gfqw53e57wrtdwrew.333121.xyz Open in urlscan Pro
185.212.57.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gfqw53e57wrtdwrew.333121.xyz/
Submission: On February 04 via api (February 4th 2024, 9:53:07 am UTC) from US — Scanned from US

Summary HTTP 170 Redirects Links 70 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 17 domains to perform 170 HTTP transactions. The main IP is 185.212.57.113, located in Osaka, Japan and belongs to IT7NET, CA. The main domain is gfqw53e57wrtdwrew.333121.xyz.
TLS certificate: Issued by R3 on February 4th 2024. Valid for: 3 months.

This is the only time gfqw53e57wrtdwrew.333121.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
100	185.212.57.113 185.212.57.113	25820 (IT7NET) (IT7NET)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c08::9b	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800b... 2620:116:800b:21:b08a:1dc5:659b:4055	14618 (AMAZON-AES) (AMAZON-AES)
1 3	108.139.47.108 108.139.47.108	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21d... 2600:9000:21dd:6400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2001	15169 (GOOGLE) (GOOGLE)
3	54.85.21.46 54.85.21.46	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f350:3:2... 2607:f350:3:2569:0:10:0:a	27630 (AS-XFERNET) (AS-XFERNET)
3	173.237.69.60 173.237.69.60	7979 (SERVERS-COM) (SERVERS-COM)
1 5	68.67.160.24 68.67.160.24	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
2 8	2607:f8b0:400... 2607:f8b0:4006:81f::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
170	22

100 185.212.57.113 (Osaka, Japan)

ASN25820 (IT7NET, CA)
PTR: 185.212.57.113.16clouds.com

gfqw53e57wrtdwrew.333121.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.47.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)

41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.85.21.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-21-46.compute-1.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f350:3:2569:0:10:0:a (United States)

ASN27630 (AS-XFERNET, US)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.237.69.60 (United States)

ASN7979 (SERVERS-COM, US)

colossusssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.24 (Jersey City, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81f::2001 (United States) 2 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
100	333121.xyz gfqw53e57wrtdwrew.333121.xyz	4 MB
15	googlesyndication.com 2 redirects 41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	331 KB
15	google.com analytics.google.com — Cisco Umbrella Rank: 154 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143	72 KB
11	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	192 KB
6	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 acdn.adnxs.com — Cisco Umbrella Rank: 598	22 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	334 KB
3	colossusssp.com colossusssp.com — Cisco Umbrella Rank: 1337	442 B
3	sonobi.com apex.go.sonobi.com — Cisco Umbrella Rank: 2202	3 KB
3	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3902	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 177	3 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	130 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1364 pixel.quantserve.com — Cisco Umbrella Rank: 1007	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 369	33 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1345	429 B
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
0	epochbase.com Failed pwe.epochbase.com Failed
170	17

	Domain	Requested by
100	gfqw53e57wrtdwrew.333121.xyz	gfqw53e57wrtdwrew.333121.xyz
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
8	tpc.googlesyndication.com	2 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	gfqw53e57wrtdwrew.333121.xyz securepubads.g.doubleclick.net www.googletagservices.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	ib.adnxs.com	1 redirects gfqw53e57wrtdwrew.333121.xyz
4	www.googletagmanager.com	gfqw53e57wrtdwrew.333121.xyz www.googletagmanager.com www.google-analytics.com
3	colossusssp.com	gfqw53e57wrtdwrew.333121.xyz
3	apex.go.sonobi.com	gfqw53e57wrtdwrew.333121.xyz
3	hb.minutemedia-prebid.com	gfqw53e57wrtdwrew.333121.xyz
3	sb.scorecardresearch.com	1 redirects gfqw53e57wrtdwrew.333121.xyz
3	analytics.google.com	www.googletagmanager.com
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	www.google.com	gfqw53e57wrtdwrew.333121.xyz tpc.googlesyndication.com
2	www.google-analytics.com	gfqw53e57wrtdwrew.333121.xyz www.google-analytics.com
1	acdn.adnxs.com	gfqw53e57wrtdwrew.333121.xyz
1	ajax.googleapis.com	securepubads.g.doubleclick.net
1	41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	gfqw53e57wrtdwrew.333121.xyz
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	gfqw53e57wrtdwrew.333121.xyz
0	d31qbv1cthcecs.cloudfront.net Failed	gfqw53e57wrtdwrew.333121.xyz
0	pwe.epochbase.com Failed	gfqw53e57wrtdwrew.333121.xyz
170	24

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
apps.apple.com
give1car.org
donate.epochtimes.com
tougao.epochtimes.com
www.theepochtimes.com
sf.epochtimes.com
zh-tw.shenyun.com
tuidang.epochtimes.com
www.shenyuncreations.com
www.facebook.com
www.youtube.com
twitter.com
www.lagranepoca.com
www.epochtimes.jp
www.epochtimes.co.kr
www.erabaru.net
www.epochtimes.fr
www.epochtimes.de
www.epochtimes.it
www.epochtimes.se
www.epochtimes.nl
www.epochtimes.ru
www.epochtimes-romania.com
www.velkaepocha.cz
www.epochtimes.cz
epochtimes.pl
epochtimestr.com
persianepochtimes.com
epochtimes.bg
etviet.com
epaper.epochtimes.com
zh-cn.shenyunperformingarts.org
www.afp.com
www.bbc.co.uk
www.cna.com.tw
big5.soundofhope.org
www.voanews.com
www.ntdtv.com
www.rfa.org
competitions.ntdtv.com
www.tiantibooks.org
www.epochweekly.com
www.tuidang.org
www.ganjing.com
www.zhuichaguoji.org
www.open.com.hk
bayvoice.net
www.bjzc.org
www.huanghuagang.org
renminbao.com
secretchina.com
www.chinaaffairs.org
weijingsheng.org
www.chenpokong.com
minghui.org
www.zhengjian.org
auto.epochtimes.com
www.wujieliulan.com
dongtaiwang.com
broadpressinc.com
fayuanbooks.com

Subject Issuer	Validity	Valid
gfqw53e57wrtdwrew.333121.xyz R3	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M02	`2023-04-09` - `2024-05-07`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.colossusssp.com Go Daddy Secure Certificate Authority - G2	`2023-09-08` - `2024-10-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://gfqw53e57wrtdwrew.333121.xyz/
Frame ID: 0CCD332CD99533BBE1EA93D45100C05E
Requests: 153 HTTP requests in this frame

Frame: https://41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BFF62418133285B74A987D8FAE293B32
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst62SH8SzaqOTxEE3iy3Z1k7zqxbJAiQVlpaaS0Teami5DV9U1-TlYTNOpHrZevCalk1Q8dfmZPnq-0za26odT87WAmuolrSguLBXU1ZD9Le29vfRaCieQvr7Yn_7sY6FEnrSclW7-NyhzjHuKJiX2H0Kqf2X8Kq5NFAOXhzWAc2U2YpwOgmKq4zjEYV12ddhHP0bUJu6g-h7Ta6ekSxFYPZD3RqBDM7gPvi2jk5-y70QmbTUJn82ZKMyvhpKfnDqxHFzpPD5lpGFWzh9h4OmMTykGS36s5KrZRXz6yNmsEC64J49ZpLKDyDn2WDnu3jvYXiiCPbDyv8kOu8ZGtYHiI-cuWIJ3ZdouoO5v_TBy6M7lxa94KCN_SMvZ04AHGU0pm5_PfpSnB5rP_MUw-XopR9-V5yrTMFW03Ldg&sai=AMfl-YRyXgkFKgym8qfuL5C3ICG5exy5SuOI9C59AxOtISrjHbETARPg-OfDNwzHo8L8sbwK9iOGdlS_TRV5K8V5GMe-h4PDMHflZc58Cztd8WOdlxPGCyXrCui8ScwXdJu3eqc6nFT809mcDPmxYyPYn04&sig=Cg0ArKJSzCkae3Op98uDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6380BA4B54CC8B9AD89F7A2756D96626
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5nlCNSFnY0CSWEeEc69cBb-IkQfIHMUVle1yzkVq1HiX0C6EZCW1SmkBYk8K_qz2bOKbvZSVl0tOHTHyJWGiCesNT5qnG_miY85QlhBOOUaL8TJOt9FHbZiiFWKdaAKW64b-aTeFfxyQNUL07PYAiplJ0-5FMrWGaWQLe4mlKs49HlOEQnZoEEiyhfrDsgE6fyvI9kn4XdgFwmzjuSwq01j90ahfHLKh8c3EuLqsPdx5-ZPT2FioqgRI9-vfsir2-ru2b6tjQ5akvQAkvnviamRGYcj3Mc3EIIaBmvzmqKzLwFAHlfnxPehykZzDhdrPoiOrFtzJkY_iu4eoFZRHqCdR1J5KS-pxIKdpi0YIr393M9FZfxnyThl0NkxlmDAzTC7M9&sai=AMfl-YS_-CyYlP0L8XCsbcjWA2QuE3F8f0YRAvX6ZotHmOb-krwu9decJFeMA2huRlC10NusEb5G2iDqgf5SkVdvebRKNuq1OEa7Guf6ydieNvXTm_XmnrXJPoItxrfB5g&sig=Cg0ArKJSzJC1-g5_1c8vEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: BC89861FFF4415D4721F1FEE9981E226
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D44DEBEAB62D7542104BF920C4FAFB4A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B93259F7108513E55B2727229D311A3E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 502BFC91F3A47D74866DDA0F9BC1C6B4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

大纪元新闻网 - 海外最大中文媒体

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

170
Requests

96 %
HTTPS

71 %
IPv6

17
Domains

24
Subdomains

22
IPs

2
Countries

5537 kB
Transfer

7121 kB
Size

18
Cookies

70 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstst3C2o0lUdJ3Cp0nyVpDa3DS6hTWwcMSpASmA9z2-IALMWQlekxJ6U2fLtnvvzOgDgz_85OGUh51QDNpba2udGEN1Kpku7c2UOEJkoR_2tYZAhfwzLIjhLMSC7ZbewVyzyeFttdLj1vuSMBlvijDuvnoKsZ4JxfoBi89Hb0wERrtWdmuF9ZJdyyDU_aBR2_7OJ-fYKXhAhQKKaAva0I5xByROCiUuvK-WuuSnR47Es_pK9QB2WUDOhG_VrvFHj0H7P0vHoy5yxS3RvuIqFsPKUXjbjZao93QLbC96wNeEuNtJVdKRx_M6q3wtWnSKjMMh0zVQHOyfYJYq4Q0EWUTajSglyDEddYNCWuYBYWrArXIPgabCYWl6H1kOga7og9p7UiL01AaXz4or&sai=AMfl-YT7OQ3hd9hqIBCdVZa3oF7RsDs38e66M7SbpWfGiGBCy-gSiwi1ui3cgHDg3CJmB3BMx72BVOL4feVCVnBgvlthshHR2GHMo-1-j3vLwjbscjNlzUqLY3VX8CtTX5tZcq65ySelllOkYQwqpW6dD74&sig=Cg0ArKJSzC_o7LI-vYFPEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=https://zh-tw.shenyun.com/?tb=1&utm_source=DJY/NTD&utm_medium=BrotherMedia&utm_campaign=SY24&utm_content=Branding

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/epoch-times/id498375992
Title: 移动端App

Search URL Search Domain Scan URL

URL: https://give1car.org/
Title: 捐车

Search URL Search Domain Scan URL

URL: https://donate.epochtimes.com/?utm_medium=epochtimes&utm_source=referral&utm_campaign=donate_button_djyhomepage
Title: 捐款

Search URL Search Domain Scan URL

URL: https://tougao.epochtimes.com/tougao.php
Title: 投稿

Search URL Search Domain Scan URL

URL: https://www.theepochtimes.com/

Search URL Search Domain Scan URL

URL: https://sf.epochtimes.com/
Title: 旧金山

Search URL Search Domain Scan URL

URL: https://zh-tw.shenyun.com/tickets
Title: 订票

Search URL Search Domain Scan URL

URL: https://tuidang.epochtimes.com/
Title: 退出中共党、团、队总人数:

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/zh_tw?sort=best_sales
Title: 最多购买

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/zh_tw?sort=latest
Title: 最新

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/zh_tw?sort=paid
Title: 付费点播

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/zh_tw?sort=free
Title: 免费观看

Search URL Search Domain Scan URL

URL: https://www.facebook.com/djy.news/
Title: 大纪元脸书

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAk-SBMZp79a4k2CAqqoDLQ?sub_confirmation=1
Title: 大纪元Youtube

Search URL Search Domain Scan URL

URL: https://twitter.com/dajiyuan
Title: 大纪元推特

Search URL Search Domain Scan URL

URL: https://www.lagranepoca.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://www.epochtimes.jp/
Title: Japanese

Search URL Search Domain Scan URL

URL: https://www.epochtimes.co.kr/
Title: Korean

Search URL Search Domain Scan URL

URL: https://www.erabaru.net/
Title: Indonesian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.fr/
Title: French

Search URL Search Domain Scan URL

URL: https://www.epochtimes.de/
Title: German

Search URL Search Domain Scan URL

URL: https://www.epochtimes.it/
Title: Italian

Search URL Search Domain Scan URL

URL: https://www.epochtimes.se/
Title: Swedish

Search URL Search Domain Scan URL

URL: https://www.epochtimes.nl/
Title: Dutch

Search URL Search Domain Scan URL

URL: https://www.epochtimes.ru/
Title: Russian

Search URL Search Domain Scan URL

URL: https://www.epochtimes-romania.com/
Title: Romanian

Search URL Search Domain Scan URL

URL: https://www.velkaepocha.cz/
Title: Czech

Search URL Search Domain Scan URL

URL: https://www.epochtimes.cz/
Title: Slovak

Search URL Search Domain Scan URL

URL: https://epochtimes.pl/
Title: Polish

Search URL Search Domain Scan URL

URL: https://epochtimestr.com/
Title: Turkish

Search URL Search Domain Scan URL

URL: https://persianepochtimes.com/
Title: Persian

Search URL Search Domain Scan URL

URL: https://epochtimes.bg/
Title: Bulgarian

Search URL Search Domain Scan URL

URL: https://etviet.com/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://epaper.epochtimes.com/
Title: 各地报纸

Search URL Search Domain Scan URL

URL: https://tougao.epochtimes.com/tougao_gb.php
Title: 投稿中心

Search URL Search Domain Scan URL

URL: https://donate.epochtimes.com/?utm_medium=epochtimes&utm_source=referral&utm_campaign=donate_others
Title: 捐助大纪元

