8F%E5%8F%B2%E4%BD%8E%E4%BB%B7%E6%A0%BC%E8%A1%A8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1139
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PTPWCH75PE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 11:11:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hikarifield.666090.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
collect-perf.51.la/health/ 		0
302 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://collect-perf.51.la/health/collect
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/perf/js-sdk-perf.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.106.102.174 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://hikarifield.666090.xyz
Date
Mon, 22 Apr 2024 11:11:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
ads
pagead2.googlesyndication.com/pagead/ Frame 7F67 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9669247653381980&output=html&adk=1812271804&adf=3025194257&lmt=1713784286&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fhikarifield.666090.xyz%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713784285363&bpp=736&bdt=110&idt=940&shv=r20240417&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=603048846233&frm=20&pv=2&ga_vid=730319728.1713784286&ga_sid=1713784286&ga_hid=1275552427&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95321865%2C95331045&oid=2&pvsid=3459490073080764&tmod=1995817340&uas=0&nvt=1&fsapi=1&fc=1920&brdim=1570%2C1170%2C1570%2C1170%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=975
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9669247653381980&plah=hikarifield.666090.xyz&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hikarifield.666090.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Apr 2024 11:11:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=web_notice&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=web_notice&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 11:11:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/hikarifield-c0c8c/ 		626 B
680 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/hikarifield-c0c8c/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/10.11.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dabee0219bac1908c20824b4a856469234f296cab849608b1be769d2b81cfe95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjEwLjEgZmlyZS1jb3JlLWVzbTIwMTcvMC4xMC4xIGZpcmUtanMvIGZpcmUtanMtYWxsLWNkbi8xMC4xMS4wIGZpcmUtaWlkLzAuNi42IGZpcmUtaWlkLWVzbTIwMTcvMC42LjYgZmlyZS1hbmFseXRpY3MvMC4xMC4yIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC4xMC4yIiwiZGF0ZXMiOlsiMjAyNC0wNC0yMiJdfV19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://hikarifield.666090.xyz/
x-goog-api-key
AIzaSyA_hoOfl4t9JVRpX-ZFFHO4OiX8_um9Oa4
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hikarifield.666090.xyz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
490
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/hikarifield-c0c8c/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/hikarifield-c0c8c/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://hikarifield.666090.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://hikarifield.666090.xyz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 22 Apr 2024 11:11:26 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		294 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-PTPWCH75PE
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/10.11.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2156dd5e1e296435b0791915de9a6e7ae5da2ae9baf0ab72fcef6a9c9b41f14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100473
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 22 Apr 2024 11:11:26 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=2059481577&si=ba7228ac1d26d44bdb720a5c86c3636e&v=1.3.0&lv=1&sn=44037&r=0&ww=1600&u=https%3A%2F%2Fhikarifield.666090.xyz%2F&tt=HF%E6%B8%B8%E6%88%8F%E5%8F%B2%E4%BD%8E%E4%BB%B7%E6%A0%BC%E8%A1%A8
Requested by
Host: hikarifield.666090.xyz
