urlscan.io logo urlscan.io
SecurityTrails logo

xanthomatous.tellrage.shop Open in urlscan Pro
2606:4700:e4::ac40:ad21  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kp...
Effective URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8N...
Submission: On December 09 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 8 domains to perform 32 HTTP transactions. The main IP is 2606:4700:e4::ac40:ad21, located in United States and belongs to CLOUDFLARENET, US. The main domain is xanthomatous.tellrage.shop.
This is the only time xanthomatous.tellrage.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

17    2606:4700:e4::ac40:ad21 (United States)

ASN13335 (CLOUDFLARENET, US)
xanthomatous.tellrage.shop
3    2607:f8b0:4006:81c::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:80d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2607:f8b0:4006:807::200a (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2607:f8b0:4006:81e::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:f8b0:4006:816::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
3    2607:f8b0:4006:80c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.ca
4    2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
17 tellrage.shop
xanthomatous.tellrage.shop
443 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 26
20 KB
4 gstatic.com
fonts.gstatic.com
155 KB
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8290
715 B
3 google.com
www.google.com — Cisco Umbrella Rank: 2
769 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 74
515 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
128 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 300
fonts.googleapis.com — Cisco Umbrella Rank: 36
8 KB
32 8
Domain Requested by
17 xanthomatous.tellrage.shop xanthomatous.tellrage.shop
5 www.google-analytics.com 2 redirects xanthomatous.tellrage.shop
4 fonts.gstatic.com fonts.googleapis.com
3 www.google.ca xanthomatous.tellrage.shop
3 www.google.com 3 redirects
3 stats.g.doubleclick.net 3 redirects
3 www.googletagmanager.com xanthomatous.tellrage.shop
www.googletagmanager.com
1 fonts.googleapis.com xanthomatous.tellrage.shop
1 ajax.googleapis.com xanthomatous.tellrage.shop
32 9

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2022-11-07 -
2023-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Frame ID: B90B1A24D0517F2DCA7993EE63972B43
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Important ED Info

Page URL History Show full URLs

  1. http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3B... Page URL
  2. http://xanthomatous.tellrage.shop/offer.php?id=319&sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g... Page URL
  3. http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

16 %
HTTPS

100 %
IPv6

8
Domains

9
Subdomains

7
IPs

1
Countries

756 kB
Transfer

1354 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU Page URL
  2. http://xanthomatous.tellrage.shop/offer.php?id=319&sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU Page URL
  3. http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • http://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABE~&jid=2081576193&gjid=1210879800&cid=862351201.1670617052&tid=UA-75114910-1&_gid=1346336018.1670617052&z=1831478641 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABE~&jid=2081576193&gjid=1210879800&cid=862351201.1670617052&tid=UA-75114910-1&_gid=1346336018.1670617052&z=1831478641
Request Chain 22
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&gjid=1210879800&_gid=1346336018.1670617052&_u=aGBAgEABE~&z=1978180739 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739 HTTP 302
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739&slf_rd=1&random=2793329536
Request Chain 26
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABE~&jid=1672908734&gjid=1126568342&cid=862351201.1670617052&tid=UA-22484186-3&_gid=1346336018.1670617052&_r=1&gtm=2oubu0&z=746326875 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_gid=1346336018.1670617052&gjid=1126568342&_v=j79&z=746326875 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875 HTTP 302
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875&slf_rd=1&random=3338519709
Request Chain 30
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABE~&jid=1957127847&gjid=1645302888&cid=862351201.1670617052&tid=UA-75114910-1&_gid=1346336018.1670617052&_r=1&gtm=2ouaa0&z=468222536 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_gid=1346336018.1670617052&gjid=1645302888&_v=j79&z=468222536 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536 HTTP 302
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536&slf_rd=1&random=149101302

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6...
xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceedd9ceee16e35a4f825148ee3096735453dcfcacc76f53e759999c83b346f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77706cbbc8a6c32c-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Dec 2022 20:17:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyRmFgYv%2B3XvlGMMnIh5n3vDEjiN5ZkFGAlVaAlY02ahM1coul5XS%2BNU1ItRjxq16XVYkJvclI1JLGRgq55P1e4EqmPO8P0l2cNeUn8tsEcQax18y80yfst%2B8uH9Hz1rq%2Ftdv90gK9DPZ%2Fn5h7hb9KocQNzqd%2BLTxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.11.0.min.js
xanthomatous.tellrage.shop/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/jquery-1.11.0.min.js
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1989
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 01 Dec 2022 18:56:20 GMT
Server
cloudflare
ETag
W/"6388f8d4-1787d"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezpS2guDhmlepJ4yFU7LeknovjeTv60p2wb0oDGem69QZs4RGel4zg7RrxI5NlUW4HZstTSynjDyGcCykIkD8Y6Iahc5vSrKPRL%2BLfI4LPBcu5JZkOLXQs4MvMZvqpLwTYlVJV9%2F3pNOzk3C0bxsxiGggnFdOJ8VEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
CF-RAY
77706cbc89f7c32c-EWR
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:17:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43593
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 20:17:31 GMT
offer.php
xanthomatous.tellrage.shop/ 		536 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/offer.php?id=319&sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81bec1a047fccfe4ed7e47fda5d2eca1e9002e558bb9eab68912fa5c601ef342

