declanbetterthenkayden.us.to Open in urlscan Pro
104.243.38.18 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://declanbetterthenkayden.us.to/
Submission: On June 11 via api (June 11th 2024, 7:38:32 pm UTC) from US — Scanned from US

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 16 domains to perform 58 HTTP transactions. The main IP is 104.243.38.18, located in Piscataway, United States and belongs to RELIABLESITE, US. The main domain is declanbetterthenkayden.us.to.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on May 24th 2024. Valid for: 3 months.

This is the only time declanbetterthenkayden.us.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	104.243.38.18 104.243.38.18	23470 (RELIABLESITE) (RELIABLESITE)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:400d:c00::5f	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::61	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::ac43:d0d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.203.55.216 52.203.55.216	14618 (AMAZON-AES) (AMAZON-AES)
8	2607:f8b0:400... 2607:f8b0:400d:c04::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::71	15169 (GOOGLE) (GOOGLE)
6	192.243.59.12 192.243.59.12	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700:20:... 2606:4700:20::681a:613	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3031::6815:46fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
58	15

15 104.243.38.18 (Piscataway, United States)

ASN23470 (RELIABLESITE, US)

declanbetterthenkayden.us.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:400d:c00::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl23231560.highcpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:d0d9 (United States)

ASN13335 (CLOUDFLARENET, US)

recordedthereby.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.55.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-55-216.compute-1.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c04::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::71 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

rutatmosphericdetriment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resignedcamelplumbing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:613 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.yourwebbars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3031::6815:46fd (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.creative-bars1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	us.to declanbetterthenkayden.us.to	204 KB
8	gstatic.com fonts.gstatic.com	403 KB
7	creative-bars1.com cdn.creative-bars1.com — Cisco Umbrella Rank: 20775	67 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	4 KB
5	rutatmosphericdetriment.com rutatmosphericdetriment.com	40 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 260	138 KB
2	recordedthereby.com recordedthereby.com — Cisco Umbrella Rank: 14363	55 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1009 cloudflareinsights.com — Cisco Umbrella Rank: 970 Failed	7 KB
1	resignedcamelplumbing.com resignedcamelplumbing.com	469 B
1	yourwebbars.com cdn.yourwebbars.com — Cisco Umbrella Rank: 44182	1 KB
1	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 15735	488 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 12717	310 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	103 KB
1	highcpmgate.com pl23231560.highcpmgate.com	16 KB
0	arc.io Failed arc.io Failed
58	16

	Domain	Requested by
15	declanbetterthenkayden.us.to	declanbetterthenkayden.us.to
8	fonts.gstatic.com	fonts.googleapis.com
7	cdn.creative-bars1.com	pl23231560.highcpmgate.com
6	fonts.googleapis.com	declanbetterthenkayden.us.to pl23231560.highcpmgate.com
5	rutatmosphericdetriment.com	pl23231560.highcpmgate.com
4	cdnjs.cloudflare.com	declanbetterthenkayden.us.to cdnjs.cloudflare.com
2	recordedthereby.com	pl23231560.highcpmgate.com rutatmosphericdetriment.com
1	resignedcamelplumbing.com
1	cdn.yourwebbars.com	pl23231560.highcpmgate.com
1	unseenreport.com
1	cloudflareinsights.com	static.cloudflareinsights.com
1	www.google-analytics.com	www.googletagmanager.com
1	proftrafficcounter.com	pl23231560.highcpmgate.com
1	www.googletagmanager.com	declanbetterthenkayden.us.to
1	pl23231560.highcpmgate.com	declanbetterthenkayden.us.to
1	static.cloudflareinsights.com	declanbetterthenkayden.us.to
0	arc.io Failed	declanbetterthenkayden.us.to
58	17

This site contains no links.

Subject Issuer	Validity	Valid
declanbetterthenkayden.us.to ZeroSSL ECC Domain Secure Site CA	`2024-05-24` - `2024-08-22`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
highcpmgate.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
recordedthereby.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
rutatmosphericdetriment.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.unseenreport.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-23` - `2024-07-22`	a year	crt.sh
creative-bars1.com GTS CA 1P5	`2024-04-15` - `2024-07-14`	3 months	crt.sh
resignedcamelplumbing.com R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://declanbetterthenkayden.us.to/
Frame ID: 4FA90745CD1CF5D77327B880BC1C4329
Requests: 37 HTTP requests in this frame

Frame: https://declanbetterthenkayden.us.to/home.html
Frame ID: 636507EE3FEA4A0C462D97AD2EBA1C2F
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800&display=swap
Frame ID: 6FAF7868EC144DAA42CF5B734840B90D
Requests: 8 HTTP requests in this frame

Frame: https://rutatmosphericdetriment.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js
Frame ID: 5845523DD8EB4F534D7260F29990D65F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) New Message!