URL: https://hikarifield.666090.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Mon, 22 Apr 2024 11:11:27 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240417&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9669247653381980&plah=hikarifield.666090.xyz&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bfd598d1e45b1cfcf70c0c754be08f8152b6e997a687c9e06a0578536d3d37bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12349
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 22 Apr 2024 11:11:27 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://hikarifield.666090.xyz
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87852c5489845d57-FRA
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hikarifield.666090.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://hikarifield.666090.xyz
access-control-max-age
86400
cf-ray
87852c5459475d57-FRA
content-encoding
gzip
content-type
text/plain
date
Mon, 22 Apr 2024 11:11:27 GMT
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
DENY
favicon.ico
hikarifield.666090.xyz/ 		46 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hikarifield.666090.xyz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:4442 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59f995affe13ee26cbedb1211d6adc0d74254908f3ef199eb8b7842dbbad6ea0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:27 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GvGzNP1rjcnYdfcGtn9jMlsWyZRlPHdUMp7x8Fz%2BGxmwqQ2dXWO1GbSdtKt9c3A03FRQZKa4Qjd5BYS8vB9zSAk6%2BbwwgCGDbh76Ru1t3udq2TeJacV5295DTDXevDE4thhPW91CBvvkNylqeWNoS6vLWcY%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
87852c5418dda05e-FRA
alt-svc
h3=":443"; ma=86400
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9669247653381980&plah=hikarifield.666090.xyz&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 11:11:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 22 Apr 2024 11:11:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 11C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hikarifield.666090.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
6075
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 22 Apr 2024 09:30:12 GMT
expires
Tue, 22 Apr 2025 09:30:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
collect-perf.51.la/health/ 		0
302 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://collect-perf.51.la/health/collect
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/perf/js-sdk-perf.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.106.102.174 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://hikarifield.666090.xyz
Date
Mon, 22 Apr 2024 11:11:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PTPWCH75PE&gtm=45je44h0v9183327394za200&_p=1713784285372&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=730319728.1713784286&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713784286&sct=1&seg=0&dl=https%3A%2F%2Fhikarifield.666090.xyz%2F&dt=HF%E6%B8%B8%E6%88%8F%E5%8F%B2%E4%BD%8E%E4%BB%B7%E6%A0%BC%E8%A1%A8&en=scroll&epn.percent_scrolled=90&_et=12&tfd=6167
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PTPWCH75PE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://hikarifield.666090.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 11:11:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hikarifield.666090.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240417&jk=3459490073080764&bg=!29il2JfNAAZ55ZTXWeU7ADQBe5WfOE8jM_ARIeB8qYY3ADtbNyo0q09v530V7p7VtHx7OYbU8sb8tdGxTD5J4OXCcnEaAgAAAERSAAAAA2gBB34ANees3mzLkvIg3imxmjS5_cFaOO3aSoV2qidQZ97xKXpnwgkGH3YNQf8QT0o-IOsUXdh4l1lNCgANWtq4-ShoHCgJRj9jLJkC5cclp07q0UUmxWxIlqh4zhjI530XluwhZ0msYz7uZ0kc5ZjhncRAD5RyU4RmchUyu4BCB1VjNx8rR-uiibFpW38xCJYUJC3WcXPdZlYHlRxIZvhG9BGGX6gqsB0JUm2Qnf75ZxblWwlYUQu98STzcyOoK4kHc7-RC6DzRNZRgE1bQnFFF4cSKdlP0a2cp2wcvDpziqpG_509ZJk7jjuy5CXD0bjTIuJ7CyftsYZoUy03x4YrZ4cjiWnz5aNcaO58-eO22l8G2uCP2l9lJXncNpR8wqK7Wty4gKX8xBvgNXGVHPJ7Exc3AWuwR7NPQrrQ8jpQQkCyxeGGPy2D6r7qm5HtLfTzyxELgm1irunN7hMVYUK-puhNjh0JI0JlTZA-ZtPH8ZqV8Tl8jifOSsAxfF87TslyJLu2z43dv9cM7e9dMCRXNc8xzIjfpeQ0fpzC8wP4OUs_6Ampu8R-y-5rOocKeRA4pUGwgGPRQle2d-WsGGk6mHsOeEYCiUPphamGw61lzHcumE-H7O7Tss9Ye5FWh0T72c9hFgzKcy6HHsqG-9whOSygsUafqn6UUqbag7ZxU2kCPuhhgZ1Ghwi0r-vcb3F9ZjfMk_9ba9eMUzB8pxEWDIN26gKYJU7pHI9LhN8CkH9PFo2NINKCkbEvy6FVzPR1PmqQXePciqKzCPCNur5Yp0K2vtgizbIZbVAjQFtIVS08m_JcidrC1tWqUacg4iNMTAZELlMMaIwn4EBquuCARL76glo5WlhVFCjV-OFqGEB7roQZhchLrKZ8SCnDeBb3K6Y2qeJMSn-NxpwDuOpd1OQuODYfnfB912udPwOOXSSFQrAw9Hft6C9C9imLJP4-7vKdzzsvKzksG4cwJ6xWQKb3DObMDlVuj9Qn_P2g9vT_0QDqIXoHTYU0sZp1J6oU-jZLwL5Or_ZlmvUwTYodBDhjV2AD0tEOiGLOfAwq2FgPJjoBuueTlGQPG8Ax7lib-w