Search URL Search Domain Scan URL

URL: https://zh-cn.shenyunperformingarts.org/
Title: 神韵艺术团

Search URL Search Domain Scan URL

URL: https://www.afp.com/
Title: 法新社

Search URL Search Domain Scan URL

URL: https://www.bbc.co.uk/chinese/
Title: BBC

Search URL Search Domain Scan URL

URL: https://www.cna.com.tw/
Title: 中央社

Search URL Search Domain Scan URL

URL: https://big5.soundofhope.org/
Title: 希望之声

Search URL Search Domain Scan URL

URL: https://www.voanews.com/
Title: 美国之音

Search URL Search Domain Scan URL

URL: https://www.ntdtv.com/
Title: 新唐人中文电视台

Search URL Search Domain Scan URL

URL: https://www.rfa.org/service/index.html?service=man
Title: 自由亚洲电台

Search URL Search Domain Scan URL

URL: https://competitions.ntdtv.com/?lang=zh-hant
Title: 新唐人全球系列大赛

Search URL Search Domain Scan URL

URL: https://www.tiantibooks.org/
Title: 天梯书店

Search URL Search Domain Scan URL

URL: https://www.epochweekly.com/
Title: 新纪元周刊

Search URL Search Domain Scan URL

URL: https://www.tuidang.org/
Title: 全球退党服务中心

Search URL Search Domain Scan URL

URL: https://www.ganjing.com/zh-TW/channel/1eiqjdnq7gozJ9BKZeWTfN1061tn0c?tab=home
Title: 新世纪影视

Search URL Search Domain Scan URL

URL: https://www.zhuichaguoji.org/
Title: 追查国际

Search URL Search Domain Scan URL

URL: https://www.open.com.hk/
Title: 开放

Search URL Search Domain Scan URL

URL: https://bayvoice.net/
Title: Bay Voice

Search URL Search Domain Scan URL

URL: https://www.bjzc.org/
Title: 北京之春

Search URL Search Domain Scan URL

URL: https://www.huanghuagang.org/
Title: 黄花岗

Search URL Search Domain Scan URL

URL: https://renminbao.com/
Title: 人民报

Search URL Search Domain Scan URL

URL: https://secretchina.com/
Title: 看中国

Search URL Search Domain Scan URL

URL: https://www.chinaaffairs.org/
Title: 中国事务

Search URL Search Domain Scan URL

URL: https://weijingsheng.org/
Title: 魏京生基金会

Search URL Search Domain Scan URL

URL: https://www.chenpokong.com/
Title: 陈破空网站

Search URL Search Domain Scan URL

URL: https://minghui.org/
Title: 明慧网

Search URL Search Domain Scan URL

URL: https://www.zhengjian.org/
Title: 正见网

Search URL Search Domain Scan URL

URL: https://www.zhengjian.org/qingliu/
Title: 清流

Search URL Search Domain Scan URL

URL: https://auto.epochtimes.com/
Title: 大纪元汽车网

Search URL Search Domain Scan URL

URL: https://www.wujieliulan.com/
Title: 无界网

Search URL Search Domain Scan URL

URL: https://dongtaiwang.com/
Title: 动态网

Search URL Search Domain Scan URL

URL: https://broadpressinc.com/
Title: 博大出版社

Search URL Search Domain Scan URL

URL: https://fayuanbooks.com/zh
Title: 法源书店

Search URL Search Domain Scan URL

URL: https://www.shenyuncreations.com/
Title: 神韵作品

Search URL Search Domain Scan URL

URL: https://www.ganjing.com/
Title: 干净世界

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 117

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&c9=

Request Chain 148

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOClw_rwIhDGAxiEBygBMgjjfAE6yDD69A HTTP 301
https://tpc.googlesyndication.com/pimgad/14257968338064699685

Request Chain 149

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOClw6b4RBDGAxiEBygBMgh-XCyaxc7A7Q HTTP 301
https://tpc.googlesyndication.com/pimgad/12743946288747225734

Request Chain 169

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

170 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gfqw53e57wrtdwrew.333121.xyz/ 124 KB
125 KB 831ms
407ms Document
text/html 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

9c13eaf76ba825dda7263732f01864f199f4f9175e15fe574a0a0af53085298c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=120
content-type: text/html; charset=utf-8
date: Sun, 04 Feb 2024 09:52:59 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding, User-Agent
via: 1.1 google

GET
H2 200 style.css
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/ 2 KB
2 KB 421ms
418ms Stylesheet
text/css 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/style.css?ver=20150811

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

05417f5788e5c1b4f57230889c7df961b15013f115c3c14465cf5bf8b768d06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: text/css
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jquery.bxslider.css
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/ 4 KB
4 KB 426ms
425ms Stylesheet
text/css 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

0edcbd1b39fe4ba598b92c95e446aa270a9da471f1e8f44458392d7ca49acddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: text/css
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 front-page.css
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/ 44 KB
44 KB 467ms
466ms Stylesheet
text/css 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

6cf3bda025c05a7248275dedf60542d3bd626475a09725034c21094458c0f0e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: text/css
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 149ms
82ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64JWG501SB

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

886d29de325be6cf49727207fbe27ba5d9efda4856afa710d41ffab472522862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93768
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:53:00 GMT

GET
H2 200 goto_EET.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 5 KB
5 KB 516ms
515ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/goto_EET.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

2991b9f00d1f1c62882436a630a60046647620e0d100acfb1980f81304e88678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 DJY-Web-Logo-new.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/ 8 KB
8 KB 516ms
515ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/DJY-Web-Logo-new.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

1ec709a9c70d7ee9e0a06cebe1288aa688cd52476344c49145a343ac34a952b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 id14172853-cd2df69a5d707d18e7a7e3d1a0e30b9d-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 21 KB
22 KB 219ms
201ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172853-cd2df69a5d707d18e7a7e3d1a0e30b9d-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 47f881f383a9ef85be7f71da5bfecfcb3e187de1013cc5d1f3c43f672db1e593

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21669
last-modified: Sat, 03 Feb 2024 21:49:03 GMT
server: nginx
etag: "65beb4cf-54a5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31531257
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 02:56:18 GMT

GET
H2 200 id14172816-GettyImages-1975035525-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 22 KB
22 KB 234ms
217ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172816-GettyImages-1975035525-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: fd0761bf8202578ec81c53e9cae37ff756ad93926f4c9cee412536d551946a72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22097
last-modified: Sat, 03 Feb 2024 16:44:34 GMT
server: nginx
etag: "65be6d72-5651"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31503039
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 19:06:00 GMT

GET
H2 200 id14172810-9_2024_02_03_078062fd874471fe780825a8-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 17 KB
18 KB 251ms
234ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172810-9_2024_02_03_078062fd874471fe780825a8-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 1e79d2402267a5e8fe92a6337ef90c36b8ab120f1c6697cc72671d92e936c6f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 17668
last-modified: Sat, 03 Feb 2024 15:47:58 GMT
server: nginx
etag: "65be602e-4504"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31502717
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 19:00:38 GMT

GET
H2 200 60518203801228-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2006/05/ 28 KB
28 KB 413ms
395ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2006/05/60518203801228-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 4eaa8438c07632380977c91cf78f0bf8e0ec73588d1a35933be3f4d488ed51cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28209
last-modified: Sat, 03 Dec 2016 04:23:30 GMT
server: nginx
etag: "584248c2-6e31"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31499242
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 18:02:43 GMT

GET
H2 200 fu-pen-zi-3-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2018/03/ 28 KB
29 KB 434ms
416ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2018/03/fu-pen-zi-3-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 4b4ca32a6d4513a2f2742fcf565439e234377c88a64b87ac4baba562f0e9ce7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28868
last-modified: Sat, 17 Mar 2018 16:37:03 GMT
server: nginx
etag: "5aad442f-70c4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30282755
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 19 Jan 2025 16:07:56 GMT

GET
H2 200 id14172806-240203040835100815-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 42 KB
43 KB 454ms
437ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172806-240203040835100815-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: e45b7bfb3ff10a1556d9b08cf7f6f1f9ca9f70ccc8a72c195ace8fcd0aa2bd98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 42980
last-modified: Sat, 03 Feb 2024 15:36:31 GMT
server: nginx
etag: "65be5d7f-a7e4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31513953
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 22:07:54 GMT

GET
H2 200 id14172711-GettyImages-1981987500-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 24 KB
25 KB 486ms
469ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172711-GettyImages-1981987500-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 0b244b74f681eb689659450386cf3cadca53c9611d7d0a3e2e39b6360812c5b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 24953
last-modified: Sat, 03 Feb 2024 11:50:22 GMT
server: nginx
etag: "65be287e-6179"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31482703
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 13:27:04 GMT

GET
H2 200 id14172716-2402022309101160-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 36 KB
37 KB 506ms
488ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172716-2402022309101160-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: ed99e545e16e2cd1e7d67b70aac5b1432324431099bce04e4ceb8bed2947044e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 36882
last-modified: Sat, 03 Feb 2024 12:01:37 GMT
server: nginx
etag: "65be2b21-9012"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31486836
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 14:35:57 GMT

GET
H2 200 GettyImages-121341976-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2020/12/ 21 KB
21 KB 533ms
517ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2020/12/GettyImages-121341976-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8ed51ce32b1ad1012dce058b04c74f77abe9ceac12707e4ab604ec305c616026

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21410
last-modified: Tue, 08 Dec 2020 05:37:57 GMT
server: nginx
etag: "5fcf1135-53a2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31473079
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 10:46:40 GMT

GET
H2 200 id14171843-171945-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 35 KB
36 KB 543ms
527ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171843-171945-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: cadc8afd723351aa5eac193efc00afdaf9c0aebdc8aeb8594c21686138e5084e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 35890
last-modified: Fri, 02 Feb 2024 04:42:06 GMT
server: nginx
etag: "65bc729e-8c32"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31371351
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 06:31:13 GMT

GET
H2 200 id14168466-240128063145100311-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 86 KB
86 KB 563ms
547ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14168466-240128063145100311-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: cc80172a4f45453a207a3831b07afa112404cf31dacd143dffe6c57a02e545a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 87820
last-modified: Sun, 28 Jan 2024 17:52:01 GMT
server: nginx
etag: "65b69441-1570c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30996530
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 27 Jan 2025 22:24:12 GMT

GET
H2 200 id14134489-GettyImages-1806662553-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/12/ 51 KB
52 KB 605ms
589ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/12/id14134489-GettyImages-1806662553-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: cd089c8a847531484bdd0f9fa8542d9c6b68b7cb8f697279fe9c710102132b25

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 52473
last-modified: Tue, 12 Dec 2023 02:17:20 GMT
server: nginx
etag: "6577c2b0-ccf9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31165843
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Wed, 29 Jan 2025 21:26:05 GMT

GET
H2 200 shenyun_creation_sidebar.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 17 KB
17 KB 621ms
605ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/shenyun_creation_sidebar.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

e8cbf534350e2190f34aa56f17a26015db1e60660aba8a25bd9a9ed860d8393f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 id14171525-TrialbyFire2016_DJY-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 37 KB
38 KB 626ms
611ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171525-TrialbyFire2016_DJY-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: b8ae7df54fba766f410b953120a948abe6213c828a431e2cbe3eb46b94b40c96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 38313
last-modified: Thu, 01 Feb 2024 19:19:16 GMT
server: nginx
etag: "65bbeeb4-95a9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31345403
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 23:18:45 GMT

GET
H2 200 id14169225-2023MusicCompetitionP1Feb3_DJY-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 20 KB
20 KB 638ms
623ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14169225-2023MusicCompetitionP1Feb3_DJY-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: fa870c8ca3d2142cc88da808b4bccea0e8aeafb575954de35779aea2064c14e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 20394
last-modified: Mon, 29 Jan 2024 17:35:09 GMT
server: nginx
etag: "65b7e1cd-4faa"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31085944
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Tue, 28 Jan 2025 23:14:26 GMT

GET
H2 200 id13614877-SYO_ButterflyLoversConcerto_1200x800-CN-320x200.png
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/03/ 106 KB
106 KB 645ms
630ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/03/id13614877-SYO_ButterflyLoversConcerto_1200x800-CN-320x200.png
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2f867a99544bb377adb146ff1c58c35dc658988619609110b0c0c941dabe794a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 108202
last-modified: Tue, 01 Mar 2022 23:43:13 GMT
server: nginx
etag: "621eaf91-1a6aa"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/png
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30716905
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 24 Jan 2025 16:51:05 GMT

GET
H2 200 santui_gb.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 3 KB
3 KB 685ms
670ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/santui_gb.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

62302abdcbce8dcca1fd2bd9e2b7eb48d71553558f6413b7cd502b38bad7ecc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 id13975897-jingwen-20230121.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/04/ 12 KB
13 KB 686ms
672ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/04/id13975897-jingwen-20230121.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: ecd2f46fc0b176bf20b4a32e4c4cfbb31e8216f0418b3972cff424b5c3d7acc9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 12306
last-modified: Tue, 18 Apr 2023 20:31:27 GMT
server: nginx
etag: "643efe1f-3012"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=28893474
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 03 Jan 2025 14:13:16 GMT

GET
H2 200 id14162642-959e017c3d9c987ca9b10c4c-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 41 KB
42 KB 687ms
673ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14162642-959e017c3d9c987ca9b10c4c-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8f3316d46980c2d27eaa4b8e7b3646005f2b0fba6dfca4a03e95b2cd73e1dba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 42152
last-modified: Sat, 20 Jan 2024 09:46:22 GMT
server: nginx
etag: "65ab966e-a4a8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31522927
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 00:37:29 GMT

GET
H2 200 getCollectionImage-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2012/08/ 19 KB
19 KB 697ms
682ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2012/08/getCollectionImage-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 53ead8694434e3292e1f931031280ee25caa0deab9e8a24acc941343c9ea77c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 19375
last-modified: Thu, 29 Nov 2018 09:45:42 GMT
server: nginx
etag: "5bffb546-4baf"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31524043
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 00:56:05 GMT

GET
H2 200 170404041942100649-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2017/04/ 44 KB
45 KB 703ms
688ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2017/04/170404041942100649-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 0db60963071f8a9f6820d6979b98f4a620501b17bc0db21574f0ff2848357128

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 45497
last-modified: Thu, 06 Apr 2017 02:15:24 GMT
server: nginx
etag: "58e5a4bc-b1b9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31437021
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 00:45:43 GMT

GET
H2 200 id14067704-Tangren-Shiyi-Tuce-Part-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/09/ 12 KB
13 KB 716ms
702ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/09/id14067704-Tangren-Shiyi-Tuce-Part-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 476801e54431006ac7f5c4f60ddfe538a9070cba85bae93ba209daaf3c2ae768

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 12506
last-modified: Wed, 31 Jan 2024 13:37:32 GMT
server: nginx
etag: "65ba4d1c-30da"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31436975
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 00:44:57 GMT

GET
H2 200 id14171817-1200x800-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 83 KB
84 KB 721ms
707ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171817-1200x800-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: ceca67197f34f7ec6d1064515315e0130d50b0946f59f6b0a3599e0eb8532246

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 85287
last-modified: Fri, 02 Feb 2024 04:19:34 GMT
server: nginx
etag: "65bc6d56-14d27"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31395219
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 13:16:19 GMT