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

58
Requests

97 %
HTTPS

64 %
IPv6

16
Domains

17
Subdomains

15
IPs

1
Countries

1040 kB
Transfer

2490 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
declanbetterthenkayden.us.to/ 8 KB
3 KB 199ms
37ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: c5a7a8955262c3c2163db961b18af97c9eeac48586a52c50d8d1f80ab04f84fb

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0
content-encoding: gzip
content-length: 2851
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 19:38:26 GMT
etag: W/"21c1-18f4571b16c"
last-modified: Sat, 04 May 2024 21:10:29 GMT
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

GET widget.min.js
arc.io/ 0
0

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ 82 KB
15 KB 158ms
65ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 428220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14850
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-3a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHHpM7sfTpzmpnEDMrmoflgTlZKnhAVFUAe3vpyBUN3kImjTwNjmIkfMu1yWuu3hM5elHBAEF00bQq9HqiRxucVc8Fkw1W%2B9IFbZNa3J45E%2B8iuTKXDDPt6n1cdDIHbKgFsjrzrLWGhDpaJ4TJa99T%2Fj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89240fbebbf741d9-EWR
expires: Sun, 01 Jun 2025 19:38:27 GMT

GET
H2 200 index.css
declanbetterthenkayden.us.to/CSS/ 7 KB
2 KB 64ms
60ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/CSS/index.css
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 3b4c2dd9257f70efceebd0888ca63832fbddb6e9a4582acf07843960ae4d10f7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 22:28:37 GMT
server: Caddy
etag: W/"1d82-18ee906c02b"
x-powered-by: Express
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
alt-svc: h3=":443"; ma=2592000
content-length: 1778

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
1 KB 192ms
55ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 18:52:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:27 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 260ms
94ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89240fc0bf160f59-EWR

GET
H2 200 themes.js Show response
declanbetterthenkayden.us.to/settings/js/ 3 KB
849 B 63ms
61ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/settings/js/themes.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:26 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
etag: W/"bcb-18ee8ff966b"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
alt-svc: h3=":443"; ma=2592000
content-length: 748

GET
H3 200 uv.bundle.js Show response
declanbetterthenkayden.us.to/uv/ 658 KB
187 KB 35ms
35ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/uv/uv.bundle.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Apr 2024 11:07:26 GMT
server: Caddy
x-powered-by: Express
etag: W/"a472e-18f0fc9fadc"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H3 200 uv.config.js Show response
declanbetterthenkayden.us.to/uv/ 298 B
449 B 36ms
35ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/uv/uv.config.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
x-powered-by: Express
etag: W/"12a-18ee8ff9673"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 298

GET
H3 200 register-sw.js Show response
declanbetterthenkayden.us.to/ 699 B
547 B 36ms
34ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/register-sw.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
etag: W/"2bb-18ee8ff966b"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-length: 373

GET
H2 200 index.js Show response
declanbetterthenkayden.us.to/settings/js/ 341 B
390 B 72ms
70ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/settings/js/index.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 19d6b3810c0f606b9d7d847180b245d897fcb667d3b9bfc775fa78ff9666f44e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:26 GMT
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
etag: W/"155-18ee8ff966b"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 341

GET
H2 200 nowgg.js Show response
declanbetterthenkayden.us.to/ 274 B
351 B 71ms
69ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/nowgg.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 11e19bd49b54a09934336612f203c8f6c9bc23ac7da7778c422671fe8ef9ac84

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:26 GMT
last-modified: Sat, 04 May 2024 21:13:11 GMT
server: Caddy
etag: W/"112-18f45742658"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 274

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
685 B 234ms
98ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Comfortaa&display=swap

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 19:12:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:27 GMT

GET
H3 200 search.js Show response
declanbetterthenkayden.us.to/ 845 B
593 B 36ms
35ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/search.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: be2a8bf5db842bb931e40fd680631bf9efc757caaa07982ee782ce3730188c2c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
last-modified: Sat, 04 May 2024 21:10:29 GMT
server: Caddy
x-powered-by: Express
etag: W/"34d-18f4571b16c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-length: 419

GET
H2 200 css2
fonts.googleapis.com/ 696 B
538 B 232ms
97ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2113beb0ff5e7b65f4cd0c030f0b77220300dc4910cb0b4d0d1f8da550428cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 19:38:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:27 GMT

GET
H3 200 options.js Show response
declanbetterthenkayden.us.to/ 2 KB
867 B 37ms
35ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/options.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 562d4d5cb800629b867db8e70e5abf29e425c6649602e7508ed8eb8eab04f3c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Apr 2024 11:07:18 GMT
server: Caddy
x-powered-by: Express
etag: W/"615-18f0fc9dc39"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
content-length: 690

GET
H/1.1 200
OK 4328e5906625dfebca3d9c34182fd950.js Show response
pl23231560.highcpmgate.com/43/28/e5/ 44 KB
16 KB 475ms
40ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

4ec6db0491dc8ca10262e627fd8a4cd20562e5ad1f687a4ccea9042c9133d5c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 19:38:27 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: d6cf6321d27bfedb89ebe27edeb8367a
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 230ms
64ms Script
application/javascript 2607:f8b0:400d:c0e::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88e0638be745d0749ce0b8424c8875bd3d8dad87de7c6bb6116aa5d845857dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104743
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 11 Jun 2024 19:38:27 GMT

GET
H2 200 tab.js Show response
declanbetterthenkayden.us.to/ 15 KB
4 KB 69ms
69ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/tab.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: c5e71da3dbc647b725d8b39fa5bc993ccd311b4102c40ead2f3a764de4ed74c4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:26 GMT
content-encoding: gzip
last-modified: Wed, 01 May 2024 17:29:18 GMT
server: Caddy
etag: W/"3d10-18f35341a7b"
x-powered-by: Express
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
alt-svc: h3=":443"; ma=2592000
content-length: 3716