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| gtag object| dataLayer object| LA number| laWaitTime object| LingQue object| _hmt function| google_spfd number| google_unique_id object| google_sv_map function| closePopup function| playAudio function| showTable function| LASel object| __cfBeacon object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| _bdhm_loaded_ba7228ac1d26d44bdb720a5c86c3636e object| mini_tangram_log_l5w1f2 object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
hikarifield.666090.xyz/ Name: __vtins__KPyrJ7PaGAO6zUUY
Value: %7B%22sid%22%3A%20%2262b4c271-073a-545f-9f75-224a93b91e69%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201713786086071%2C%20%22ct%22%3A%201713784286071%7D
hikarifield.666090.xyz/ Name: __51uvsct__KPyrJ7PaGAO6zUUY
Value: 1
hikarifield.666090.xyz/ Name: __51vcke__KPyrJ7PaGAO6zUUY
Value: 7ffc73e4-9fa3-5411-8d38-a9373d5a585c
hikarifield.666090.xyz/ Name: __51vuft__KPyrJ7PaGAO6zUUY
Value: 1713784286083
hikarifield.666090.xyz/ Name: __51huid__KPyqnoTu4SigmcaZ
Value: 1bf58788-74c7-53ad-ab4a-3d0763fdc9ea
.666090.xyz/ Name: _ga
Value: GA1.1.730319728.1713784286
.666090.xyz/ Name: _ga_PTPWCH75PE
Value: GS1.1.1713784286.1.0.1713784286.0.0.0
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F5C1937953E33BE7
.hikarifield.666090.xyz/ Name: Hm_lvt_ba7228ac1d26d44bdb720a5c86c3636e
Value: 1713784287
.hikarifield.666090.xyz/ Name: Hm_lpvt_ba7228ac1d26d44bdb720a5c86c3636e
Value: 1713784287

2 Console Messages

Source Level URL
Text
other warning URL: https://hikarifield.666090.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://hikarifield.666090.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloudflareinsights.com
collect-perf.51.la
collect-v6.51.la
firebase.googleapis.com
firebaseinstallations.googleapis.com
hikarifield.666090.xyz
hm.baidu.com
pagead2.googlesyndication.com
region1.google-analytics.com
sdk.51.la
static.cloudflareinsights.com
tpc.googlesyndication.com
www.googletagmanager.com
www.gstatic.com
pagead2.googlesyndication.com
14.215.183.79
163.181.92.237
2001:4860:4802:32::36
203.107.86.226
2606:4700:3031::6815:4442
2606:4700::6810:4f49
2a00:1450:4001:808::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
47.106.102.174
068ee8ca71b7fb1ab8cb6b5bc80becd99d2fc9df956e558a3d99ae83b678c10c
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
3c7a2a83a5749ab9cb14deda5d0e875515dbf974a29e7ab1c7bf8a939491a48d
4ec8711a27d306f051fb452558993226849fa82a3097d23a557b02f4d7765dfa
59f995affe13ee26cbedb1211d6adc0d74254908f3ef199eb8b7842dbbad6ea0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
927638eed00ada53b754ddd8c200a30ed317d3606f5219d553b2c84eaf992041
95b9be5798b1d7e7db9eab699a958f729c17f72fe9165fb215f053462618e78a
a729ceefccc55279ca76f4a30a9f06b96d2adf4aaf7d1218acf5b0a00f25a2e8
bfd598d1e45b1cfcf70c0c754be08f8152b6e997a687c9e06a0578536d3d37bb
c2156dd5e1e296435b0791915de9a6e7ae5da2ae9baf0ab72fcef6a9c9b41f14
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d3016ff54f8e4330e2206e805401c5db32091aff1ec4fe4663e7436cd262423e
d62ee79f95147a071f02387f614b6b12fae7aacde54ca70321d45b1c07872f61
dabee0219bac1908c20824b4a856469234f296cab849608b1be769d2b81cfe95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f045d343f51ef096eb454df3752844cc8e5904d7ffb579a851bf1628de3229c1
f4a24c142809dd31b40f6c2bc7ac064d370ec3ce84696ce9426f9597de16d0d7
f54dc38bd5d91b47dd31efab4bf62d6403bd8b4e24bc0dd401b5ea2cee21a1d1