GET
H2 200 id14170547-shutterstock_1577557741-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 28 KB
29 KB 747ms
733ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14170547-shutterstock_1577557741-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 4d8b96fd8018098b2c52871632ce557c57640a4c4a2a1e1640b0ad1986834704

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28642
last-modified: Wed, 31 Jan 2024 14:07:49 GMT
server: nginx
etag: "65ba5435-6fe2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31351283
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 00:56:45 GMT

GET
H2 200 id14163941-b3c408b5ced0f332cac06028-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 46 KB
46 KB 755ms
742ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14163941-b3c408b5ced0f332cac06028-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2c13f2247ec216f0dfc6e16757a7c9e96b0e05e47a8f08e2f38a9ae099ba9c8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 46737
last-modified: Mon, 22 Jan 2024 07:00:10 GMT
server: nginx
etag: "65ae127a-b691"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30491817
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Wed, 22 Jan 2025 02:12:19 GMT

GET
H2 200 shutterstock_659620672-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2008/07/ 25 KB
25 KB 768ms
755ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2008/07/shutterstock_659620672-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: c6db5f8b45466ef2ece903bd6be1558d23ef900cacbc342090fb3c226a643417

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 25427
last-modified: Sun, 28 Jan 2024 02:37:53 GMT
server: nginx
etag: "65b5be01-6353"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31268572
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 01:58:14 GMT

GET
H2 200 id14172892-GettyImages-1901392373_light-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 27 KB
28 KB 776ms
762ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172892-GettyImages-1901392373_light-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2c8b89f4ea1558eaec0058fb1ab58966eda4bdacb1efeaa49767da26b0e49265

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28156
last-modified: Sat, 03 Feb 2024 23:43:31 GMT
server: nginx
etag: "65becfa3-6dfc"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31533034
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 05:20:27 GMT

GET
H2 200 shenyuncreation.jpg
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 14 KB
14 KB 783ms
770ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/shenyuncreation.jpg

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

35ec416adfcc6936b9a466977a849b57bce0da4903bf3f2dfd395b5e08567edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/jpeg

GET
H2 200 id14164311-EchoesOfBambooGrove_DJY-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 1002 KB
1004 KB 784ms
771ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14164311-EchoesOfBambooGrove_DJY-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8b3303eef9339a5594bb7cb3eba6a34a1761c0f76edfd8ec408785c85aca62be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 1026215
last-modified: Mon, 22 Jan 2024 18:08:53 GMT
server: nginx
etag: "65aeaf35-fa8a7"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30481272
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Tue, 21 Jan 2025 23:16:34 GMT

GET
H2 200 id14161535-DanceExamUF2023Fall07G_DJY-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 29 KB
30 KB 784ms
771ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14161535-DanceExamUF2023Fall07G_DJY-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 15a7dbf894becd94a18c38329334acd434fbcf34321da85d408da383e31a696a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 30128
last-modified: Thu, 18 Jan 2024 22:30:39 GMT
server: nginx
etag: "65a9a68f-75b0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30135733
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 17 Jan 2025 23:17:35 GMT

GET
H2 200 id13484224-tianli_EP02_1200x800-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/01/ 22 KB
23 KB 788ms
775ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/01/id13484224-tianli_EP02_1200x800-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 31dfde66f6e0748aa68bd6c4c36a21a0e1fe31cfb63e23e5dc5209138032e6f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22637
last-modified: Wed, 05 Jan 2022 16:52:56 GMT
server: nginx
etag: "61d5cce8-586d"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=29889392
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Wed, 15 Jan 2025 02:51:54 GMT

GET
H2 200 id13605952-Kangxi-1200x800-320x200.png
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/02/ 117 KB
118 KB 788ms
776ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/02/id13605952-Kangxi-1200x800-320x200.png
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 9c9a8c41e3d37f2d439a246839fefca0ccbc35c93429d0d01761d1a911fb6538

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 119623
last-modified: Fri, 25 Feb 2022 22:52:28 GMT
server: nginx
etag: "62195dac-1d347"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/png
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=29507574
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 10 Jan 2025 16:48:16 GMT

GET
H2 200 id14153999-23WinterDanceExam07M_DJY-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 29 KB
30 KB 789ms
776ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14153999-23WinterDanceExam07M_DJY-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 0c2c30869917384de0deb1fde03f8308d26f684288fe1484c5a36088ad2aca97

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 29752
last-modified: Mon, 08 Jan 2024 20:10:32 GMT
server: nginx
etag: "659c56b8-7438"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=29271676
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Tue, 07 Jan 2025 23:16:38 GMT

GET
H2 200 id13885544-brain-health-e1664081014350-870x522-600x400.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/12/ 57 KB
57 KB 789ms
776ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/12/id13885544-brain-health-e1664081014350-870x522-600x400.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 25abc3ffee8ee9c6ee191c6c578b5ea8f04fa2fe388e74fbe56f7660119547b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 58119
last-modified: Thu, 15 Dec 2022 13:15:53 GMT
server: nginx
etag: "639b1e09-e307"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31528389
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 02:08:31 GMT

GET
H2 200 id14170705-5-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 17 KB
18 KB 789ms
777ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14170705-5-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 7904a02c69c789577edace1533e1d0d8666c4b6a68f72fb68f1cd8abf902413f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 17502
last-modified: Wed, 31 Jan 2024 21:16:15 GMT
server: nginx
etag: "65bab89f-445e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31408249
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 16:46:11 GMT

GET
H2 200 id14165883-2-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 19 KB
20 KB 790ms
777ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14165883-2-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 289607d3a3ba7d0fad07357627c485f6d46cda6540230071baaab660953ebb26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 19602
last-modified: Tue, 30 Jan 2024 18:46:50 GMT
server: nginx
etag: "65b9441a-4c92"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31200497
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 30 Jan 2025 07:03:39 GMT

GET
H2 200 id13667538-546448-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/03/ 45 KB
46 KB 790ms
778ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/03/id13667538-546448-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: a65acb197f3f9ba9526eb97da1d73ba15636c98d1626b67694484d6fa965c5be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 46065
last-modified: Wed, 23 Mar 2022 11:40:43 GMT
server: nginx
etag: "623b073b-b3f1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31420834
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 20:15:56 GMT

GET
H2 200 id14172313-c51cf29635291013d1a0922cab8b7a92-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 22 KB
22 KB 790ms
778ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172313-c51cf29635291013d1a0922cab8b7a92-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8247f4c31eaef5d9b2eb65b76989b0b72086a506a2388b8599d93399c2444e5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22187
last-modified: Fri, 02 Feb 2024 17:49:12 GMT
server: nginx
etag: "65bd2b18-56ab"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31412461
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 17:56:23 GMT

GET
H2 200 id14171641-240130-N-VX158-1171-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 34 KB
35 KB 790ms
778ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171641-240130-N-VX158-1171-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 1a1ec960a3de19591abac31002490cf37d41c25de15fdc63728083e1854750b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 34745
last-modified: Fri, 02 Feb 2024 00:42:38 GMT
server: nginx
etag: "65bc3a7e-87b9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31373654
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 07:09:36 GMT

GET
H2 200 id14171453-1200-800-max-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 17 KB
17 KB 790ms
779ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171453-1200-800-max-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: af206d2be7a405978079c4970d44291eb7105371eed3e16099993676e1c70a91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 17065
last-modified: Thu, 01 Feb 2024 16:11:56 GMT
server: nginx
etag: "65bbc2cc-42a9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31328657
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 18:39:39 GMT

GET
H2 200 id14171084-074ab1c5f117738c5e5566f2f623a7d1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 28 KB
28 KB 791ms
779ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171084-074ab1c5f117738c5e5566f2f623a7d1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 1373052324847a6fc9a79931da12355e39ab3294f3f773f033ee961149b962a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28245
last-modified: Thu, 01 Feb 2024 07:46:12 GMT
server: nginx
etag: "65bb4c44-6e55"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31309206
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 13:15:28 GMT

GET
H2 200 id14170626-4547b1192986e7368ae5cfee14ae00c7-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 20 KB
21 KB 791ms
779ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14170626-4547b1192986e7368ae5cfee14ae00c7-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2f432263e9edb45f9067315059af9bfbeb9b2b835c54c2648da2da4e8aa188ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 20816
last-modified: Wed, 31 Jan 2024 17:27:58 GMT
server: nginx
etag: "65ba831e-5150"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31238229
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 30 Jan 2025 17:32:31 GMT

GET
H2 200 id14172519-shutterstock_2028576938-600x400.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 53 KB
53 KB 791ms
780ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172519-shutterstock_2028576938-600x400.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: eef24b0333461a84329201f46868af4f76a3c2036033d7b2189a2216ba28d647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 54005
last-modified: Sat, 03 Feb 2024 04:06:03 GMT
server: nginx
etag: "65bdbbab-d2f5"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31449945
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 04:21:07 GMT

GET
H2 200 id14074876-e06c4ae92fa8f6d1d2758ef216bf15a3-320x200.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/09/ 29 KB
30 KB 791ms
780ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/09/id14074876-e06c4ae92fa8f6d1d2758ef216bf15a3-320x200.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 706db5478b9dd62ff49a9a4348b5eb9fdd87de71614ef7cab7b1f690c059b485

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 29673
last-modified: Sat, 16 Sep 2023 06:34:45 GMT
server: nginx
etag: "65054c85-73e9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31299690
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 10:36:52 GMT

GET
H2 200 id14169630-5e5d41cd85cda9bb502cfdbbf089667b-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 22 KB
22 KB 792ms
781ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14169630-5e5d41cd85cda9bb502cfdbbf089667b-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: f2e3dfc39c96d89003bcb37bf6d9fe032d3af583001867894dabeb42e3d49e77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22092
last-modified: Tue, 30 Jan 2024 07:51:25 GMT
server: nginx
etag: "65b8aa7d-564c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31268586
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 01:58:28 GMT

GET
H2 200 id13742367-Webbanner-Shenyuncreations-1.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/05/ 11 KB
12 KB 792ms
781ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/05/id13742367-Webbanner-Shenyuncreations-1.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 504f0284aaac7aa2a77927fa81ff61f926b42aee61ef75c918833ee0d0116286

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 11298
last-modified: Sat, 21 May 2022 20:35:44 GMT
server: nginx
etag: "62894d20-2c22"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=29186438
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 06 Jan 2025 23:36:00 GMT

GET
H2 200 id13714562-WebBanner-Hanxin.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/04/ 14 KB
14 KB 792ms
781ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/04/id13714562-WebBanner-Hanxin.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: c94189ad106d4f44f6460455df3accaf4f390cd12cdd6b05061c07f056260e6d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 14150
last-modified: Mon, 18 Apr 2022 12:38:53 GMT
server: nginx
etag: "625d5bdd-3746"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=28028284
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Tue, 24 Dec 2024 13:53:26 GMT

GET
H2 200 id14168918-Bok-Choy-with-Chili-Garlic-Sauce-YT-CC-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 29 KB
30 KB 792ms
782ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14168918-Bok-Choy-with-Chili-Garlic-Sauce-YT-CC-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 9dc9a4d13ffb75ca938a1fcd4eb9577c522734e6232e1f0c747d6a351600c908

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 29801
last-modified: Wed, 31 Jan 2024 04:51:19 GMT
server: nginx
etag: "65b9d1c7-7469"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31192597
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 30 Jan 2025 04:51:59 GMT

GET
H2 200 id14168885-Sweet-Potato-Spring-Rolls-YT-CC-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 22 KB
22 KB 792ms
782ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14168885-Sweet-Potato-Spring-Rolls-YT-CC-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 03d9db5d663cff74e66c161a531c3ac77d8297a7520f5df86321e37a0720bd2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22419
last-modified: Tue, 30 Jan 2024 02:35:31 GMT
server: nginx
etag: "65b86073-5793"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31097973
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Wed, 29 Jan 2025 02:34:55 GMT

GET
H2 200 id14166738-1200x800-2-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 79 KB
80 KB 793ms
782ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14166738-1200x800-2-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8942752de979ad99f6dfed5d8cdc3be1309a11665f29d1b1ed7ddffba5309f32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 81138
last-modified: Fri, 26 Jan 2024 01:46:44 GMT
server: nginx
etag: "65b30f04-13cf2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30790733
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 25 Jan 2025 13:14:15 GMT

GET
H2 200 id14164301-1200x800-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 77 KB
78 KB 793ms
783ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14164301-1200x800-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2fc3865310007ea35b10083dd9861d82bcbf791210bdb09ce492a61ee708c263

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 79074
last-modified: Mon, 22 Jan 2024 17:46:36 GMT
server: nginx
etag: "65aea9fc-134e2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30617733
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 23 Jan 2025 13:10:55 GMT

GET
H2 200 id14163944-Rose-Potstickers-YT-CC-3-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 22 KB
22 KB 793ms
783ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14163944-Rose-Potstickers-YT-CC-3-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2e6c63708752dbf7f707681c0adbebd71f71a36b59e87661548483381360e2d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 22433
last-modified: Tue, 23 Jan 2024 00:13:42 GMT
server: nginx
etag: "65af04b6-57a1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30484838
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Wed, 22 Jan 2025 00:16:00 GMT

GET
H2 200 id14172846-130717203758100486-600x400.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 42 KB
43 KB 793ms
784ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172846-130717203758100486-600x400.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: c2cf91eac95f6c162b1185664651944b26f557135793c1e8119cc58068877697

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 43467
last-modified: Sat, 03 Feb 2024 21:03:22 GMT
server: nginx
etag: "65beaa1a-a9cb"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31519795
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 23:45:17 GMT

GET
H2 200 id14172832-zheng-qitai-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 18 KB
18 KB 794ms
784ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172832-zheng-qitai-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 284b09a38fcf6c30b7dec94dd070ebbabd40817026f72c150915560aa946d5fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 17940
last-modified: Sat, 03 Feb 2024 19:13:20 GMT
server: nginx
etag: "65be9050-4614"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31504397
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 19:28:39 GMT

GET
H2 200 id14028631-GettyImages-1446781458-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/ 29 KB
29 KB 794ms
784ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/id14028631-GettyImages-1446781458-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: d3045a1e8670f9d4f455c7b45f6a550a417f2eae7ce7ad488f6e0c0e0953d017

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 29375
last-modified: Wed, 05 Jul 2023 07:07:56 GMT
server: nginx
etag: "64a516cc-72bf"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31457834
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 08:27:05 GMT

GET
H2 200 id13744695-Fotolia_10285220_Subscription_L-600x400.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/05/ 59 KB
59 KB 855ms
846ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/05/id13744695-Fotolia_10285220_Subscription_L-600x400.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 30f1504bc57465adb3625d048fe4b5abd6b8f088009e7f622161e2aeb070da05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 60243
last-modified: Wed, 25 May 2022 04:14:29 GMT
server: nginx
etag: "628dad25-eb53"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31534887
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 09:34:27 GMT

GET
H2 200 id13823974-shutterstock_1836578008-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/09/ 21 KB
21 KB 856ms
846ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/09/id13823974-shutterstock_1836578008-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 367363c39c147ff3a7b117e6611daae47bf0cc61748085585d1a04f82d8ede07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21061
last-modified: Sun, 04 Feb 2024 07:05:43 GMT
server: nginx
etag: "65bf3747-5245"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31526942
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 07:22:02 GMT