Request headers

Referer
http://xanthomatous.tellrage.shop/Kimniwkjuj/hlhl805nwojrq/9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77706cbceaadc32c-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Dec 2022 20:17:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JS2CRmbghdsA8nmmPP5WnzGtq21aP5Iysz2tOCR7sb%2BKmUvOcwWIe2YBtFZUPdxmM5hbxqzvcTf9ZIeg1RWNDBhEp96uPDfBWC9K3Fcf9DC9vP%2FgXNqP87edCXD2aQ1xc%2FuH%2BOgIJD9ixIt5b97C5IZzj7gccIa2A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request primal.php
xanthomatous.tellrage.shop/clicks/chapter2/ 		29 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7df012e383939f2ea4a28d56e9fe3e37601d25d752c8f6934230e1045e999af3

Request headers

Referer
http://xanthomatous.tellrage.shop/offer.php?id=319&sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
77706cbd9befc32c-EWR
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 09 Dec 2022 20:17:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeXYPUtDBMw4W9eIZhVI%2BFBKgkmeZ66Ee7dfdZL02s0SVNA5BgZMkKTXcy3x7Xb4MY0UZwSiC7I1FtBvOOURFtXOfkdJRcpCat8xp3OuGjno%2FAPW7cmOxLq9dMZGH%2F%2BfaCNLBetASOXxl6LC39ySpqAAHkvTswY7UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js.download
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		43 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/analytics.js.download
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-adb6"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9F3WILCqqOl16hJe7GzGxF0d%2FiGS0g2BLYi%2BK2uD21YqDcUx64aShpU1vhfEnkr5iaNC%2FNij%2FSw8dO%2BuTvyNRKrtU3JuZrefMN7U%2BJZiAU7675jGK9N66Yp%2FV%2FY%2FifpUhpWHF6cpoprfyOeZUE4xDOttY%2BjVJb2Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbe0ce6c32c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
44470
webfont.js.download
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/webfont.js.download
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-3384"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxwSKeSXdl4lnDnlPdeMc%2FU9sKJgU0A7QU34u5vUQwOuefmPbWUoYtNPfxl4clKKh8ZihM7HhDaLS1V5kPVetPLLGOCwZdnqljjg9mJfxByBB%2FlUiFOBL97Tvpg7tv%2Fcn7EmdUcqTzqkY4SKDe2QNj3lPDF%2FEducmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbeae09c32c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
13188
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4691d7e1d71a7a01245fd1ea0a1a0801891433bd92dc052d9e82df9fba54638b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43593
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 20:17:32 GMT
js
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		74 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/js
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d38d26a1add1e14de9b42f64502979610a87ced80cebe00b1ad2ea9884c7eef5

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-128c2"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI3AJKO4%2BiwaH%2BMvwZPOZYLFriRyLO0kb70MD6X3EuICeaXuv3kj7hFZyne6txWe42IXMXfhfl%2BG%2FW%2BosIBnfbcSEXh5wsVhJWjv%2FM%2Bp8L0enHJVZvNlLKj9WhuWJUzvOQX08AsRpuIcYLAAEGU6SaV4vqLpXmXTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbfbffe8c53-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
75970
bootstrap.min.css
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/bootstrap.min.css
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1855
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
W/"6388f8a6-1d970"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PZwnFA5RNnNRlAyFW9wWL%2BRz35f%2B%2BliXy0zuGDO1K7Efmb3o6m83kpEfF5Y6OOrsAIph0I6hjF%2FLv%2BA%2F80Rr0W0GD%2Bko5FMkfgVgYDzr2w0UwgOfHaZZA%2BKO9ickvnI59Wh5Jpg21A2KN4QeJZNvxjqRWTS8jr89A%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
77706cbe28b2f04d-EWR
style.css
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		168 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/style.css
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97377d1ea68205ed06ce12794feaa448011a51e91fbeb83936c55fe2959a976