GET
H3 200 sfp.js Show response
recordedthereby.com/ 83 KB
28 KB 241ms
99ms Script
application/javascript 2606:4700:3033::ac43:d0d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d0d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: 3d63b25a9659b6d29edc442428cf3192
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fD5qFAdgY1OzkPIQ9q2XLrbiP6jXmLPwVD7U3XUHFtXy7QYa6Z03cNwDgsBifyx7jVueD0CjEv10i63abY3sf8FmSRUjQjrEOz6wLvjUQPi%2BtFZPVp12QR4VfqC%2FgnFWMFZ%2BEGaC7I8aPZIyzl9WJadd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 89240fc2291743d4-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
310 B 199ms
86ms XHR
text/html 52.203.55.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.55.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-55-216.compute-1.amazonaws.com
Software: fasthttp /
Resource Hash: 126a1a38652e29dc71c732ab4b87dc826502d803127a2dcd049f4b78f5786228

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://declanbetterthenkayden.us.to
date: Tue, 11 Jun 2024 19:38:27 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 217ms
59ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:12:38 GMT
x-content-type-options: nosniff
age: 411949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:12:38 GMT

GET
H2 200 kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v192/ 354 KB
355 KB 234ms
77ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v192/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzazHD_dY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCdHOej.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,500,1,0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c6b7edb14bdb9c2ad3bf9aee3c106e7ffe52dedd0e73dcbec3c32071a8a2b32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 10:05:48 GMT
x-content-type-options: nosniff
age: 379959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362764
x-xss-protection: 0
last-modified: Tue, 04 Jun 2024 15:41:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 10:05:48 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ 122 KB
123 KB 189ms
74ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1724404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125064
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-1e888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NR7q%2FRyV4tQCR8L1NvOeBNjvvt8sWOerH4%2Fg%2FcrchYUkCTOipPWmkPQnF4EFk%2FkS%2BV5bFJHDeL649WPvI7SFE%2F6O%2BJJu6v21SRp%2FxqKjTVTYAxyTJ0Qe6xp5r6FzDcfeLXNs9VwpWIEuSw1kxzCuNo4j"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89240fc22a095e7c-EWR
expires: Sun, 01 Jun 2025 19:38:27 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 209ms
61ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:15:34 GMT
x-content-type-options: nosniff
age: 411773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:15:34 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 317ms
88ms Fetch
text/plain 2607:f8b0:400d:c04::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NCTSG4T1B6&gtm=45je46a0v9138172222za200&_p=1718134707386&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=806170800.1718134708&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718134707&sct=1&seg=0&dl=https%3A%2F%2Fdeclanbetterthenkayden.us.to%2F&dt=Shadow%20Browser&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1084&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCTSG4T1B6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::71 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 11 Jun 2024 19:38:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://declanbetterthenkayden.us.to
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sbar.json Show response
rutatmosphericdetriment.com/ 12 KB
8 KB 530ms
326ms XHR
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rutatmosphericdetriment.com/sbar.json?key=4328e5906625dfebca3d9c34182fd950&uuid=4324f842-3058-49a8-a893-e5611dd2c890%3A3%3A1

Requested by

Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

cd2fcd28a1e89618f5cd7b07698c8ddf492ad780991c993a8e90767ef665c640

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 19:38:28 GMT
Custom-Referer: https://declanbetterthenkayden.us.to
Content-Encoding: gzip
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
X-Request-ID: fdf088b80a361f6a708c3e629c984a0f
Pragma: no-cache
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://declanbetterthenkayden.us.to
Cache-Control: no-cache, max-age=0, private, no-cache
Access-Control-Allow-Credentials: true
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 home.html Show response
declanbetterthenkayden.us.to/ Frame 6365 2 KB
1 KB 44ms
43ms Document
text/html 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/home.html
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/tab.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: cd282db522c4f4e29ba04765635f6bb563d6f47af704e6b40e544ff5a617e60a

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://declanbetterthenkayden.us.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: public, max-age=0
content-encoding: gzip
content-length: 855
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 19:38:28 GMT
etag: W/"7b6-18ee8ff9667"
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

POST rum
cloudflareinsights.com/cdn-cgi/ 0
0

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 185ms
80ms Preflight
text/plain 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://declanbetterthenkayden.us.to
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://declanbetterthenkayden.us.to
access-control-max-age: 86400
cf-ray: 89240fc6ec84c436-EWR
content-encoding: gzip
content-type: text/plain
date: Tue, 11 Jun 2024 19:38:28 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ Frame 6365 82 KB
0 1ms
1ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/home.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 428220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14850
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-3a02"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mHHpM7sfTpzmpnEDMrmoflgTlZKnhAVFUAe3vpyBUN3kImjTwNjmIkfMu1yWuu3hM5elHBAEF00bQq9HqiRxucVc8Fkw1W%2B9IFbZNa3J45E%2B8iuTKXDDPt6n1cdDIHbKgFsjrzrLWGhDpaJ4TJa99T%2Fj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89240fbebbf741d9-EWR
expires: Sun, 01 Jun 2025 19:38:27 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6365 9 KB
955 B 68ms
66ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Comfortaa:wght@400;700&display=swap

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/home.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b156ee313d0c32611786408bf962f9d865e05f19fc1ba22fe691050a7d1668c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 19:38:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:28 GMT

GET
H3 200 home.css
declanbetterthenkayden.us.to/CSS/ Frame 6365 2 KB
870 B 32ms
31ms Stylesheet
text/css 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/CSS/home.css
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/home.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 532204bc9378e635bcff32befbb48fc6ff39bde0503ee8c12d54dd94f51dd770