GET
H2 200 id14168948-P.12-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 21 KB
21 KB 794ms
785ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14168948-P.12-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 9e85fda8c0c7540e4b32b7c91531f76915cd676b730a353f9e1eafbf97a20926

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21161
last-modified: Mon, 29 Jan 2024 09:50:19 GMT
server: nginx
etag: "65b774db-52a9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31515319
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 00:26:06 GMT

GET
H2 200 id14029269-155079-320x200.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/ 9 KB
9 KB 794ms
785ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/id14029269-155079-320x200.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 40c12812fda95258d129cd6a4cd0bf60d620b0df3aca7fe288ef416f69e58c3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 9020
last-modified: Thu, 06 Jul 2023 03:48:46 GMT
server: nginx
etag: "64a6399e-233c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31214970
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 30 Jan 2025 11:04:52 GMT

GET
H2 200 id14172773-Screenshot-2024-02-03-221401-320x200.png
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 103 KB
103 KB 794ms
786ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172773-Screenshot-2024-02-03-221401-320x200.png
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 60660bf6191b7246ad9f5784285b16dfc3f50ae9fec2e0ad9b09869ba3706271

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 105020
last-modified: Sat, 03 Feb 2024 14:16:31 GMT
server: nginx
etag: "65be4abf-19a3c"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/png
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31506835
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 20:09:17 GMT

GET
H2 200 id14172351-GettyImages-1972536779-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 34 KB
35 KB 795ms
786ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172351-GettyImages-1972536779-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8635f00d368d55d3a1ee50983c6a4d9ce4e0464d622caa52a17ebd6ed7f163b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 34919
last-modified: Fri, 02 Feb 2024 20:53:21 GMT
server: nginx
etag: "65bd5641-8867"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31426464
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 21:49:46 GMT

GET
H2 200 id14171390-430-ski-trip-shop-3-1080x720-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 13 KB
14 KB 795ms
786ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171390-430-ski-trip-shop-3-1080x720-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: cd720c8f1c7da1820e7f1349589ddaacdef0e20c67e61ceefd7c09bea5d34fb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 13630
last-modified: Thu, 01 Feb 2024 14:22:09 GMT
server: nginx
etag: "65bba911-353e"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31413196
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 18:08:38 GMT

GET
H2 200 id14171373-entree-eating-20240122-1080x720-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 18 KB
19 KB 795ms
787ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171373-entree-eating-20240122-1080x720-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 893cac2e12ab0c57ca5fedb601c96b2b202cd578c935b0366c1430cb60bdfac1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 18863
last-modified: Thu, 01 Feb 2024 14:06:31 GMT
server: nginx
etag: "65bba567-49af"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31392975
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 12:31:37 GMT

GET
H2 200 id14170532-1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 23 KB
24 KB 795ms
787ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14170532-1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 0075e420cf5ab28e4e473a02f4df00bc9c09da5a3d3b3c86206b45f163f16c89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 24027
last-modified: Wed, 31 Jan 2024 13:30:37 GMT
server: nginx
etag: "65ba4b7d-5ddb"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31371811
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 06:38:53 GMT

GET
H2 200 id14171510-2020-09-22-5f697408e5a88-780x438-169-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 17 KB
18 KB 796ms
787ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171510-2020-09-22-5f697408e5a88-780x438-169-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8b576dc333a9d32872d416a901b35bf531ffc330e779eed0555204d4da60b4ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 17380
last-modified: Fri, 02 Feb 2024 01:03:04 GMT
server: nginx
etag: "65bc3f48-43e4"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31351647
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 01:02:49 GMT

GET
H2 200 id14170525-shutterstock_307887065-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 28 KB
28 KB 796ms
788ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14170525-shutterstock_307887065-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 87be320d270680da61be5211d338dc680b09312efda467fd9f2c8476a96f6fb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 28197
last-modified: Fri, 02 Feb 2024 01:05:17 GMT
server: nginx
etag: "65bc3fcd-6e25"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31351774
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 01:04:56 GMT

GET
H2 200 id14172986-GettyImages-1975391873-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 28 KB
29 KB 796ms
788ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172986-GettyImages-1975391873-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 6e89c0a095e0423128863e06b21e38e3aa2c30bfe618328f4c4a9989d696af42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 29170
last-modified: Sun, 04 Feb 2024 02:39:27 GMT
server: nginx
etag: "65bef8df-71f2"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31530557
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 03 Feb 2025 02:44:39 GMT

GET
H2 200 id14172071-GettyImages-1330322992-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 31 KB
31 KB 796ms
789ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172071-GettyImages-1330322992-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: ab6b785b300f0e46022b8725f32c97772eaaddffe7374ce0662a3e57dc5f3ce6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 31297
last-modified: Fri, 02 Feb 2024 11:37:00 GMT
server: nginx
etag: "65bcd3dc-7a41"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31392955
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 12:31:17 GMT

GET
H2 200 id14171725-GettyImages-1809475095-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 23 KB
24 KB 797ms
789ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171725-GettyImages-1809475095-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8358ad01baf4308ccf9639e200e19ceee9eef839c1c9e50f52039b1a8d11e834

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 23829
last-modified: Fri, 02 Feb 2024 02:57:06 GMT
server: nginx
etag: "65bc5a02-5d15"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31359218
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 03:09:00 GMT

GET
H2 200 id14171534-608b8cbe07e87893a3d5cc26e0fbdb55-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 16 KB
17 KB 797ms
789ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14171534-608b8cbe07e87893a3d5cc26e0fbdb55-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 0defb301e0ea944103d0ea3c8d8a5ed1f43d2aea5851f1964809769bc482d62e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 16371
last-modified: Thu, 01 Feb 2024 19:44:26 GMT
server: nginx
etag: "65bbf49a-3ff3"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31335571
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Fri, 31 Jan 2025 20:34:53 GMT

GET
H2 200 facebook_white.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 1 KB
1 KB 797ms
790ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/facebook_white.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

19352d23eb90d0c6b446b21446bfdeb6dc7c06b754d17f505fcf6f8df4cb1a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 youtube_red.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 923 B
1 KB 798ms
790ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/youtube_red.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

b681d802bfbf3ded05bf66fc061893e8bf1b129f278b09a47d0d718121ba3318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 twitter_white.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 511 B
687 B 798ms
791ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/twitter_white.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

1636ebb2d83d45e93371597e5f38e2d6c1578cfe92a09e4e7d209202e42159ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 id13850375-d7eec9f290687af2297df77348cb3c26-320x200.png
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/10/ 120 KB
121 KB 798ms
791ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/10/id13850375-d7eec9f290687af2297df77348cb3c26-320x200.png
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 4ecdea5ae76466559faf6696a9b5be8c6c0e9118d7007e5f68786e3f9973413e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 123086
last-modified: Fri, 21 Oct 2022 17:04:25 GMT
server: nginx
etag: "6352d119-1e0ce"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/png
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31508249
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 20:32:51 GMT

GET
H2 200 id14167835-447941c56355ac0f043fd36cb5a9ce14-320x200.jpeg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 14 KB
15 KB 798ms
792ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14167835-447941c56355ac0f043fd36cb5a9ce14-320x200.jpeg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 01b6b733269d9c893dca49bb2ffde509784debf4f6950b79d116cd6ba9f393ea

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 14521
last-modified: Sat, 27 Jan 2024 17:22:38 GMT
server: nginx
etag: "65b53bde-38b9"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=30892422
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 26 Jan 2025 17:29:04 GMT

GET
H2 200 id13816320-GettyImages-80130128-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/09/ 21 KB
22 KB 799ms
792ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2022/09/id13816320-GettyImages-80130128-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 5c8484662f7f24ebfd5d4aac8161f3a18a7f8ace5398bf5afdad7e349cbbe038

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21745
last-modified: Fri, 02 Sep 2022 13:54:59 GMT
server: nginx
etag: "63120b33-54f1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=28520589
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Mon, 30 Dec 2024 06:38:31 GMT

GET
H2 200 id14172186-658e3d829d78d8e1e2dab537befc291a-320x200.png
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 45 KB
46 KB 799ms
792ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172186-658e3d829d78d8e1e2dab537befc291a-320x200.png
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: b86634cc020a49038dc05db52c5ba525ff9fb3ec100233d340c139a2b0daed61

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 46552
last-modified: Fri, 02 Feb 2024 13:24:17 GMT
server: nginx
etag: "65bced01-b5d8"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/png
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31400688
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 14:40:10 GMT

GET
H2 200 id14040164-22_000_33B23AW1-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/ 38 KB
38 KB 800ms
793ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2023/07/id14040164-22_000_33B23AW1-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 59eaa4b37a8704707b4961c9f4c8d71517334bb85e8798921c2da5f4d8a2bc29

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 38663
last-modified: Sun, 23 Jul 2023 02:31:35 GMT
server: nginx
etag: "64bc9107-9707"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31481513
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 13:07:15 GMT

GET
H2 200 id14172360-000_34HF6WT-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 21 KB
21 KB 800ms
793ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172360-000_34HF6WT-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 2c157088392deac0fcee59363d48edc2a45b2ca56fea83dfe73573c358cc68c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 21304
last-modified: Fri, 02 Feb 2024 21:16:36 GMT
server: nginx
etag: "65bd5bb4-5338"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31430051
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sat, 01 Feb 2025 22:49:33 GMT

GET
H2 200 id14172406-000_34HJ2XW-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/ 10 KB
10 KB 800ms
794ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/02/id14172406-000_34HJ2XW-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: d1f7b88a338e2ec55104d5c3b69c7760c7187b9bf0e8d79e932c321351978786

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 9809
last-modified: Fri, 02 Feb 2024 23:40:11 GMT
server: nginx
etag: "65bd7d5b-2651"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31436374
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Sun, 02 Feb 2025 00:34:56 GMT

GET
H2 200 id14170484-662589-320x200.jpg
gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/ 51 KB
51 KB 801ms
794ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfqw53e57wrtdwrew.333121.xyz/gw/assets/uploads/2024/01/id14170484-662589-320x200.jpg
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),
Reverse DNS: 185.212.57.113.16clouds.com
Software: nginx /
Resource Hash: 8cad82a34f022885d5b22bac4afdc0c3dd09c2c7d95e7e0e876d327e935424cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-request-headers: *
date: Sun, 04 Feb 2024 09:53:00 GMT
akamai-mon-iucid-del: 1281139
content-length: 52006
last-modified: Wed, 31 Jan 2024 12:42:40 GMT
server: nginx
etag: "65ba4040-cb26"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS, *
content-type: image/jpeg
access-control-allow-origin: *, *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC, x-resp
cache-control: max-age=31225431
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts, *
expires: Thu, 30 Jan 2025 13:59:13 GMT

GET
H2 200 djy_logo2.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/ 9 KB
9 KB 801ms
795ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/djy_logo2.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

bff7a0f12d5fb9ac16d2ad056c08506c49ae1d4b9db962e26eaf12d7b71fe38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 jquery-all.min.js Show response
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ 98 KB
98 KB 265ms
247ms Script
application/x-javascript 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery-all.min.js?ver=20200218

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

6a5a43b6f9f8b22b3f2d15b8f75f534fd794e61d66df7e532ce45a675e2f7c32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 bottom.min.js Show response
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ 28 KB
29 KB 337ms
320ms Script
application/x-javascript 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/bottom.min.js?ver=20240131

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

c483bd70d1e21816292e63d0e09c4b88c0738131b3aac1b1aa72a2498b4debf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 jquery.bxslider.min.js Show response
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/ 19 KB
19 KB 359ms
341ms Script
application/x-javascript 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.min.js?ver=20150811

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

4936eb69f6412e32a2a9415dca5407afc067346fc09d30d09e216725c9bcb2a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 front.min.js Show response
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/www/ 6 KB
6 KB 402ms
384ms Script
application/x-javascript 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/www/front.min.js?ver=20240108

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

172a82282559370c8589b804c7b77fb3da0b9022791a35c307cf46e3a5c676b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
65 KB 96ms
41ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

277b26f44790db0183ac0c5df20edd7ef35885883b075b28c367f2ac4b7cc711

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65643
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Feb 2024 09:53:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 81ms
23ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 08:06:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6402
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Feb 2024 10:06:18 GMT

GET
H2 200 triangle-down.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/ 213 B
389 B 801ms
795ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/front-page/triangle-down.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

ebbe9787979aae29b009b84ee5fa645ae8931985f27187f205dd32852568c75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 djy_icons.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/ 55 KB
55 KB 801ms
796ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/djy_icons.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 icon_audio.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/ 506 B
682 B 797ms
796ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/icon_audio.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

7e5cacbb7a388da3df5373cfb2706556b946399a111334e85c428780677be7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 newsletter_ad.jpg
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/ 58 KB
58 KB 797ms
797ms Image
image/jpeg 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/images/newsletter_ad.jpg

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

c32f2c273444cc5253baff690e39ededa3fe95e96958296d2eef4b917c17a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/css/front-page.css?ver=20231010
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
232 B 38ms
37ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=181015552&t=pageview&_s=1&dl=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&ul=en-us&de=UTF-8&dt=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1895099648&gjid=1184729465&cid=1913667088.1707040381&tid=UA-10465455-10&_gid=2026301227.1707040381&_r=1&_slc=1&z=263649839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

da5056290a3e8e247073b77a761fdefde68adb1c0e1b22771461713c830c137f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 54ms
53ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64JWG501SB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WHM2XS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6925fa88d374146c2bd10c396be05f7d671845d15a9a5072e45c09f2269d407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93817
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:53:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 99ms
38ms XHR
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10465455-10&cid=1913667088.1707040381&jid=1895099648&gjid=1184729465&_gid=2026301227.1707040381&_u=IEBAAEAAAAAAACAAI~&z=523643987

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Feb 2024 09:53:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
86 KB 106ms
106ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f64f0ac15ae13ac34d815a042c2118f43c245fa8a2ec7b57249d4f78dcecce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87531
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:53:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
264 B 95ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-64JWG501SB&gtm=45je41v0v9115041777za200&_p=1707040380545&_gaz=1&gcd=11l1l1l1l1&npa=0&dma=0&cid=1913667088.1707040381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707040380&sct=1&seg=0&dl=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&dt=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1579
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 55ms
37ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-64JWG501SB&cid=1913667088.1707040381&gtm=45je41v0v9115041777za200&aip=1&dma=0&gcd=11l1l1l1l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 321ms
41ms Image
image/gif 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10465455-10&cid=1913667088.1707040381&jid=1895099648&_u=IEBAAEAAAAAAACAAI~&z=1680985210