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1929
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
W/"6388f8a6-2a064"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUF6SJXLSq%2Bz11b0ZUSH8%2Bm13Z4pY9Gi6sskkhL0qd7LyOEp6e%2FaDV0PP%2BZSxh05OB5G8HTK9s7ZWNCBfpH%2Fz5hBaUamksvGuyQcWOYk2QhSI8Of%2BKb15EH1c%2BrLlxmThPzmwmbK7Beb0EGbO107flua%2BuN2um4caA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
77706cbe2d5718ae-EWR
responsive.css
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/responsive.css
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4bf25e06a746d13bf1f5ee44f3a8822719f07d839eca1bb90234fa4341bff74

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1870
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
W/"6388f8a6-b9f"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NghBTf%2BsyWm7yMN5l9I1%2FWeJ%2B%2BfsMUx%2FKusAbBAqMXN2WnlLk4%2FKpSY7FG6LIt5wVSE3yl%2F7zrubY8Yy8Q9HcM9CM7oUOpUoftLNv3bn3oq12HrM1TxZPMpBzk2uHJGT7lnChBGLC35and7Dz0nHwU1TADk9cJBqwA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
77706cbe2d52e724-EWR
css
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		57 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/css
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40f49f193b6969588d09f964c039575e636cc70746c1ba63547bb3041a44bd0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-e44c"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdiwLpoVS%2F8n%2F6JJUKmuuBMvFhKHGHx%2Ftt%2FsRQteYcp6hCi0Mh0xnyYaiiypT9f2OlpAhyUiYlEcBkxOxGTv7KGSiWZyZpLWSPVIdM5%2FZ0YzPKCo2yje5loeOYm9YESn83sEDoMYMnyMlkz1%2FJrd5NO1Ry1iW%2Bn8ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbe2c7f8c6f-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
58444
jquery.min.js.download
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/jquery.min.js.download
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-14915"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMrcS1KSc5bVfNLBU1Fh%2F4EITh%2Bmm4UKLa2tsALSyv%2Bzg0CPqx4LYFnnELIWIskI7rsmMgrhwMOhEqUsM3kEB%2BF4gsRk%2FvfA65T24iDlLy91c9mWUL1e5cm8%2F8UQD0mgfxFtoBSBqTa24aQttqSotAbzQcNImpYj0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbe6d648c53-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
84245
bnc.js.download
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/bnc.js.download
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36fa02cea6f73c16145b3330a8a4f6ce32be769e689005c85025dc6b7bf232cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
CF-Cache-Status
DYNAMIC
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
"6388f8a6-659"
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27jXputk%2FI21r%2Ft8b%2Bbt7T0TSYPKOjR0HBU8T%2BXrqM0OrW58R%2BpPiXReYRtclopk38KtFwzW8ZwDIPFyjcpFB5a%2F4PR6nQOkeMEgAVC1KueqPntc%2FXP6469JFUfcUPemvJpcBBjt%2BEPuTonc7vAKkFUKeUp2x%2Fosxw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
77706cbe8dff18ae-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
1625
bnc.css
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/bnc.css
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490aac98c97955519a2ecb5ffc201468caec044aaaf5361afeeb985fdce10fe1

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:31 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1930
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
W/"6388f8a6-ca7"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S9%2BYO9ezG2ttyQxzh6rjd3TjcGph3Q%2FwmoOtel658VfdwVDxrJzFPBu4SpytWbyI321jE1cxTcfsr97xL1%2B2LXrr3vAJMh8tHRCAK7Udws4pqZ4Pi63wLvxPC8ri09xK5UNjfCHy1dUqAwiGPNzJBNWlUmw1qV6x0g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
Cache-Control
max-age=14400
CF-RAY
77706cbe2cf08c53-EWR
logo-2.png
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/logo-2.png
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bdace082b4f2976d7b6d45382c56f295f821588be20b1af3b7511db3c1c1dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1891
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
14563
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
"6388f8a6-38e3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uK7XUMWzVjXGmqwnDhGt89NIxZUrhAsqG1x0r0MiTsSCWkrY%2FnHm64%2F8G%2FycXOZhi5jJNQc4eTuE%2B%2BPkZKLjbWbQv1%2FILcxEnLVutGa9N7loRZrW%2F%2FCzCxgpZTKmOfMCQw7d6%2BKom9sJO6w59SVF5JX9RAuIxrtGA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
77706cbfb865c32c-EWR
doc3.jpg
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/doc3.jpg
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d2eec89d6a479277bdddfc9c614941b76ea7f814d83542a5c22ec1949c89f28