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/home.html
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
x-powered-by: Express
etag: W/"7d2-18ee8ff9663"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
content-length: 703

GET
H2 200 themes.js Show response
declanbetterthenkayden.us.to/settings/js/ Frame 6365 3 KB
114 B 31ms
30ms Script
application/javascript 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/settings/js/themes.js
Requested by: Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/home.html
Protocol: H2
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/home.html
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
x-powered-by: Express
etag: W/"bcb-18ee8ff966b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 748

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
488 B 193ms
76ms Image
image/gif 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://unseenreport.com/pxf.gif?uuid=4324f842-3058-49a8-a893-e5611dd2c890&eb=83e462e23192fc7c3153bac4ecae45d6&te=dd517a29b88192638b87aee5fed0ffe8&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=4328e5906625dfebca3d9c34182fd950&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=9

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 19:38:28 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: fd38f93f2cecd4d0481616af59bf76a4
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6365 2 KB
498 B 72ms
72ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Requested by

Host: declanbetterthenkayden.us.to
URL: https://declanbetterthenkayden.us.to/CSS/home.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bec178028692f94f6e52c4310e6fb58da4b5dca8e168c3dd6770e7d61f065e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 18:55:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:28 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 6365 8 KB
0 1ms
0ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:15:34 GMT
x-content-type-options: nosniff
age: 411773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:15:34 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ Frame 6365 8 KB
0 1ms
1ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:12:38 GMT
x-content-type-options: nosniff
age: 411949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:12:38 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ Frame 6365 122 KB
0 1ms
1ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/all.min.css
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1724404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 125064
last-modified: Mon, 22 Nov 2021 21:02:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "619c057b-1e888"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NR7q%2FRyV4tQCR8L1NvOeBNjvvt8sWOerH4%2Fg%2FcrchYUkCTOipPWmkPQnF4EFk%2FkS%2BV5bFJHDeL649WPvI7SFE%2F6O%2BJJu6v21SRp%2FxqKjTVTYAxyTJ0Qe6xp5r6FzDcfeLXNs9VwpWIEuSw1kxzCuNo4j"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89240fc22a095e7c-EWR
expires: Sun, 01 Jun 2025 19:38:27 GMT

GET
H2 200 index.html Show response
cdn.yourwebbars.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/ 3 KB
1 KB 318ms
203ms XHR
text/html 2606:4700:20::681a:613
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.yourwebbars.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/index.html
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:613 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8253bc972c529df7bb152a69b9d3fcebda16cadffe75922249f550ad77bdfd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uOrX8LchRCPVlXxL00Sk0kLUhCA1f7haa4dEDVN3ASvng2GTuEcNHk0roIcbmsIQY0nQ1Rz83VkIYJOOe9ypYuIkY%2Be0Rd6vKo7%2Bdn%2F7J2jUS6%2BXZUBInurYwTHF5cQdME6XHgxI8VEB7CSfBCzcpzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fc869cc41e3-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ren.gif
rutatmosphericdetriment.com/ 7 B
733 B 65ms
65ms Image
image/gif 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rutatmosphericdetriment.com/ren.gif?sid=H4sIAAAAAAAC%2F1xSz4scRRSungQ8iBE9CVHog2AC2UlP%2F5jtMYf8NLrkh0s2yeJFrO6qni2nu6qpqp7eLB6CQclxUBFv9n6TZKNGUYgHBVFmvS0Ijqc9uP4HIngSPMjsLiz46vC9eu97UN9X7%2F31aof4qOi2uqLWRJ7Tk1Hbc48tC8lUbdyr192O1%2FZOuctCdsNT7mo3PO6eLcucL%2FPkkrAno2C%2BHXTdY5deu37l8gk3FwPuvsrTgTrunl%2FRquAnO37U9mbHXaIZ1WJ%2FBKL8yvfith%2F57dhr%2B50Qq%2Fr%2FFVM5MNQBG%2B6QZyHY9MjHG59CpBPI4usL3AysKk%2B8UlQ5tUpjyDZuyIFUtURxkGbaQSY39tlQZkrIJy0oubEvEmp4byYSiZiS1hO3kMgHe29HMhx3%2FAhJDi6RsCdRDyfg%2BQSCTpCqOxDsV%2FIHUoYbS5DFlzeksJy5S5ZabvZIdEaakhaPIOo9lMV3N7kWa0q6C9JyLbl1l7geipQbrGYNxOoEoj9BWW3Crv0LUW8ite9CsF%2FI1bPvQRYPr%2FLafUPpAQTbfjEM%2FDCLQ38u8KJ4LuzReI7GvWCOR91OhzE%2FjXvermtCTCCyCXI%2BAjWHUBkHlXBQZQ6q0kHBtl2WzgdxwL0k63qU0jCLPS%2BgXhz63XA%2B4vOo0pmkEWw5QpqPkOrbKPVtDMQIuvoJZqWBYQ6MJRiyBjUnqA1BTQlqQVBbgnrY3Ge58U3zgOWmSjr76O9j0IyV7a%2FT%2B8r2uSSgegTNmvVyhzwz89N56%2B9vMeDbbhj4MY96XrfrRyzjSUoD1kuDsBP7GetFHoxoIEwL1DhYE1Py8ql%2FUIopef4pHwndhMk3kYpDoNULoHUDutJgTT7qK7NCmarbklsw1aC0h2FvOev5Djm6%2B6OL5Ch4unXm%2BJGbh5%2F7sEKqG5S6wdviZ4J%2Bfnd8TdXk3jVVG%2FLN66UVhVijVii5uxyHP7%2FEb9VKs4ULZvTZ2XTWmKWPrnNjL1PJhOwb8sU5wRjXF5VOOflhwSzzZLEyK%2BcqLavy8uL5iwtFqbkxQskJqJgSx%2FSQiil5%2Bvf13W0%2B8fAjCD2BrhoU1RbZDwi1ibS8DVNunXnp%2Bzej0%2B%2F8CaMIdH7ASUoHddWMtZ8cFHNBkPODO00aGH5gQsK3fvxrrzfWdDZNRbNu7qKvW6D2DmTRYKgbDPMGNB%2FBVIfGttRbp38LdgNJ3honuW7dS3Kdf7Br85QsPqYwYtuNOtTvdqL5LOyEPdaLup3Q8%2BbTOGK8y7nvwZpptrLx%2BD8AAAD%2F%2FwEAAP%2F%2FLdPnutcEAAA%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 19:38:28 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: fb7d780aa78eca8db2cd5e450e0b375f
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 favicon-32x32.png
declanbetterthenkayden.us.to/favicon/ 3 KB
3 KB 36ms
33ms Other
image/png 104.243.38.18
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: https://declanbetterthenkayden.us.to/favicon/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.243.38.18 Piscataway, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 92344ceedb50e5b8a188ecd8a50ce83b972ba42540ac7e3dfb9aa641c2f961d4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
last-modified: Tue, 16 Apr 2024 22:20:48 GMT
server: Caddy
etag: W/"b50-18ee8ff9667"
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 2896