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 39ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-QZQNK0Z14Z&gtm=45je41v0v9164394854za200&_p=1707040380545&_gaz=1&gcd=11l1l1l1l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=1913667088.1707040381&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&dt=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&sid=1707040380&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1724
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 37ms
37ms Ping
text/plain 2607:f8b0:4004:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QZQNK0Z14Z&cid=1913667088.1707040381&gtm=45je41v0v9164394854za200&aip=1&dma=0&gcd=11l1l1l1l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QZQNK0Z14Z&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
29 KB 206ms
49ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/www/front.min.js?ver=20240108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

509db4b2ba6af039bbe0cc9019a25e16e7b4c8faf28d056961b0885f6cf2ab4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29520
x-xss-protection: 0
server: cafe
etag: 977 / 19757 / m202401290101 / config-hash: 8558731290873694684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 09:53:01 GMT

GET
H2 200 prebid.js Show response
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/ 253 KB
254 KB 460ms
458ms Script
application/x-javascript 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/www/front.min.js?ver=20240108

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

01b147d4ae647bb2f0013d6e6bcd930157c5111713ba36247b5ee96cbf977bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET region
pwe.epochbase.com/ 0
0

GET
H2 200 bx_loader.gif
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/images/ 5 KB
6 KB 447ms
446ms Image
image/gif 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/images/bx_loader.gif

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

5f63c3fb57fcaad778efe5c4f77a3f3714aedeea55dc830b0840bacac35f2395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 arrow-buttons.png
gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/images/ 1 KB
1 KB 438ms
437ms Image
image/png 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/images/arrow-buttons.png

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

859561a660d3c6604cf1aa015f16d783d23f7fe1cebad17cb34665e6aa96b16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery.bxslider/jquery.bxslider.css?ver=20150811
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
cache-control: public, max-age=2592000
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET geo
pwe.epochbase.com/ 0
0

GET
H2 204 / Show response
gfqw53e57wrtdwrew.333121.xyz/iptest/ 0
129 B 522ms
522ms XHR
text/plain 185.212.57.113
IT7NET

General

Check archive.org

Show headers Download Go to

Full URL

https://gfqw53e57wrtdwrew.333121.xyz/iptest/

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/jquery-all.min.js?ver=20200218

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.212.57.113 Osaka, Japan, ASN25820 (IT7NET, CA),

Reverse DNS

185.212.57.113.16clouds.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
via: 1.1 google
strict-transport-security: max-age=31536000
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 154ms
32ms Script
application/javascript 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: gzip
etag: "bvEECQq4Zy6gU9J/qv1O6Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 11 Feb 2024 09:53:01 GMT

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 141ms
29ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 04:44:59 GMT
content-encoding: gzip
via: 1.1 f72e244fb4f0eab694c4c73be7c5f44e.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 18482
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: hs5RLOzzmpIEuYwet85EXNvyuG1UeAECLrnqUokPNYljDHP7q4esRg==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%...
https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6...

0
224 B

37ms
36ms

Image
text/plain

108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&c9=
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/
Protocol: H2
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
via: 1.1 f72e244fb4f0eab694c4c73be7c5f44e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: gnPnceyhblXKES7jPG925tqiWEvlfABpF_2rZr7KAakJd84T2iiuBQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 04 Feb 2024 09:53:01 GMT
via: 1.1 f72e244fb4f0eab694c4c73be7c5f44e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=24003086&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1707040381135&ns_c=UTF-8&c7=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&c8=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&c9=
content-length: 0
x-amz-cf-id: wdUvACb2Fgm4Eo1wQtYmc5bMe3oeA14ZYLlxVZqyh_sHDNvUfW8i3w==

GET
H2 200 rules-p-a128V7tctPVtT.js Show response
rules.quantcount.com/ 3 B
429 B 90ms
27ms Script
application/javascript 2600:9000:21dd:6400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a128V7tctPVtT.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 03 Feb 2024 11:05:15 GMT
via: 1.1 dd50f5bdd8da1cdd9e698cc2d6f8e828.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 82067
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:44:26 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: K0uydP0L4wF19iKC71RwmbMdR6R5ecBL4toQxzSgO2tn7Ia5Na86DA==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/ 436 KB
136 KB 37ms
33ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:46:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 389
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139485
x-xss-protection: 0
server: cafe
etag: 9760076492862216199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 03 Feb 2025 09:46:32 GMT

GET
H2 200 pixel;r=165628996;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F;uht=2;fpan=1;fpa=P0-738355212-1707040381151;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref...
pixel.quantserve.com/ 35 B
456 B 52ms
33ms Image
image/gif 2620:116:800b:21:b08a:1dc5:659b:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=165628996;rf=0;a=p-a128V7tctPVtT;url=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F;uht=2;fpan=1;fpa=P0-738355212-1707040381151;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=333121.xyz;dst=0;et=1707040381251;tzo=600;ogl=locale.en_US%2Ctype.website%2Ctitle.%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%2Cdescription.%E5%8C%85%E6%8B%AC%E7%BE%8E%E5%9B%BD%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%E5%9C%A8%E5%86%85%E7%9A%84%E6%B5%B7%E5%A4%96%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%E4%B8%AD%EF%BC%8C%E5%A4%A7%E7%BA%AA%E5%85%83%E4%BB%8E%E7%BE%8E%E5%9B%BD%E4%B8%AD%E6%96%87%E6%8A%A5%E7%BA%B8%E5%BC%80%E5%A7%8B%EF%BC%8C%E7%8E%B0%E5%9C%A8%E4%B8%8D%E4%BB%85%E5%8F%98%E6%88%90%E4%BA%86%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%EF%BC%8C%E7%BE%8E%E5%9B%BD%E6%9C%80%E6%9C%89%E5%BD%B1%E5%93%8D%E5%8A%9B%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%EF%BC%8C%E5%90%8C%E6%97%B6%E4%B9%9F%E6%98%AF%E5%85%A8%E7%90%83%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93%EF%BC%8C%E6%96%B0%E9%97%BB%E5%8D%B3%E6%97%B6%E6%9D%83%E5%A8%81%E5%A4%9A%2Curl.%2Csite_name.%E5%A4%A7%E7%BA%AA%E5%85%83%20www%252Eepochtimes%252Ecom;ses=96ce258c-9db4-49b7-8707-c3bf9fe27dd8;mdl=

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[],"trigger_data":"1"}]}
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 5965368 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 225ms
72ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5965368?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

381df03b42b77bb2888e4ca76ab4306e9dd895e384bbdc8de76bca55f1cf5228

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4tjfsoBu_ym9F-sckmwQMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-4tjfsoBu_ym9F-sckmwQMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJwNxT8LAXEYB_C7J4-QdLFwymS4TGxmk2JR6gwyKclikoXNO1C_G2xGYaGkewEGkUlisHBOsvizoHyHTx-PKcc8qpTRVGmdOtAWNtET7aAlnakDR_1MF4hrFiWhXrOoCfL3Qm64P21SXjYFIQb30JXeMMumHTddsK8g2NnEUGoLroNvJDgxFjxZCjahaAkuQ58NHkA3Z3APUhWD8_CoGvyBxn7FbQhE1hwGv9f1M39Dp7KYTz_yH4bQVLE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVRdyIrOgAz7Vv_cDSC-hUY_Qjjkdn9musR-3j0YGOfjCLQSCcCjywYCdkYJPLQTze_wc6sBz7LsIz5qYBgg1cG19G1ZOQLe9s1f6LRnEpWDvSIgxrRCmna1DIxSiK2_y5mz_4AKg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 69ms
67ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVRdyIrOgAz7Vv_cDSC-hUY_Qjjkdn9musR-3j0YGOfjCLQSCcCjywYCdkYJPLQTze_wc6sBz7LsIz5qYBgg1cG19G1ZOQLe9s1f6LRnEpWDvSIgxrRCmna1DIxSiK2_y5mz_4AKg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDQwMzgxLDY0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9nZnF3NTNlNTd3cnRkd3Jldy4zMzMxMjEueHl6LyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/am=wA/d=1/rs=AJlcJMxRcLLibA8mCQ_sI3cuamh_9rJ2tw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f199a5cbdf171ae59ca19c145313a05aaccd91fcd5f5e784a2d942e4c6e45c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gJKoo4MQEDkXDJcIpvlZ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-gJKoo4MQEDkXDJcIpvlZ7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KIhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLh-Lvn71o2gRuLD5xgAgCBFlR8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 165ms
164ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2572086396455986&correlator=3071765287844037&eid=31080783&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=5965368%2CDJYwww_frontpage_wallpaper&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1707040381675&lmt=1707040381&adxs=0&adys=8470&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&vis=1&psz=1600x9086&msz=1x-1&fws=128&ohw=0&ga_vid=1913667088.1707040381&ga_sid=1707040382&ga_hid=181015552&ga_fc=true&dlt=1707040380023&idt=1268&cust_params=site%3Dgfqw53e57wrtdwrew.333121.xyz%252C333121.xyz&adks=118317135&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c67d435f18406d3ab150731e9193c04a5730eef9e368cd69eb01275b2b858cc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
google-lineitem-id: 6430022352
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138457903766
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFF6 6 KB
3 KB 134ms
39ms Document
text/html 2607:f8b0:4006:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 09:53:01 GMT
expires: Mon, 03 Feb 2025 09:53:01 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
462 B 141ms
40ms XHR
application/json 54.85.21.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.21.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-21-46.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 4595f079ac1a3346cee09b4606d200ad760955751b5c678ad1cfe9ef92153999

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 129 B
945 B 110ms
31ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_newfront_A1_728x90%7C47e3ac7266fc2b%22%3A%22728x90%2C970x90%7Cgpid%3D%2F5965368%2FDJYwww_newfront_A1_728x90%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&s=5d599627-ffc6-4ff8-9ba8-7002367495cf&pv=03b17248-3ecb-4768-96e7-c7672af97904&vp=desktop&lib_name=prebid&lib_v=7.54.5&us=5&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22gfqw53e57wrtdwrew.333121.xyz%22%2C%22keywords%22%3A%22%E5%A4%A7%E7%BA%AA%E5%85%83%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%97%B6%E6%8A%A5%2C%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%2C%E6%96%B0%E9%97%BB%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%2C%E7%8E%AF%E7%90%83%E6%96%B0%E9%97%BB%2C%E4%B8%AD%E6%96%87%2C%E6%B5%B7%E5%A4%96%2C%E6%9C%80%E5%A4%A7%E5%AA%92%E4%BD%93%2CChinese%2CNewspaper%2CMedia%2Cepaper%2C%E4%B8%AD%E6%96%87%E6%8A%A5%E7%BA%B8%2C%E5%8D%8E%E6%96%87%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E5%8D%8E%E4%BA%BA%E7%A4%BE%E5%8C%BA%2C%E7%94%B5%E5%AD%90%E6%8A%A5%2C%E7%BA%BD%E7%BA%A6%2C%E6%97%A7%E9%87%91%E5%B1%B1%2C%E6%B4%9B%E6%9D%89%E7%9F%B6%2C%E5%8D%8E%E7%9B%9B%E9%A1%BF%2C%E5%A4%9A%E4%BC%A6%E5%A4%9A%22%2C%22publisher%22%3A%7B%22domain%22%3A%22333121.xyz%22%7D%2C%22page%22%3A%22https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&coppa=0

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

c19d055a5e4bc09d10cbbd30c909c247fa1c9b827b7785092a8c6d1dcebfe74a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-161
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 154
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 / Show response
colossusssp.com/ 2 B
148 B 227ms
114ms XHR
application/json 173.237.69.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
date: Sun, 04 Feb 2024 09:53:01 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 138 B
835 B 165ms
71ms XHR
application/json 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

d56af3242f58ff081448451debe4ca10a02394d53a7ea19c0162b7db2bb316b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
an-x-request-uuid: 545cbaea-40a3-471a-a1d1-be8afb7bc5f1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.43; 96.9.249.43; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 138
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
837 B 133ms
43ms XHR
application/json 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

598484c8619f6d78e61448a1959c26eaaaa168259c383a992a11db762c211739

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
an-x-request-uuid: c64a52a1-83bf-49d8-9a8f-4b895d296543
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.43; 96.9.249.43; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 131 B
946 B 103ms
32ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_newfront_A4_300x250%7C12ebb34724c50e8%22%3A%22300x250%7Cgpid%3D%2F5965368%2FDJYwww_newfront_A4_300x250%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&s=69db639e-4149-4239-b672-f38f35f3c934&pv=03b17248-3ecb-4768-96e7-c7672af97904&vp=desktop&lib_name=prebid&lib_v=7.54.5&us=5&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22gfqw53e57wrtdwrew.333121.xyz%22%2C%22keywords%22%3A%22%E5%A4%A7%E7%BA%AA%E5%85%83%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%97%B6%E6%8A%A5%2C%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%2C%E6%96%B0%E9%97%BB%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%2C%E7%8E%AF%E7%90%83%E6%96%B0%E9%97%BB%2C%E4%B8%AD%E6%96%87%2C%E6%B5%B7%E5%A4%96%2C%E6%9C%80%E5%A4%A7%E5%AA%92%E4%BD%93%2CChinese%2CNewspaper%2CMedia%2Cepaper%2C%E4%B8%AD%E6%96%87%E6%8A%A5%E7%BA%B8%2C%E5%8D%8E%E6%96%87%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E5%8D%8E%E4%BA%BA%E7%A4%BE%E5%8C%BA%2C%E7%94%B5%E5%AD%90%E6%8A%A5%2C%E7%BA%BD%E7%BA%A6%2C%E6%97%A7%E9%87%91%E5%B1%B1%2C%E6%B4%9B%E6%9D%89%E7%9F%B6%2C%E5%8D%8E%E7%9B%9B%E9%A1%BF%2C%E5%A4%9A%E4%BC%A6%E5%A4%9A%22%2C%22publisher%22%3A%7B%22domain%22%3A%22333121.xyz%22%7D%2C%22page%22%3A%22https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&coppa=0

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

42d587bc1dd5457ed99b0680850f686bb29847a4f53c72f412d4a8aff8fc7f51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-6-126
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 156
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 / Show response
colossusssp.com/ 2 B
147 B 220ms
115ms XHR
application/json 173.237.69.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
date: Sun, 04 Feb 2024 09:53:01 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
461 B 130ms
42ms XHR
application/json 54.85.21.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.21.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-21-46.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: fc2dc182a69cadbf77ba5001f6d02f86268c1bcfde1c3c1c596445b17ad6f304

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
837 B 118ms
32ms XHR
application/json 68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

42ace8d37efac5a6e1a551f11601d28a325fcf84ea7a9390091f08b39e63f86f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
an-x-request-uuid: 7a51e2e5-6f38-4ed8-9a61-6f1406feb29f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.43; 96.9.249.43; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 139
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trinity.json Show response
apex.go.sonobi.com/ 131 B
946 B 98ms
33ms XHR
application/json 2607:f350:3:2569:0:10:0:a
AS-XFERNET