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1902
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
4436
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
"6388f8a6-1154"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7Ck0aBpDTJMPbGCkSJ9wagkO8PO34ud150T5%2FFCLqK4e3xkiarAEBoDyXfxoNZPzO3j94bauA5UeHCP0irnqfgvGAxGhBmKtGgbagcFRtWjZOILACOjy8t3l7bBj6PfP%2B1KKIuJX1EprftcybJB5%2BMuAr%2FkxHAYfA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
77706cbfba19f04d-EWR
yt_ed.jpg
xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/yt_ed.jpg
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2606:4700:e4::ac40:ad21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af29b2661684f1c23366e965e40ab7fb888f5e348d6ddd1ba3bb84b0bc769dae

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1920
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
52587
Last-Modified
Thu, 01 Dec 2022 18:55:34 GMT
Server
cloudflare
ETag
"6388f8a6-cd6b"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6HO%2BnO6QYYQH9tKIuJRQB0Gvlk1Lj20q7V01fMTCl2%2BsX5HoQiVVzNkyb2WIKMDSoZDZ6IqhuLw6CP24MZ8Ul2qX%2BC4Pt13S2GQ%2BgKOxIwqCBqRTWicIT%2BiyN%2B101s78zCTe9ZumW1JZX7WgtHbDBlCtfJOM6bFaA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/jpeg
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
77706cbfb8618c6f-EWR
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
HTTP/1.1
Server
2607:f8b0:4006:80d::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 08:45:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
214334
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
5437
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 07 Dec 2023 08:45:18 GMT
css
fonts.googleapis.com/ 		54 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/ed11719_files/webfont.js.download
Protocol
HTTP/1.1
Server
2607:f8b0:4006:807::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
775abdadf552ed8dee2467e7666796028773a149d6613745f1aba27a3c10c87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Fri, 09 Dec 2022 20:17:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 09 Dec 2022 20:17:32 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 09 Dec 2022 20:17:32 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 09 Dec 2022 18:34:58 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6154
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 09 Dec 2022 20:34:58 GMT
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCW...
  • https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyC...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABE~&jid=2081576193&gjid=1210879800&cid=862351201.1670617052&tid=UA-75114910-1&_gid=1346336018.1670617052&z=1831478641
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 17:28:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
10171
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEABE~&jid=2081576193&gjid=1210879800&cid=862351201.1670617052&tid=UA-75114910-1&_gid=1346336018.1670617052&z=1831478641
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ga-audiences
www.google.ca/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&gjid=1210879800&_gid=1346336018.1670617052&_u=aGBAgEABE~&z=1978180739
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739&slf_rd=1&random=2793329536
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739&slf_rd=1&random=2793329536
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=2081576193&_v=j79&z=1978180739&slf_rd=1&random=2793329536
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin
Protocol
HTTP/1.1
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://xanthomatous.tellrage.shop
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Sat, 03 Dec 2022 11:32:57 GMT
X-Content-Type-Options
nosniff
Age
549875
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
30928
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:57:39 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sun, 03 Dec 2023 11:32:57 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin
Protocol
HTTP/1.1
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://xanthomatous.tellrage.shop
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 00:35:27 GMT
X-Content-Type-Options
nosniff
Age
330125
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
44856
X-XSS-Protection
0
Last-Modified
Mon, 15 Aug 2022 18:20:18 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 06 Dec 2023 00:35:27 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-75114910-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22484186-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34b5ef7d67a35692969c58a41a549c5acaa1665e5bcd6d4109fac530ad8036d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 20:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43604
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 09 Dec 2022 20:17:32 GMT
ga-audiences
www.google.ca/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqL...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_gid=1346336018.1670617052&gjid=1126568342&_v=j79&z=746326875
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875&slf_rd=1&random=3338519709
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875&slf_rd=1&random=3338519709
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-22484186-3&cid=862351201.1670617052&jid=1672908734&_v=j79&z=746326875&slf_rd=1&random=3338519709
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin
Protocol
HTTP/1.1
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://xanthomatous.tellrage.shop
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Wed, 07 Dec 2022 11:23:47 GMT
X-Content-Type-Options
nosniff
Age
204825
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
47952
X-XSS-Protection
0
Last-Modified
Mon, 15 Aug 2022 18:22:41 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 07 Dec 2023 11:23:47 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300,300italic,regular,italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=latin,latin
Protocol
HTTP/1.1
Server
2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://xanthomatous.tellrage.shop
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date
Tue, 06 Dec 2022 19:53:39 GMT
X-Content-Type-Options
nosniff
Age
260633
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
31760
X-XSS-Protection
0
Last-Modified
Mon, 11 Jul 2022 18:54:16 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="apps-themes"
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Wed, 06 Dec 2023 19:53:39 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=671504790&t=pageview&_s=2&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c%2Fg_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU&ul=en-us&de=UTF-8&dt=Important%20ED%20Info&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUABE~&jid=&gjid=&cid=862351201.1670617052&tid=UA-22484186-3&_gid=1346336018.1670617052&gtm=2ouaa0&z=2073320708
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 04:25:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57108
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=671504790&t=pageview&_s=1&dl=http%3A%2F%2Fxanthomatous.tellrage.shop%2Fclicks%2Fchapter2%2Fprimal.php%3Fsid%3D1000375%26h%3D9uEfo5sgeEbyCWOqL...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_gid=1346336018.1670617052&gjid=1645302888&_v=j79&z=468222536
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536
  • https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536&slf_rd=1&random=149101302
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536&slf_rd=1&random=149101302
Requested by
Host: xanthomatous.tellrage.shop
URL: http://xanthomatous.tellrage.shop/clicks/chapter2/primal.php?sid=1000375&h=9uEfo5sgeEbyCWOqLJP02wnrW6SBgfZf8iQe2ybKB1c/g_D2K3Bdt8NYE4ACiBwiSZT08Kpd73GuL5mJ1Xy0lrbum7Xb0kcVfx0Yy14cS8oWkB5C8YCz37B_FXBGeJoBIDpti1PF5vkBUyvUzEPUEMumqCL55cyPD-Yk2G3LPFq_ztz7FVQR1YVoC67kH9oCv7jWTfpzcij0X6f45kMDRGNdSyH4zOxdVdLpWn3lctuTbDc_6MoGFo2PxuQ5VdBdAV-dRKdSLB7mGf0WlYt_8uU
Protocol
H2
Server
2607:f8b0:4006:80c::2003 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://xanthomatous.tellrage.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 09 Dec 2022 20:17:32 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.ca/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75114910-1&cid=862351201.1670617052&jid=1957127847&_v=j79&z=468222536&slf_rd=1&random=149101302
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| WebFontConfig function| gtag object| dataLayer function| ValidateEmail object| google_tag_data function| ga object| gaplugins object| WebFont function| $ function| jQuery function| ouibounce string| timer boolean| isBlurred string| GoogleAnalyticsObject object| gaGlobal object| gaData object| dayNames object| monthNames object| now object| google_tag_manager