GET
H3 200 style.css Show response
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/css/ 3 KB
1 KB 279ms
186ms XHR
text/css 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/css/style.css
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bc401effb2cfdd1d6c64950740c7ec0c10ddb35162a6659d8508bd35faec777

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: W/"65aa84fc-da1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i9do4nPhncBVPuONquw%2BsfwijUC2OMWq5pKGrye%2BNPWwYGVimUKEVPrzEnxVmdT19Cp8IGLWgBERQKkntRl45fJMi4p%2BOF3eAalhiP8nm3VFB5xsxMoX95q%2BaKAGUY1dI16NFFf%2Bfi6PBjLkujef2sc8qngS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fca5cbc43ad-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 animate.css Show response
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/css/ 77 KB
5 KB 247ms
155ms XHR
text/css 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/css/animate.css
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: W/"65aa84fc-13365"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joR3%2FEFpCVuRCZHdDW%2BCVsh%2FfxmK2%2BNa%2FBf0MR7X1vIVV9ICv1ncBQvjmt3vwLWw9OXsh%2F7ld2X%2BDR2aPcdsA9BydREFdaoCjLiPzwnvlVXvYBB%2BSYhj9MtTnjMoMkyR3zcNyC029STRmlzte2UE5KSAx89d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fca5cbb43ad-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 6FAF 13 KB
722 B 54ms
53ms Stylesheet
text/css 2607:f8b0:400d:c00::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800&display=swap

Requested by

Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

604a4d57732202f227633b862f3c237dc29e21fc33630af550d422ff2266ca19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 19:38:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 19:38:28 GMT

GET
H3 200 close.png
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/ Frame 6FAF 12 KB
13 KB 255ms
177ms Image
image/png 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/close.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cead1002bb2a8ef60efc22804d0ef0596b9e19a7362d40cde2d5a3a7c6b83668

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7785661
alt-svc: h3=":443"; ma=86400
content-length: 12752
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: "65aa84fc-31d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=thVVgoOCiWIzMgFg4AGBgLBCblIpMBGMdfFovD2WLbm3fT7T721I87O7Cfk%2FEY74mgkDCG%2BYoUPij732DAEHOtIIoKXgaNJMNyojl6LG9i9LQGGxWKcKRicVYQ9B0vHCFbGi%2FT06u4U%2BRdj%2FDgOk57aTtLby"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 89240fcaed680f6f-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 NoAds.svg
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/ Frame 6FAF 33 KB
10 KB 147ms
70ms Image
image/svg+xml 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/NoAds.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af15a279f66db065537f4b24c6e8a484cc4f0090f592b718ce6bb3a8a9c41fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5656592
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: W/"65aa84fc-8349"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xZFSkc5sBVMICwLkQLmrmfvExEZA2xVcCXsF0mpL05gc7gHjEjVQLf%2Br%2F15O%2BTP2zIjmzIg1DhxrMNfu3IJhX1lzSm0OA2FEUUJKHw%2BotN1BKi9iXCircdVURAf2Y2XJI%2BpY9AHoIfeWV%2BsGYaKe90t%2FkdQh"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fcaed610f6f-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 checkmark.png
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/ Frame 6FAF 2 KB
3 KB 145ms
68ms Image
image/png 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/img/checkmark.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4098310e1ea597224425c04ac5cfa615a28cd5cabdb3d5e739730e9d3f63aa26