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F5965368%2FDJYwww_frontpage_A6_728x90%7C204ef6d41347484%22%3A%22728x90%2C970x90%2C970x250%7Cgpid%3D%2F5965368%2FDJYwww_frontpage_A6_728x90%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&s=0a77f713-99a5-4afc-b621-80e8e2517c0b&pv=03b17248-3ecb-4768-96e7-c7672af97904&vp=desktop&lib_name=prebid&lib_v=7.54.5&us=5&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22gfqw53e57wrtdwrew.333121.xyz%22%2C%22keywords%22%3A%22%E5%A4%A7%E7%BA%AA%E5%85%83%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%A4%A7%E7%BA%AA%E5%85%83%E6%97%B6%E6%8A%A5%2C%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%2C%E6%96%B0%E9%97%BB%E5%AA%92%E4%BD%93%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%2C%E5%8D%B3%E6%97%B6%E6%96%B0%E9%97%BB%2C%E7%8E%AF%E7%90%83%E6%96%B0%E9%97%BB%2C%E4%B8%AD%E6%96%87%2C%E6%B5%B7%E5%A4%96%2C%E6%9C%80%E5%A4%A7%E5%AA%92%E4%BD%93%2CChinese%2CNewspaper%2CMedia%2Cepaper%2C%E4%B8%AD%E6%96%87%E6%8A%A5%E7%BA%B8%2C%E5%8D%8E%E6%96%87%E7%BD%91%E7%AB%99%2C%E6%96%B0%E9%97%BB%E7%BD%91%E7%AB%99%2C%E5%8D%8E%E4%BA%BA%E7%A4%BE%E5%8C%BA%2C%E7%94%B5%E5%AD%90%E6%8A%A5%2C%E7%BA%BD%E7%BA%A6%2C%E6%97%A7%E9%87%91%E5%B1%B1%2C%E6%B4%9B%E6%9D%89%E7%9F%B6%2C%E5%8D%8E%E7%9B%9B%E9%A1%BF%2C%E5%A4%9A%E4%BC%A6%E5%A4%9A%22%2C%22publisher%22%3A%7B%22domain%22%3A%22333121.xyz%22%7D%2C%22page%22%3A%22https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.139%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%7D%7D&ius=1&coppa=0

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:a , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

5a0dd769f7cc6107088129b95c07e6e169be3552f85514f0a67999e8ffd77750

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: gzip
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-186
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: application/json
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, private
access-control-allow-credentials: true
tcn: Choice
content-length: 156
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
462 B 168ms
84ms XHR
application/json 54.85.21.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.85.21.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-21-46.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 40dda944cb2141999936d732f521a050196fbc71e5123b47da46ec4a0b6c4d4c

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 / Show response
colossusssp.com/ 2 B
147 B 215ms
116ms XHR
application/json 173.237.69.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://colossusssp.com/?c=o&m=multi
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.237.69.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
date: Sun, 04 Feb 2024 09:53:01 GMT
access-control-allow-credentials: true
server: openresty
content-length: 2
content-type: application/json

GET
H3 200 AGSKWxWAX6InHdUqnuxoQ8IY9wPFrpXYOp9OQ50oaHxyNcbTPHPImlX0D7h2f0xVO1UKNj4WlKQ5TDwaPOlcg-CghQaJ3WMWagEXbaqvzf9M2pFy9aNoASQRVvlqgl_3wwZImSRbpr2DiA== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 64ms
63ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWAX6InHdUqnuxoQ8IY9wPFrpXYOp9OQ50oaHxyNcbTPHPImlX0D7h2f0xVO1UKNj4WlKQ5TDwaPOlcg-CghQaJ3WMWagEXbaqvzf9M2pFy9aNoASQRVvlqgl_3wwZImSRbpr2DiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDQwMzgxLDc2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vZ2ZxdzUzZTU3d3J0ZHdyZXcuMzMzMTIxLnh5ei8iLG51bGwsW1s4LCJSVXJaQmprQU9SayJdLFs5LCJlbi1VUyJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6179825bd1eb7d981f3618885005e667df7901c55f65999fef867bf6ddcb364

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-41GivRXOx9PVurzABTLfoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-security-policy: script-src 'report-sample' 'nonce-41GivRXOx9PVurzABTLfoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLh-Lvn71o2gQs_9jQyAwCMfVSN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 123ms
54ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401290101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02b11ca98d41146baa1ec4ca4e61c28fcda82784b32971571257ea1233726855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12188
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6380 0
0 95ms
94ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst62SH8SzaqOTxEE3iy3Z1k7zqxbJAiQVlpaaS0Teami5DV9U1-TlYTNOpHrZevCalk1Q8dfmZPnq-0za26odT87WAmuolrSguLBXU1ZD9Le29vfRaCieQvr7Yn_7sY6FEnrSclW7-NyhzjHuKJiX2H0Kqf2X8Kq5NFAOXhzWAc2U2YpwOgmKq4zjEYV12ddhHP0bUJu6g-h7Ta6ekSxFYPZD3RqBDM7gPvi2jk5-y70QmbTUJn82ZKMyvhpKfnDqxHFzpPD5lpGFWzh9h4OmMTykGS36s5KrZRXz6yNmsEC64J49ZpLKDyDn2WDnu3jvYXiiCPbDyv8kOu8ZGtYHiI-cuWIJ3ZdouoO5v_TBy6M7lxa94KCN_SMvZ04AHGU0pm5_PfpSnB5rP_MUw-XopR9-V5yrTMFW03Ldg&sai=AMfl-YRyXgkFKgym8qfuL5C3ICG5exy5SuOI9C59AxOtISrjHbETARPg-OfDNwzHo8L8sbwK9iOGdlS_TRV5K8V5GMe-h4PDMHflZc58Cztd8WOdlxPGCyXrCui8ScwXdJu3eqc6nFT809mcDPmxYyPYn04&sig=Cg0ArKJSzCkae3Op98uDEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Feb 2024 09:53:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame 6380 94 KB
33 KB 81ms
24ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 01:18:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 01 Feb 2025 01:18:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6380 205 KB
65 KB 122ms
48ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 09:53:02 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 84ms
84ms Fetch
text/plain 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2572086396455986&correlator=3071765287844037&eid=31080783&output=ldjh&gdfp_req=1&vrg=202401290101&ptt=17&impl=fifs&gdpr=0&iu_parts=5965368%2CDJYwww_newfront_A1_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D41d191a66a4b3846%3AT%3D1707040381%3ART%3D1707040381%3AS%3DALNI_MZYVoF2O-w0aH9o-4hkbmCrXDSksg&gpic=UID%3D00000a0b62a86688%3AT%3D1707040381%3ART%3D1707040381%3AS%3DALNI_Mbw789lmDp8NUDatCtk941aF5E4fA&abxe=1&dt=1707040381982&lmt=1707040381&adxs=436&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&psts=AOrYGsn7Oor_SI0GRR-o-tO6aqm7xYVQ1o5b8VGFGPvaTIVoTW1626KcVLU5Mhq0h2mJqCyy62qDRVzh1LT_B48&ga_vid=1913667088.1707040381&ga_sid=1707040382&ga_hid=181015552&ga_fc=true&dlt=1707040380023&idt=1268&cust_params=site%3Dgfqw53e57wrtdwrew.333121.xyz%252C333121.xyz&adks=1494162673&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e66612cb5c3e15854faa0642349d1d8f438bd2d7f3ab239170cb53abe6e5778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12870
x-xss-protection: 0
google-lineitem-id: 6179016866
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138460127740
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 98ms
39ms Script
text/javascript 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 09:53:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC89 0
0 95ms
93ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5nlCNSFnY0CSWEeEc69cBb-IkQfIHMUVle1yzkVq1HiX0C6EZCW1SmkBYk8K_qz2bOKbvZSVl0tOHTHyJWGiCesNT5qnG_miY85QlhBOOUaL8TJOt9FHbZiiFWKdaAKW64b-aTeFfxyQNUL07PYAiplJ0-5FMrWGaWQLe4mlKs49HlOEQnZoEEiyhfrDsgE6fyvI9kn4XdgFwmzjuSwq01j90ahfHLKh8c3EuLqsPdx5-ZPT2FioqgRI9-vfsir2-ru2b6tjQ5akvQAkvnviamRGYcj3Mc3EIIaBmvzmqKzLwFAHlfnxPehykZzDhdrPoiOrFtzJkY_iu4eoFZRHqCdR1J5KS-pxIKdpi0YIr393M9FZfxnyThl0NkxlmDAzTC7M9&sai=AMfl-YS_-CyYlP0L8XCsbcjWA2QuE3F8f0YRAvX6ZotHmOb-krwu9decJFeMA2huRlC10NusEb5G2iDqgf5SkVdvebRKNuq1OEa7Guf6ydieNvXTm_XmnrXJPoItxrfB5g&sig=Cg0ArKJSzJC1-g5_1c8vEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame BC89 205 KB
65 KB 53ms
51ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 09:53:02 GMT

GET
H2 200 4718654743914334664
tpc.googlesyndication.com/simgad/ Frame BC89 55 KB
56 KB 25ms
24ms Image
image/png 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4718654743914334664?

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401290101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

891f9143ed15c56fc6c63dbefed1ad819ba3fc36f166bbb2f24e1dd07bc3901c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:57:37 GMT
date: Thu, 01 Feb 2024 09:57:37 GMT
x-content-type-options: nosniff
age: 258925
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56452
x-xss-protection: 0
last-modified: Fri, 29 Dec 2023 16:53:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6380 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9608903a1ca72d8ed3e67b33cb4578ee2c7992d110a1c96883f8e648dba242fc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

14257968338064699685
tpc.googlesyndication.com/pimgad/
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOClw_rwIhDGAxiEBygBMgjjfAE6yDD69A
https://tpc.googlesyndication.com/pimgad/14257968338064699685

117 KB
117 KB

32ms
32ms

Image
image/jpeg

2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/14257968338064699685

Protocol

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa550939d722695d8e58922afdcb77f824e3b4c7b73427351bc97ec64591497e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:57:38 GMT
date: Thu, 01 Feb 2024 09:57:38 GMT
x-content-type-options: nosniff
age: 258924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119420
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 16:49:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Sun, 04 Feb 2024 07:57:56 GMT
x-content-type-options: nosniff
server: cafe
age: 6906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/pimgad/14257968338064699685
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 07:57:56 GMT

GET
H2

200

12743946288747225734
tpc.googlesyndication.com/pimgad/
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOClw6b4RBDGAxiEBygBMgh-XCyaxc7A7Q
https://tpc.googlesyndication.com/pimgad/12743946288747225734

116 KB
116 KB

26ms
26ms

Image
image/jpeg

2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/12743946288747225734

Protocol

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9983b2585679d54567804cd201e2f11a9a15b3d0ccb22ce0cef6f68fdce7604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: Fri, 31 Jan 2025 09:57:38 GMT
date: Thu, 01 Feb 2024 09:57:38 GMT
x-content-type-options: nosniff
age: 258924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 118628
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 16:49:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Sun, 04 Feb 2024 02:08:09 GMT
x-content-type-options: nosniff
server: cafe
age: 27893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/pimgad/12743946288747225734
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Mar 2024 02:08:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6380 0
0 143ms
93ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyu2t01LwrPxHEmFeFVsEtrUB0ZTxx_KXrcFwnhxhlFwY635SDUWXeRMI7ZefwjxDFPlH5vUYGqmM2v7dhBO8gNt6nuD9OBtSBOiGO2-yeJw22YGL3ORWPl99MW29OAv1oiAdaBc9YpdlZNkxlXQ0ZvzIrDH9Q2oTg0qz3XYj--COfKbtFJInoiL1C03tw3gSkNDax_xPzNNwMo5tXJ2v66vHRWWGTeS1JYCDEcIHfCv9PWk-z7XYTJqIMYNypU_T_he2haeEtoLX-TtjaT0VHmZ1IVOk82hnlFk2u57nDEk3DvtzvaddK4Yl7r6u6YxzXdXLVlcJ30ksc_E90JRNmR76iURyqTDpCj3znKC93zIVeXD78vt3zdh6B9u2JJHk3Fvgn8gWkovWH85V4Pqs&sai=AMfl-YTsurZ76Jd-g67QsIXN1JnhljMvhqXTvblespyBGxwbbONqRP7fyaB3eWBPEo3eZOvvo0eah-06UO61DeUxboRteAp49vy2QJ8lb7Z_LR1j_T1NFMpfI61OY7Ngm1p0KH2q76bQQd8wtkzRq-pvZ4Q&sig=Cg0ArKJSzHFXGQvW4qElEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Feb 2024 09:53:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D44D 13 KB
5 KB 33ms
31ms Document
text/html 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 43282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Feb 2024 21:51:40 GMT
expires: Sun, 02 Feb 2025 21:51:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B932 829 B
998 B 85ms
80ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9d77cff093394f2786fbee7e094eabc4a6229de6f8f27fc4aa6fe78b1be61f5c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QFf2yR8wYRXiSypGGJhuKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QFf2yR8wYRXiSypGGJhuKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Feb 2024 09:53:02 GMT
expires: Sun, 04 Feb 2024 09:53:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BC89 0
0 94ms
94ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRjGNRCsuRxt-Ai1Zk6UuPiwOyn-xf_6DhyBpHriErLZDbqiflI5nuxZ3ljcSrrPDqZSlDHhBtfM20p4lIptVhtLwvIbk1joFe0FFCCoQ_RaHHpTtwlijfEjWKiUnqe2plT9yF_1NWiaV2iwI444bP5ut34SWrbhLFPvqromi602nEDxiPWogkNhFo4mqwIKDhqlarV4ujhdxXJ8nWaGQOPhHxjC8nRXH9yGWPSjDQWaXOwop-Nmd-ZOvGam86S18mGW5q8xIFPjg-GJqF6BpubhwdMiOnpbqwHaEnw0c50s8Llk9jDJZpr66ny_sBq4KXiwzfOkcD78HcXstiimZXaPg0quG9IMR1Z5PWOaM98JztXxsqtm9-&sai=AMfl-YSf94OMaVFK9VQAtpTN3236v1GOGlQz-AH1tG7GwxYdIPiwS9nAsYqAM0pa2RNLnh-ue3F5Z8n3AcdQokq-gGEMN3y8WCwgtuDR4_RZpzmFiFhrBtT-imDqjI93bw&sig=Cg0ArKJSzCWzqwjYc0WUEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 04 Feb 2024 09:53:02 GMT