5 Cookies

Domain/Path Name / Value
.tellrage.shop/ Name: _ga
Value: GA1.2.862351201.1670617052
.tellrage.shop/ Name: _gid
Value: GA1.2.1346336018.1670617052
.tellrage.shop/ Name: _gat
Value: 1
.tellrage.shop/ Name: _gat_gtag_UA_22484186_3
Value: 1
.tellrage.shop/ Name: _gat_gtag_UA_75114910_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
xanthomatous.tellrage.shop
2606:4700:e4::ac40:ad21
2607:f8b0:4004:c08::9d
2607:f8b0:4006:807::200a
2607:f8b0:4006:809::2003
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81e::200e
2bdace082b4f2976d7b6d45382c56f295f821588be20b1af3b7511db3c1c1dd2
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
34b5ef7d67a35692969c58a41a549c5acaa1665e5bcd6d4109fac530ad8036d0
36fa02cea6f73c16145b3330a8a4f6ce32be769e689005c85025dc6b7bf232cc
40f49f193b6969588d09f964c039575e636cc70746c1ba63547bb3041a44bd0d
4691d7e1d71a7a01245fd1ea0a1a0801891433bd92dc052d9e82df9fba54638b
490aac98c97955519a2ecb5ffc201468caec044aaaf5361afeeb985fdce10fe1
775abdadf552ed8dee2467e7666796028773a149d6613745f1aba27a3c10c87e
7df012e383939f2ea4a28d56e9fe3e37601d25d752c8f6934230e1045e999af3
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81bec1a047fccfe4ed7e47fda5d2eca1e9002e558bb9eab68912fa5c601ef342
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8d2eec89d6a479277bdddfc9c614941b76ea7f814d83542a5c22ec1949c89f28
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af29b2661684f1c23366e965e40ab7fb888f5e348d6ddd1ba3bb84b0bc769dae
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ceedd9ceee16e35a4f825148ee3096735453dcfcacc76f53e759999c83b346f5
d38d26a1add1e14de9b42f64502979610a87ced80cebe00b1ad2ea9884c7eef5
d97377d1ea68205ed06ce12794feaa448011a51e91fbeb83936c55fe2959a976
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4bf25e06a746d13bf1f5ee44f3a8822719f07d839eca1bb90234fa4341bff74
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c