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7785661
alt-svc: h3=":443"; ma=86400
content-length: 2185
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: "65aa84fc-889"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KBBwKBrPMfwcPmZ0CJJA8YI%2Btb9jJnUNOeMZXQqE9IDBJXaa5UAPnL2ke%2BHR%2BUXZTWY7xUobKsjM3LhEdunMaDmtEd9WCMZysqDi7AkEvm4S6TnBO7OaZ4Z9N2yyamOm0CcMrYajU%2F%2FnXvEo8t7iNVyWJY9z"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 89240fcaed640f6f-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.min.js Show response
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/js/ Frame 6FAF 87 KB
32 KB 245ms
169ms Script
application/javascript 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/js/jquery.min.js
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7790504
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: W/"65aa84fc-15d94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWuVfriD8Hek6JI%2Ff8a9CITMHvSsbSx3YPydq40sna8D5wp0g6xzv2Zs1N4d8LUR3GhD6crAuFTec5pmb4wMTpYnyd1dglpcGbVFs3WAQ%2Bw3%2BwwSEuDDjL53eD9lPiHCqIt3AD5Kg3XJzq53Q8iW%2Bf2eWyJE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fcaed630f6f-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 5e05f0069e14bdb1ee01505e74a8e579.js Show response
rutatmosphericdetriment.com/5e/05/f0/ Frame 5845 82 KB
31 KB 99ms
99ms Script
application/javascript 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rutatmosphericdetriment.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js

Requested by

Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

6ec28ebbef81da8887bfd50a6ff4308e6c0c96faa0decde8970b2072a5ec4dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 19:38:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
X-Request-ID: f8febd0e8e97f43d37e8040d1c12474e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 script.js Show response
cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/js/ 4 KB
2 KB 142ms
141ms XHR
application/javascript 2606:4700:3031::6815:46fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.creative-bars1.com/sb/interstitial/addon/multi/daily_guard/big_custom/2/js/script.js
Requested by: Host: pl23231560.highcpmgate.com
URL: https://pl23231560.highcpmgate.com/43/28/e5/4328e5906625dfebca3d9c34182fd950.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:46fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e5ff3091ae93cc3c625cbed8e9bbbd436fcfddaeffe6a4b8b445cdd2ebec38

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Jan 2024 14:19:40 GMT
server: cloudflare
etag: W/"65aa84fc-10d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sA2kA7pJ0O1ZDXTlSl78OyJ%2BDSZ7ob31QGB8BDVNtuQGMGwAnO3qcVm8Lfi%2FPcC4wQSz5lkmmnvnx%2BjXkx4coTTUkUTKAAq8R7hKL6snGphsdvquc5BI%2Bzo6LM4NaspqXgiytAKV3oX35VvWOD9k%2F4zdrLam"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
cache-control: public, max-age=315360000
cf-ray: 89240fcc8f8f43ad-EWR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 sfp.js Show response
recordedthereby.com/ Frame 5845 83 KB
27 KB 72ms
72ms Script
application/javascript 2606:4700:3033::ac43:d0d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://recordedthereby.com/sfp.js