GET
DATA 200
OK truncated
/ Frame BC89 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662a3938c1162b17644b10519322bfb80e96896909f27734b1fa9244d7e7359c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame D44D 39 KB
15 KB 74ms
24ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:33:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 235146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 16:33:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B932 0
0 90ms
89ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401290101&jk=2572086396455986&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H3 200 ad. Show response
fundingchoicesmessages.google.com/f/AGSKWxVU5AObDM-6YX1qIVhZiwow6_gslzHDzPowWDVU7Y6kYF0RCv3l72hHIX7L3CmeSIj1IFgwQ99a4nbxSK-mE6C_DfGbXxOFz5Jk6uoTEgDoyl9LaSefGDhMpCXpt1glAfaLfCVijXp1C6voQkOod04kGbPLH... 54 B
109 B 53ms
53ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVU5AObDM-6YX1qIVhZiwow6_gslzHDzPowWDVU7Y6kYF0RCv3l72hHIX7L3CmeSIj1IFgwQ99a4nbxSK-mE6C_DfGbXxOFz5Jk6uoTEgDoyl9LaSefGDhMpCXpt1glAfaLfCVijXp1C6voQkOod04kGbPLHh1IPbVt-KN-APaxCSK5R0_gr07XaLCZ/_/vast_ads_/ad728x90-/ad-tandem./ads/bg_/resources/ad.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.RUrZBjkAORk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOHLYb6NgJOIaPTH6d9W4NVL5YRw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

14fd07d327093cd482dcf323dd0dd086bb93caa31e2838874e75b694a303be9a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1Jx-I4b7rE0zexY1g4I91w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1Jx-I4b7rE0zexY1g4I91w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxb0LAXEYB_C7J8_FJYnFS5kMuonNbDJYRDHIpCSLSRa3-Q_U7wabUVgMhvsTRCaJwcIhLF6St3yHTx_VlDU1IGUiAWmWWNMC5uEtLaEp7agFm9yO9hCNWBSHWtWiBsifPTngcjuQ-34gH2hw8R_pAeNU0nbKCXblBSsNDEVdcA1cA8GxoeDRRLAJBUtwCbpscA_aaYM7kCgbnIVrxeA31FdT1sEbmnEQPE77z_z2FffzfH_Jf4-FVVw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 61 B
76 B 24ms
24ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:37:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
server: cafe
etag: 16023549773543154165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Feb 2024 10:37:03 GMT

POST
H3 204 AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 119ms
70ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HL05T0DvsSJP9SBfDRrnLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-HL05T0DvsSJP9SBfDRrnLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcPzb83ctm8CGWT2zmQDwcCLM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 61ms
47ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GRVgq5_9-Ss3-t2wK-pCfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-GRVgq5_9-Ss3-t2wK-pCfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII1pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcPzb83ctm8CL_ZcmMAEA89ojZw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 67ms
67ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0c7gJ7-4a0AugnPEw08qyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-0c7gJ7-4a0AugnPEw08qyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjCtDikmII1pBiWMy_i6mW4RlTKxAXZD9nqgBixj8vmDiB-J3kK6ZvQLzDx4NlSuAM1jlA7JQ-gzUEiMtun2OtA2JhufOs0kAsxMPxb8_ftWwCG7rWz2cCAHGBJFg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 69ms
69ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVtLqjKI4cXDqTh50530vru5JYu_SmddWhtBTeSOirnlJp9XXPe0MQugsWT87J4t3rVH5OSh8I-mtLgOOd5lA72_rrLyiuPpdKakuzPjsUkpcwhVUrvwfyKVXWFcYIt7ivOo8Y0TQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mdKBBRKPsrfCHrt0tsE1dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-mdKBBRKPsrfCHrt0tsE1dw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcPzb83ctm8CLc7MWMgEA8jgjSw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVp35safOjUT1_ypM5ndAGRRRhkQnT4u_uiC2R9XJh2EbdEkaYRFiDvjoysaWjd9oCfkA4Nrj_BTPufjOMGqEsT_1B0hD1UiACga_2SW6LUeTS0VYVPUKf1MnP-2SVoFWbLjzoRcQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
62ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVp35safOjUT1_ypM5ndAGRRRhkQnT4u_uiC2R9XJh2EbdEkaYRFiDvjoysaWjd9oCfkA4Nrj_BTPufjOMGqEsT_1B0hD1UiACga_2SW6LUeTS0VYVPUKf1MnP-2SVoFWbLjzoRcQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MDQwMzgyLDU1NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9nZnF3NTNlNTd3cnRkd3Jldy4zMzMxMjEueHl6LyIsbnVsbCxbWzgsIlJVclpCamtBT1JrIl0sWzksImVuLVVTIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1bdc8d7567f8dfc97084b24f2fe86f0db6ecbad840bd2340b2fcdf8dc9006e17

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ckj-Bs7ZCD6Q0WveOk6TBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Ckj-Bs7ZCD6Q0WveOk6TBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sOoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I6K1sFkAbiuLrprAVAzLduOqvh-umsW85MZ90DxDHPp7OmAPFi1hmsq4F4SuAM1jlA7JQ-gzUEiD9nzmD9DcRlt8-x1gGxsNx5VmkgFuLh-Lfn71o2gRX9Z-cxAQB9YlQZ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D44D 0
10 B 24ms
24ms Image
text/plain 2607:f8b0:4006:81f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?5AdUOQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxWLIfm_UaDXuyS1otbGQ_GS2dK_NztYD1T2yfyt8i4XdlnEpOYQr6GSg6sIe7Jq14L_fNAPl1sJrXgV20eeA26jXZoEL5Sm2RSQ79Bj3O9wXIDOnOaNHkw8SDUgyFoc_Nsx_kps3g== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 54ms
53ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWLIfm_UaDXuyS1otbGQ_GS2dK_NztYD1T2yfyt8i4XdlnEpOYQr6GSg6sIe7Jq14L_fNAPl1sJrXgV20eeA26jXZoEL5Sm2RSQ79Bj3O9wXIDOnOaNHkw8SDUgyFoc_Nsx_kps3g==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kFWRU92O_j70NaNisSgS_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Feb 2024 09:53:02 GMT
content-security-policy: script-src 'report-sample' 'nonce-kFWRU92O_j70NaNisSgS_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAvxcPzb83ctm8CG3Qt3MQEA8h0jIw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401290101&jk=2572086396455986&bg=!JSalJmnNAAa8BdJLnAU7ADQBe5WfOFk_yYunLaNCajR4TNIoSt-1AnrkMYI90q5gStVwN5ZH9Ho_uUFpv90W_XzpQoyzAgAAAFZSAAAAAmgBBwoAS9gGTGcuJUCbpoGpGkieFsUSsFTxHw5YA0j5KjFNa4i8VuL1B8sGwwx7cfpIY5LdXeZZ7i6Ahjm3qTHWdIPtYb30Njz6hnF6eWNEQpkC5F-H68VuUhTv-J7puRQImT6O_u__dumItaN-eAs7uSPg_2z6rIC_-XUF4CY0zlYCtpaYuckffk6JZDbdp5maDTElzxDN9fGsX8MIxE9XOQDti2113ITDi0CSl1miaWnjkH_c5v9KmzZkdv8TaaOU1b3eYVzYQlPIB4FQT5TYlspR8rajgaFbTV18nOePOWuN5Nu8QhJYfFpJHMMLVPqGklOxVXbTvETbOinuN7xsjW2lIFPlzlER2XYYfNnbpY89qO0xitUWjhQ6FkO47jks3mUY-A-TcERKVicjxEBQjRA28we2dpYr-zyjrwdfqZw1k8_mh_lkDiMU7VaGmmWY-mQwDM0M-ZxXgUymFnKPWtAMHVAaS44UDhodOTiOWpch5kCrIXGplHKAsGFK41gYlpd3Z_BQI1VEF8qrUtlpAlSP_LXCZwuUK9T7Ad3OBtIjbaiBrnokzMZVNetqgyw2bzHBBETJJskjpV9GqQ6QfkDHk_2UQxWNy-81Lur0Pu0oMSq94K_Casfkju63ZEWKx_ri1mdntTkzmYF0psVi4IsgHfTBz29vtNOb3rWSFb-McwIQM2EjBHckNEdpGStYGCpYz8QbPyX7o9XA8_KKODYuebG2qs7JY6PHwa4UcJaD0O9nzVomCrA-7tjE77ZbFOZvwRAO6GUKcovfeLd8F-Bq8zygJKueYYkzkT12aQqlUWY-mXrd3HjrJLOiids88BuUdM-Q4oO55ZLf5XnWke0oeGBoyuHjqgYZEejpvKcYZ2SGe5yF1FReaaNtWOaTUk_ZwGr9k7opvCaw6ZnKgtByiRajVNJrXGEJ_K7NC_hSn7apfvVqPSxwkxvyERWrX-R2YwqeiGpMDzlwll6ILDNrHHHwuw9CwO6HdNzcscrMOozkqOHTtGeARVuKlpsqPq_kHa5wfLmXhk3XJHLS98OaOYfeRry2VfmOo_nmCJv116c1evyv6sdh28bfQ32AXmDj5jXy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BC89 42 B
174 B 94ms
93ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYLP9yYYwplvNGMhccg0KUdxbD8V-1kR9Cc1dDaTVem6lERm0sAXYtp0DIFSwiS3NPInaoq7pSknkHgVGtbOGna6uB6A4db_PGmJUpd7JXkYcDPzMYzfmEtXu379fzCTQArMVRHnSr7wzdP5xMbtF5EXYx&sig=Cg0ArKJSzBLNzczs9IMOEAE&id=lidar2&mcvt=1000&p=180,315,270,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240131&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1494162673&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=297318200&rst=1707040382079&rpt=140&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfqw53e57wrtdwrew.333121.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 502B 52 KB
17 KB 63ms
17ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: gfqw53e57wrtdwrew.333121.xyz
URL: https://gfqw53e57wrtdwrew.333121.xyz/assets/themes/djy/js/ads/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 15954
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Feb 2024 09:53:04 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 04 Feb 2024 05:27:09 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 154, 11085
X-Served-By: cache-lga13626-LGA, cache-yyz4530-YYZ
X-Timer: S1707040384.037293,VS0,VE0

GET
H2

200

bounce Show response
ib.adnxs.com/ Frame 502B
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
969 B

33ms
32ms

Script
text/html

68.67.160.24
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Protocol

Server

68.67.160.24 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:04 GMT
an-x-request-uuid: e46a5d88-9d23-4164-859f-ee9a603431c2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 96.9.249.43; 96.9.249.43; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:04 GMT
an-x-request-uuid: 8ba356ee-f400-4cdc-b4f5-d87c81ebf3fa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.43; 96.9.249.43; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 37ms
37ms Ping
text/plain 2607:f8b0:4006:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-64JWG501SB&gtm=45je41v0v9115041777za200&_p=1707040380545&gcd=11l1l1l1l1&npa=0&dma=0&tcfd=10000&cid=1913667088.1707040381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&sid=1707040380&sct=1&seg=0&dl=https%3A%2F%2Fgfqw53e57wrtdwrew.333121.xyz%2F&dt=%E5%A4%A7%E7%BA%AA%E5%85%83%E6%96%B0%E9%97%BB%E7%BD%91%20-%20%E6%B5%B7%E5%A4%96%E6%9C%80%E5%A4%A7%E4%B8%AD%E6%96%87%E5%AA%92%E4%BD%93&_s=2&tfd=7735
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64JWG501SB
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://gfqw53e57wrtdwrew.333121.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:53:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gfqw53e57wrtdwrew.333121.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pwe.epochbase.com
URL: https://pwe.epochbase.com/region?siteId=www.epochtimes.com

Domain: pwe.epochbase.com
URL: https://pwe.epochbase.com/geo?ip=

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.333121.xyz/	1970-01-20 18:12:06	Name: _gid Value: GA1.2.2026301227.1707040381
.333121.xyz/	1970-01-20 18:10:40	Name: _gat Value: 1
.333121.xyz/	1970-01-21 03:46:40	Name: _ga Value: GA1.1.1913667088.1707040381
.333121.xyz/	1970-01-21 03:46:40	Name: _ga_QZQNK0Z14Z Value: GS1.2.1707040380.1.0.1707040380.60.0.0
.scorecardresearch.com/	1970-01-21 03:46:40	Name: UID Value: 1144de3acb2f4a4ec14a12a1707040381
.quantserve.com/	1970-01-21 03:40:54	Name: mc Value: 65bf5e7d-47667-f0b38-66d2a
.333121.xyz/	1970-01-21 03:35:09	Name: __qca Value: P0-738355212-1707040381151
.go.sonobi.com/	1970-01-20 18:12:06	Name: _usd_gfqw53e57wrtdwrew.333121.xyz Value: 03b17248-3ecb-4768-96e7-c7672af97904
.go.sonobi.com/	1970-01-20 18:53:52	Name: __uis Value: 589be254-da7b-4efb-a764-b093fd3a2fd9
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85186\|Zb9eg
.333121.xyz/	1970-01-21 03:32:16	Name: __gads Value: ID=41d191a66a4b3846:T=1707040381:RT=1707040381:S=ALNI_MZYVoF2O-w0aH9o-4hkbmCrXDSksg
.333121.xyz/	1970-01-21 03:32:16	Name: __gpi Value: UID=00000a0b62a86688:T=1707040381:RT=1707040381:S=ALNI_Mbw789lmDp8NUDatCtk941aF5E4fA
.adnxs.com/	1970-01-21 03:46:40	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 03:46:40	Name: IDE Value: AHWqTUm4dmcsHWd2Jr_JBmUrEV4n83a3RGubmeYFbMLEXLN-LQXuj1V-QSpN2cFKgOo
.333121.xyz/	1970-01-21 03:46:40	Name: _ga_64JWG501SB Value: GS1.1.1707040380.1.0.1707040382.58.0.0
.333121.xyz/	1970-01-21 02:56:16	Name: FCNEC Value: %5B%5B%22AKsRol_IshMrgfz1fWetuyTqGQTBeUHdu-FU4AFlmzaX5MHtJSE8ynfd16Q-9ONErYAfnPD4PSkciNFumIQpiU4pTHMDKD0Qn5bczCN_gWM3bP_XLuqraVgMi71MobdMyX7TULXnZC1_5IfYjFXFBDdP2hWFYkdq3Q%3D%3D%22%5D%5D
.adnxs.com/	1970-01-20 20:20:16	Name: XANDR_PANID Value: 9iUGLHk_R95xxboHPIuCr9jBSJQow0WgCWGP1X_hOvSRhgPbXrO8NLpDzgOrGXywOX0TyZ-3xyw3Sb3JOllloZ95SYJecEDo_PaqIScdosM.
.adnxs.com/	1970-01-20 20:20:16	Name: uuid2 Value: 267397106385952135