Requested by

Host: rutatmosphericdetriment.com
URL: https://rutatmosphericdetriment.com/5e/05/f0/5e05f0069e14bdb1ee01505e74a8e579.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:d0d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 19:38:29 GMT
strict-transport-security: max-age=0; includeSubdomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400
x-request-id: 0fb6c4324fa6429360a9a94724c476f8
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUyeLBHhvPzf1k%2F6Vwgaylixn%2BGfXrlVf1Q7r4DafUdriF8MtebMDWg9SCbCfeHq7ou2LDz%2FM94CDDWEP8BUaRCOH9ROlrsJ7ILp6ZEzqH%2BoycLXcxFCdUskoefj1Cjlt9VcfK6SGY9yKUGUp9BIlHH6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, max-age=0, private, no-cache
cf-ray: 89240fcd1ecb43d4-EWR
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK purst
resignedcamelplumbing.com/pixel/ Frame 5845 0
469 B 232ms
81ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://resignedcamelplumbing.com/pixel/purst?dl=0&th=0&sc=0&rs=181.79999923706055&rd=181.79999923706055&fd=176.69999980926514&bv=24.5.8221&tmpl=136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 19:38:29 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK impr.gif
rutatmosphericdetriment.com/ 7 B
733 B 168ms
167ms Image
image/gif 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rutatmosphericdetriment.com/impr.gif?sid=H4sIAAAAAAAC%2F1xSz4scRRSungQ8iBE9CVHog2AC2UlP%2F5jtMYf8NLrkh0s2yeJFrO6qni2nu6qpqp7eLB6CQclxUBFv9n6TZKNGUYgHBVFmvS0Ijqc9uP4HIngSPMjsLiz46vC9eu97UN9X7%2F31aof4qOi2uqLWRJ7Tk1Hbc48tC8lUbdyr192O1%2FZOuctCdsNT7mo3PO6eLcucL%2FPkkrAno2C%2BHXTdY5deu37l8gk3FwPuvsrTgTrunl%2FRquAnO37U9mbHXaIZ1WJ%2FBKL8yvfith%2F57dhr%2B50Qq%2Fr%2FFVM5MNQBG%2B6QZyHY9MjHG59CpBPI4usL3AysKk%2B8UlQ5tUpjyDZuyIFUtURxkGbaQSY39tlQZkrIJy0oubEvEmp4byYSiZiS1hO3kMgHe29HMhx3%2FAhJDi6RsCdRDyfg%2BQSCTpCqOxDsV%2FIHUoYbS5DFlzeksJy5S5ZabvZIdEaakhaPIOo9lMV3N7kWa0q6C9JyLbl1l7geipQbrGYNxOoEoj9BWW3Crv0LUW8ite9CsF%2FI1bPvQRYPr%2FLafUPpAQTbfjEM%2FDCLQ38u8KJ4LuzReI7GvWCOR91OhzE%2FjXvermtCTCCyCXI%2BAjWHUBkHlXBQZQ6q0kHBtl2WzgdxwL0k63qU0jCLPS%2BgXhz63XA%2B4vOo0pmkEWw5QpqPkOrbKPVtDMQIuvoJZqWBYQ6MJRiyBjUnqA1BTQlqQVBbgnrY3Ge58U3zgOWmSjr76O9j0IyV7a%2FT%2B8r2uSSgegTNmvVyhzwz89N56%2B9vMeDbbhj4MY96XrfrRyzjSUoD1kuDsBP7GetFHoxoIEwL1DhYE1Py8ql%2FUIopef4pHwndhMk3kYpDoNULoHUDutJgTT7qK7NCmarbklsw1aC0h2FvOev5Djm6%2B6OL5Ch4unXm%2BJGbh5%2F7sEKqG5S6wdviZ4J%2Bfnd8TdXk3jVVG%2FLN66UVhVijVii5uxyHP7%2FEb9VKs4ULZvTZ2XTWmKWPrnNjL1PJhOwb8sU5wRjXF5VOOflhwSzzZLEyK%2BcqLavy8uL5iwtFqbkxQskJqJgSx%2FSQiil5%2Bvf13W0%2B8fAjCD2BrhoU1RbZDwi1ibS8DVNunXnp%2Bzej0%2B%2F8CaMIdH7ASUoHddWMtZ8cFHNBkPODO00aGH5gQsK3fvxrrzfWdDZNRbNu7qKvW6D2DmTRYKgbDPMGNB%2FBVIfGttRbp38LdgNJ3honuW7dS3Kdf7Br85QsPqYwYtvlEc88L6LePO1FkReELPID5sU07rEu68awZpqtbDz%2BDwAA%2F%2F8BAAD%2F%2F2iAJuTXBAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2024 19:38:29 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: no-cache, max-age=0, private, no-cache
Connection: keep-alive
Content-Length: 7
X-Request-ID: eb27df284b29f8730300307ceef242df
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK sbs
rutatmosphericdetriment.com/pixel/ 0
469 B 284ms
115ms Image
text/plain 192.243.59.12
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rutatmosphericdetriment.com/pixel/sbs?c=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://declanbetterthenkayden.us.to/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 19:38:29 GMT
Server: nginx/1.19.5
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 6FAF 32 KB
32 KB 173ms
172ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:32:27 GMT
x-content-type-options: nosniff
age: 410762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:32:27 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 6FAF 32 KB
0 172ms
172ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:32:27 GMT
x-content-type-options: nosniff
age: 410762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:32:27 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 6FAF 32 KB
0 173ms
173ms Font
font/woff2 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;400;500;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://declanbetterthenkayden.us.to
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:32:27 GMT
x-content-type-options: nosniff
age: 410762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:32:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: arc.io
URL: https://arc.io/widget.min.js

Domain: cloudflareinsights.com
URL: https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 06:51:34	Name: uid_id2 Value: 4324f842-3058-49a8-a893-e5611dd2c890:3:1
declanbetterthenkayden.us.to/	1970-01-20 21:25:39	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 4324f842-3058-49a8-a893-e5611dd2c890%3A3%3A1
.us.to/	1970-01-21 06:51:34	Name: _ga Value: GA1.1.806170800.1718134708
.us.to/	1970-01-21 06:51:34	Name: _ga_NCTSG4T1B6 Value: GS1.1.1718134707.1.0.1718134707.0.0.0
declanbetterthenkayden.us.to/	1970-01-20 21:15:38	Name: sb_page_4328e5906625dfebca3d9c34182fd950 Value: 1
declanbetterthenkayden.us.to/	1970-01-20 21:15:38	Name: sb_main_4328e5906625dfebca3d9c34182fd950 Value: 1
declanbetterthenkayden.us.to/	1970-01-20 21:15:38	Name: sb_count_4328e5906625dfebca3d9c34182fd950 Value: 1
declanbetterthenkayden.us.to/	1969-12-31 23:59:59	Name: sb_onpage_4328e5906625dfebca3d9c34182fd950 Value: 1
rutatmosphericdetriment.com/	1970-01-20 21:17:01	Name: u_pl Value: 23131061
rutatmosphericdetriment.com/	1970-01-20 21:25:39	Name: uid_id2 Value: 4324f842-3058-49a8-a893-e5611dd2c890:3:1
rutatmosphericdetriment.com/	1970-01-20 21:17:01	Name: pdhtkv Value: true
rutatmosphericdetriment.com/	1970-01-20 21:17:01	Name: uncs Value: 1
rutatmosphericdetriment.com/	1970-01-20 21:17:01	Name: pdhtkv29 Value: true
rutatmosphericdetriment.com/	1970-01-20 21:17:01	Name: uncs29 Value: 1
rutatmosphericdetriment.com/	1970-01-20 21:15:34	Name: slec4328e5906625dfebca3d9c34182fd950 Value: [5242907,5289057]
declanbetterthenkayden.us.to/	1970-01-20 21:15:34	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: rutatmosphericdetriment.com