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Access to fetch at 'https://pwe.epochbase.com/region?siteId=www.epochtimes.com' from origin 'https://gfqw53e57wrtdwrew.333121.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://pwe.epochbase.com/region?siteId=www.epochtimes.com Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Access to XMLHttpRequest at 'https://pwe.epochbase.com/geo?ip=' from origin 'https://gfqw53e57wrtdwrew.333121.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://pwe.epochbase.com/geo?ip= Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gfqw53e57wrtdwrew.333121.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41251ea8c49dcce18c92d6f13cf29a87.safeframe.googlesyndication.com
acdn.adnxs.com
ajax.googleapis.com
analytics.google.com
apex.go.sonobi.com
colossusssp.com
d31qbv1cthcecs.cloudfront.net
fundingchoicesmessages.google.com
gfqw53e57wrtdwrew.333121.xyz
hb.minutemedia-prebid.com
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
pwe.epochbase.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
d31qbv1cthcecs.cloudfront.net
pwe.epochbase.com
108.139.47.108
151.101.1.108
173.237.69.60
185.212.57.113
2600:9000:21dd:6400:6:44e3:f8c0:93a1
2607:f350:3:2569:0:10:0:a
2607:f8b0:4004:c08::9b
2607:f8b0:4006:806::200e
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80f::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:81f::2001
2607:f8b0:4006:820::2004
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2620:116:800b:21:b08a:1dc5:659b:4055
54.85.21.46
68.67.160.24
0075e420cf5ab28e4e473a02f4df00bc9c09da5a3d3b3c86206b45f163f16c89
01b147d4ae647bb2f0013d6e6bcd930157c5111713ba36247b5ee96cbf977bae
01b6b733269d9c893dca49bb2ffde509784debf4f6950b79d116cd6ba9f393ea
02b11ca98d41146baa1ec4ca4e61c28fcda82784b32971571257ea1233726855
03d9db5d663cff74e66c161a531c3ac77d8297a7520f5df86321e37a0720bd2b
05417f5788e5c1b4f57230889c7df961b15013f115c3c14465cf5bf8b768d06d
0b244b74f681eb689659450386cf3cadca53c9611d7d0a3e2e39b6360812c5b3
0c2c30869917384de0deb1fde03f8308d26f684288fe1484c5a36088ad2aca97
0db60963071f8a9f6820d6979b98f4a620501b17bc0db21574f0ff2848357128
0defb301e0ea944103d0ea3c8d8a5ed1f43d2aea5851f1964809769bc482d62e
0e66612cb5c3e15854faa0642349d1d8f438bd2d7f3ab239170cb53abe6e5778
0edcbd1b39fe4ba598b92c95e446aa270a9da471f1e8f44458392d7ca49acddb
1373052324847a6fc9a79931da12355e39ab3294f3f773f033ee961149b962a4
14fd07d327093cd482dcf323dd0dd086bb93caa31e2838874e75b694a303be9a
15a7dbf894becd94a18c38329334acd434fbcf34321da85d408da383e31a696a
1636ebb2d83d45e93371597e5f38e2d6c1578cfe92a09e4e7d209202e42159ec
172a82282559370c8589b804c7b77fb3da0b9022791a35c307cf46e3a5c676b6
19352d23eb90d0c6b446b21446bfdeb6dc7c06b754d17f505fcf6f8df4cb1a65
1a1ec960a3de19591abac31002490cf37d41c25de15fdc63728083e1854750b1
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bdc8d7567f8dfc97084b24f2fe86f0db6ecbad840bd2340b2fcdf8dc9006e17
1e79d2402267a5e8fe92a6337ef90c36b8ab120f1c6697cc72671d92e936c6f2
1ec709a9c70d7ee9e0a06cebe1288aa688cd52476344c49145a343ac34a952b3
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
208e5d881a92d84ae1c0e296c5bafe669ec7ac8f87ede263ff5a84de441bdb55
25abc3ffee8ee9c6ee191c6c578b5ea8f04fa2fe388e74fbe56f7660119547b8
277b26f44790db0183ac0c5df20edd7ef35885883b075b28c367f2ac4b7cc711
284b09a38fcf6c30b7dec94dd070ebbabd40817026f72c150915560aa946d5fe
289607d3a3ba7d0fad07357627c485f6d46cda6540230071baaab660953ebb26
2991b9f00d1f1c62882436a630a60046647620e0d100acfb1980f81304e88678
2c13f2247ec216f0dfc6e16757a7c9e96b0e05e47a8f08e2f38a9ae099ba9c8e
2c157088392deac0fcee59363d48edc2a45b2ca56fea83dfe73573c358cc68c6
2c8b89f4ea1558eaec0058fb1ab58966eda4bdacb1efeaa49767da26b0e49265
2e6c63708752dbf7f707681c0adbebd71f71a36b59e87661548483381360e2d7
2f432263e9edb45f9067315059af9bfbeb9b2b835c54c2648da2da4e8aa188ff
2f867a99544bb377adb146ff1c58c35dc658988619609110b0c0c941dabe794a
2fc3865310007ea35b10083dd9861d82bcbf791210bdb09ce492a61ee708c263
30f1504bc57465adb3625d048fe4b5abd6b8f088009e7f622161e2aeb070da05
31dfde66f6e0748aa68bd6c4c36a21a0e1fe31cfb63e23e5dc5209138032e6f6
35ec416adfcc6936b9a466977a849b57bce0da4903bf3f2dfd395b5e08567edd
367363c39c147ff3a7b117e6611daae47bf0cc61748085585d1a04f82d8ede07
381df03b42b77bb2888e4ca76ab4306e9dd895e384bbdc8de76bca55f1cf5228
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
40c12812fda95258d129cd6a4cd0bf60d620b0df3aca7fe288ef416f69e58c3a
40dda944cb2141999936d732f521a050196fbc71e5123b47da46ec4a0b6c4d4c
42ace8d37efac5a6e1a551f11601d28a325fcf84ea7a9390091f08b39e63f86f
42d587bc1dd5457ed99b0680850f686bb29847a4f53c72f412d4a8aff8fc7f51
4595f079ac1a3346cee09b4606d200ad760955751b5c678ad1cfe9ef92153999
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476801e54431006ac7f5c4f60ddfe538a9070cba85bae93ba209daaf3c2ae768
47f881f383a9ef85be7f71da5bfecfcb3e187de1013cc5d1f3c43f672db1e593
4936eb69f6412e32a2a9415dca5407afc067346fc09d30d09e216725c9bcb2a8
4b4ca32a6d4513a2f2742fcf565439e234377c88a64b87ac4baba562f0e9ce7e
4d8b96fd8018098b2c52871632ce557c57640a4c4a2a1e1640b0ad1986834704
4eaa8438c07632380977c91cf78f0bf8e0ec73588d1a35933be3f4d488ed51cf
4ecdea5ae76466559faf6696a9b5be8c6c0e9118d7007e5f68786e3f9973413e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504f0284aaac7aa2a77927fa81ff61f926b42aee61ef75c918833ee0d0116286
509db4b2ba6af039bbe0cc9019a25e16e7b4c8faf28d056961b0885f6cf2ab4a
53ead8694434e3292e1f931031280ee25caa0deab9e8a24acc941343c9ea77c2
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
598484c8619f6d78e61448a1959c26eaaaa168259c383a992a11db762c211739
59eaa4b37a8704707b4961c9f4c8d71517334bb85e8798921c2da5f4d8a2bc29
5a0dd769f7cc6107088129b95c07e6e169be3552f85514f0a67999e8ffd77750
5c8484662f7f24ebfd5d4aac8161f3a18a7f8ace5398bf5afdad7e349cbbe038
5f63c3fb57fcaad778efe5c4f77a3f3714aedeea55dc830b0840bacac35f2395
60660bf6191b7246ad9f5784285b16dfc3f50ae9fec2e0ad9b09869ba3706271
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62302abdcbce8dcca1fd2bd9e2b7eb48d71553558f6413b7cd502b38bad7ecc1
65afe802898a31c28fe92e014c335174d8fd64205f83a6d3258bacc5c9bed2e4
662a3938c1162b17644b10519322bfb80e96896909f27734b1fa9244d7e7359c
6a5a43b6f9f8b22b3f2d15b8f75f534fd794e61d66df7e532ce45a675e2f7c32
6cf3bda025c05a7248275dedf60542d3bd626475a09725034c21094458c0f0e4
6e89c0a095e0423128863e06b21e38e3aa2c30bfe618328f4c4a9989d696af42
706db5478b9dd62ff49a9a4348b5eb9fdd87de71614ef7cab7b1f690c059b485
7904a02c69c789577edace1533e1d0d8666c4b6a68f72fb68f1cd8abf902413f
7e5cacbb7a388da3df5373cfb2706556b946399a111334e85c428780677be7fd
8247f4c31eaef5d9b2eb65b76989b0b72086a506a2388b8599d93399c2444e5f
8358ad01baf4308ccf9639e200e19ceee9eef839c1c9e50f52039b1a8d11e834
859561a660d3c6604cf1aa015f16d783d23f7fe1cebad17cb34665e6aa96b16a
8635f00d368d55d3a1ee50983c6a4d9ce4e0464d622caa52a17ebd6ed7f163b5
87be320d270680da61be5211d338dc680b09312efda467fd9f2c8476a96f6fb8
886d29de325be6cf49727207fbe27ba5d9efda4856afa710d41ffab472522862
891f9143ed15c56fc6c63dbefed1ad819ba3fc36f166bbb2f24e1dd07bc3901c
893cac2e12ab0c57ca5fedb601c96b2b202cd578c935b0366c1430cb60bdfac1
8942752de979ad99f6dfed5d8cdc3be1309a11665f29d1b1ed7ddffba5309f32
8b3303eef9339a5594bb7cb3eba6a34a1761c0f76edfd8ec408785c85aca62be
8b576dc333a9d32872d416a901b35bf531ffc330e779eed0555204d4da60b4ca
8cad82a34f022885d5b22bac4afdc0c3dd09c2c7d95e7e0e876d327e935424cc
8ed51ce32b1ad1012dce058b04c74f77abe9ceac12707e4ab604ec305c616026
8f3316d46980c2d27eaa4b8e7b3646005f2b0fba6dfca4a03e95b2cd73e1dba8
8f64f0ac15ae13ac34d815a042c2118f43c245fa8a2ec7b57249d4f78dcecce4
9608903a1ca72d8ed3e67b33cb4578ee2c7992d110a1c96883f8e648dba242fc
9c13eaf76ba825dda7263732f01864f199f4f9175e15fe574a0a0af53085298c
9c9a8c41e3d37f2d439a246839fefca0ccbc35c93429d0d01761d1a911fb6538
9d77cff093394f2786fbee7e094eabc4a6229de6f8f27fc4aa6fe78b1be61f5c
9dc9a4d13ffb75ca938a1fcd4eb9577c522734e6232e1f0c747d6a351600c908
9e85fda8c0c7540e4b32b7c91531f76915cd676b730a353f9e1eafbf97a20926
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a65acb197f3f9ba9526eb97da1d73ba15636c98d1626b67694484d6fa965c5be
ab6b785b300f0e46022b8725f32c97772eaaddffe7374ce0662a3e57dc5f3ce6
af206d2be7a405978079c4970d44291eb7105371eed3e16099993676e1c70a91
b681d802bfbf3ded05bf66fc061893e8bf1b129f278b09a47d0d718121ba3318
b86634cc020a49038dc05db52c5ba525ff9fb3ec100233d340c139a2b0daed61
b8ae7df54fba766f410b953120a948abe6213c828a431e2cbe3eb46b94b40c96
bff7a0f12d5fb9ac16d2ad056c08506c49ae1d4b9db962e26eaf12d7b71fe38c
c19d055a5e4bc09d10cbbd30c909c247fa1c9b827b7785092a8c6d1dcebfe74a
c2cf91eac95f6c162b1185664651944b26f557135793c1e8119cc58068877697
c32f2c273444cc5253baff690e39ededa3fe95e96958296d2eef4b917c17a61d
c45c8b81ccfcbc08127b74787d1b5974078756233de947986c357e28ed8f13ac
c483bd70d1e21816292e63d0e09c4b88c0738131b3aac1b1aa72a2498b4debf7
c67d435f18406d3ab150731e9193c04a5730eef9e368cd69eb01275b2b858cc3
c6db5f8b45466ef2ece903bd6be1558d23ef900cacbc342090fb3c226a643417
c94189ad106d4f44f6460455df3accaf4f390cd12cdd6b05061c07f056260e6d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cadc8afd723351aa5eac193efc00afdaf9c0aebdc8aeb8594c21686138e5084e
cc80172a4f45453a207a3831b07afa112404cf31dacd143dffe6c57a02e545a1
cd089c8a847531484bdd0f9fa8542d9c6b68b7cb8f697279fe9c710102132b25
cd720c8f1c7da1820e7f1349589ddaacdef0e20c67e61ceefd7c09bea5d34fb8
ceca67197f34f7ec6d1064515315e0130d50b0946f59f6b0a3599e0eb8532246
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d1f7b88a338e2ec55104d5c3b69c7760c7187b9bf0e8d79e932c321351978786
d3045a1e8670f9d4f455c7b45f6a550a417f2eae7ce7ad488f6e0c0e0953d017
d56af3242f58ff081448451debe4ca10a02394d53a7ea19c0162b7db2bb316b8
d6179825bd1eb7d981f3618885005e667df7901c55f65999fef867bf6ddcb364
d9983b2585679d54567804cd201e2f11a9a15b3d0ccb22ce0cef6f68fdce7604
da5056290a3e8e247073b77a761fdefde68adb1c0e1b22771461713c830c137f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45b7bfb3ff10a1556d9b08cf7f6f1f9ca9f70ccc8a72c195ace8fcd0aa2bd98
e6925fa88d374146c2bd10c396be05f7d671845d15a9a5072e45c09f2269d407
e8cbf534350e2190f34aa56f17a26015db1e60660aba8a25bd9a9ed860d8393f
ebbe9787979aae29b009b84ee5fa645ae8931985f27187f205dd32852568c75e
ecd2f46fc0b176bf20b4a32e4c4cfbb31e8216f0418b3972cff424b5c3d7acc9
ed99e545e16e2cd1e7d67b70aac5b1432324431099bce04e4ceb8bed2947044e
eef24b0333461a84329201f46868af4f76a3c2036033d7b2189a2216ba28d647
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f199a5cbdf171ae59ca19c145313a05aaccd91fcd5f5e784a2d942e4c6e45c
f2e3dfc39c96d89003bcb37bf6d9fe032d3af583001867894dabeb42e3d49e77
fa550939d722695d8e58922afdcb77f824e3b4c7b73427351bc97ec64591497e
fa870c8ca3d2142cc88da808b4bccea0e8aeafb575954de35779aea2064c14e7
fc2dc182a69cadbf77ba5001f6d02f86268c1bcfde1c3c1c596445b17ad6f304
fd0761bf8202578ec81c53e9cae37ff756ad93926f4c9cee412536d551946a72

gfqw53e57wrtdwrew.333121.xyz Open in urlscan Pro 185.212.57.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

170 Requests

96 %HTTPS

71 %IPv6

17 Domains

24 Subdomains

22 IPs

2 Countries

5537 kBTransfer

7121 kBSize

18 Cookies

70 Outgoing links

Redirected requests

170 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gfqw53e57wrtdwrew.333121.xyz Open in urlscan Pro
185.212.57.113 Public Scan

Screenshot
Live screenshot

Full Image

170
Requests

96 %
HTTPS

71 %
IPv6

17
Domains

24
Subdomains

22
IPs

2
Countries

5537 kB
Transfer

7121 kB
Size

18
Cookies

170 HTTP transactions
2 data transactions