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://arc.io/widget.min.js#KWAdRVLN Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://declanbetterthenkayden.us.to/ Message: Access to XMLHttpRequest at 'https://cloudflareinsights.com/cdn-cgi/rum' from origin 'https://declanbetterthenkayden.us.to' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://cloudflareinsights.com/cdn-cgi/rum Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://declanbetterthenkayden.us.to/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

arc.io
cdn.creative-bars1.com
cdn.yourwebbars.com
cdnjs.cloudflare.com
cloudflareinsights.com
declanbetterthenkayden.us.to
fonts.googleapis.com
fonts.gstatic.com
pl23231560.highcpmgate.com
proftrafficcounter.com
recordedthereby.com
resignedcamelplumbing.com
rutatmosphericdetriment.com
static.cloudflareinsights.com
unseenreport.com
www.google-analytics.com
www.googletagmanager.com
arc.io
cloudflareinsights.com
104.243.38.18
192.243.59.12
192.243.59.20
192.243.61.227
2606:4700:20::681a:613
2606:4700:3031::6815:46fd
2606:4700:3033::ac43:d0d9
2606:4700::6810:4f49
2606:4700::6811:180e
2607:f8b0:400d:c00::5f
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c04::71
2607:f8b0:400d:c0e::61
52.203.55.216
0af15a279f66db065537f4b24c6e8a484cc4f0090f592b718ce6bb3a8a9c41fb
11e19bd49b54a09934336612f203c8f6c9bc23ac7da7778c422671fe8ef9ac84
126a1a38652e29dc71c732ab4b87dc826502d803127a2dcd049f4b78f5786228
19d6b3810c0f606b9d7d847180b245d897fcb667d3b9bfc775fa78ff9666f44e
2113beb0ff5e7b65f4cd0c030f0b77220300dc4910cb0b4d0d1f8da550428cf0
3b4c2dd9257f70efceebd0888ca63832fbddb6e9a4582acf07843960ae4d10f7
3f6e8efb65dff0486271d787d60be7d84387c203bebd36159794e6e2c28c31f3
4098310e1ea597224425c04ac5cfa615a28cd5cabdb3d5e739730e9d3f63aa26
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b
4bc401effb2cfdd1d6c64950740c7ec0c10ddb35162a6659d8508bd35faec777
4e23a6449e6ef4614f0107cecf5c9eda75d2041c7c71f4a55d45f2a7e75450f4
4ec6db0491dc8ca10262e627fd8a4cd20562e5ad1f687a4ccea9042c9133d5c0
532204bc9378e635bcff32befbb48fc6ff39bde0503ee8c12d54dd94f51dd770
562d4d5cb800629b867db8e70e5abf29e425c6649602e7508ed8eb8eab04f3c5
604a4d57732202f227633b862f3c237dc29e21fc33630af550d422ff2266ca19
6ec28ebbef81da8887bfd50a6ff4308e6c0c96faa0decde8970b2072a5ec4dab
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88e0638be745d0749ce0b8424c8875bd3d8dad87de7c6bb6116aa5d845857dce
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8c6b7edb14bdb9c2ad3bf9aee3c106e7ffe52dedd0e73dcbec3c32071a8a2b32
92344ceedb50e5b8a188ecd8a50ce83b972ba42540ac7e3dfb9aa641c2f961d4
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
9b156ee313d0c32611786408bf962f9d865e05f19fc1ba22fe691050a7d1668c
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
b0bad635d8f11c85a8934bd69da460fc9d81526d477596a554b12c41d76f0763
b226b199ad4e04570aab93f2e964afda3936c47fec41a77aec254ce26ec1154a
b5fdef9f51bdb9b56e7f4e7749d77bcb6597a0301ead564c6ba9b4a016ac1a1e
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
be2a8bf5db842bb931e40fd680631bf9efc757caaa07982ee782ce3730188c2c
bec178028692f94f6e52c4310e6fb58da4b5dca8e168c3dd6770e7d61f065e0e
bf83978647efcd2a3dbf8d0fa9257c5b18e3b6b4f45d233d119976a269132707
c5a7a8955262c3c2163db961b18af97c9eeac48586a52c50d8d1f80ab04f84fb
c5e71da3dbc647b725d8b39fa5bc993ccd311b4102c40ead2f3a764de4ed74c4
c9e5ff3091ae93cc3c625cbed8e9bbbd436fcfddaeffe6a4b8b445cdd2ebec38
cd282db522c4f4e29ba04765635f6bb563d6f47af704e6b40e544ff5a617e60a
cd2fcd28a1e89618f5cd7b07698c8ddf492ad780991c993a8e90767ef665c640
cead1002bb2a8ef60efc22804d0ef0596b9e19a7362d40cde2d5a3a7c6b83668
dd8253bc972c529df7bb152a69b9d3fcebda16cadffe75922249f550ad77bdfd
dd8eb7cbd3a66f09b1e1c11e75987a9eba498c1ead3fd95f5c59d16bd526d21b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

declanbetterthenkayden.us.to Open in urlscan Pro 104.243.38.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

64 %IPv6

16 Domains

17 Subdomains

15 IPs

1 Countries

1040 kBTransfer

2490 kBSize

16 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

declanbetterthenkayden.us.to Open in urlscan Pro
104.243.38.18 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

64 %
IPv6

16
Domains

17
Subdomains

15
IPs

1
Countries

1040 kB
Transfer

2490 kB
Size

16
Cookies

58 HTTP transactions
0 data transactions