blog.christophetd.fr Open in urlscan Pro
2606:4700:3031::ac43:ab3a  Public Scan

29 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5NsIwcTRX-3hNjCa380DexVDmaMVJE_OlxDzDMjenkl4TGm10Ub9kIzqsucz5Mqmb0pM= Page URL
2. https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	302	MDY3LVFaVC04ODEAAAGF2qr5NsIwcTRX-3hNjCa380DexVDmaMVJE_OlxDzDMjenkl4TGm10Ub9kIzqsucz5Mqmb0pM= info.sysdig.com/	546 B 1 KB	273ms 203ms	Document text/html	104.17.71.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5NsIwcTRX-3hNjCa380DexVDmaMVJE_OlxDzDMjenkl4TGm10Ub9kIzqsucz5Mqmb0pM= Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-EVb7aNAkOGqDxxZD/nkem9byukMcfZs8JVOCg0r2oJg=';object-src 'none';form-action:'none';frame-src:'none' X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, no-cache, no-store, max-age=0 cf-cache-status DYNAMIC cf-ray 7315dcbe9b7f9bcb-FRA content-security-policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-EVb7aNAkOGqDxxZD/nkem9byukMcfZs8JVOCg0r2oJg=';object-src 'none';form-action:'none';frame-src:'none' content-type text/html;charset=UTF-8 date Wed, 27 Jul 2022 13:53:37 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" referrer-policy strict-origin server cloudflare x-frame-options SAMEORIGIN x-request-id b6ed78fb37841d93
GET H2	200	Primary Request / Show response blog.christophetd.fr/abusing-cloudflare-workers/	67 KB 18 KB	975ms 867ms	Document text/html	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Requested by Host: info.sysdig.com URL: https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5NsIwcTRX-3hNjCa380DexVDmaMVJE_OlxDzDMjenkl4TGm10Ub9kIzqsucz5Mqmb0pM= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0 Resource Hash 46815fdcfa41629642f3c3357c75f5ec0b08467ff54b838cac350d15e9dd23fe Request headers Referer https://info.sysdig.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control s-maxage=31536000, max-age=60 cf-cache-status MISS cf-ray 7315dcc0aae59bb8-FRA content-encoding br content-type text/html; charset=UTF-8 date Wed, 27 Jul 2022 13:53:38 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 27 Jul 2022 13:53:38 GMT link <https://blog.christophetd.fr/wp-json/>; rel="https://api.w.org/", <https://blog.christophetd.fr/wp-json/wp/v2/posts/1493>; rel="alternate"; type="application/json", <https://blog.christophetd.fr/?p=1493>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJvKgukQT7dc%2FbwwEX5l8AqL2GL1XUeJu9xZl%2BsliFjsELXOOR8afQESgcw141tF1r62K90N0P0kkW%2FqOoUkmtvdy14eUGAq8Rtbm0U9PtO33Nb5ccGrY0dp7SnZHiFuc5xWcHLZ%2FIWZWaMd7t4bfjO1ig%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-pingback https://blog.christophetd.fr/xmlrpc.php x-powered-by PHP/8.0 x-wp-cf-super-cache cache x-wp-cf-super-cache-active 1 x-wp-cf-super-cache-cache-control s-maxage=31536000, max-age=60 x-wp-cf-super-cache-cookies-bypass swfpc-feature-not-enabled
GET H2	200	style.min.css blog.christophetd.fr/wp-includes/css/dist/block-library/	87 KB 12 KB	74ms 66ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 12 Jul 2022 17:00:08 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZhO%2B2NporjJlMWzCZYWohbQjrwaudkli4WyJ8OwckoS2EhCZ%2BXYtu2ynxEfLtWgiN2brNOY1qBhuRsYFolB7bD9hFIrZcJujlISlU%2B6xwbj797wa4raPrAryD7S0F3lfXfrH1pLMyI2nmAgXfmuXYNjAWg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc62af69bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	dashicons.min.css blog.christophetd.fr/wp-includes/css/	58 KB 35 KB	67ms 59ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/css/dashicons.min.css?ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 15 Apr 2021 05:00:23 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TraRE4iO37j5pR1Td%2BnzyKus%2BCfjDUEkdM5DW83qbE4jCYRRcFwn%2BwVJP%2F%2ByQmZlv%2B04Fyy%2FRum4WcBH88i9i%2FhHieGKWOr5Lg5ghYxsx8t%2B%2FPtvdC7kOgmPlg2lyRcSq0EFN5aMErmckhb5Q4fbWsngaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc62af79bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	frontend.css blog.christophetd.fr/wp-content/plugins/post-views-counter/css/	215 B 471 B	68ms 60ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/post-views-counter/css/frontend.css?ver=1.3.11 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=289 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 07 Feb 2022 21:48:43 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MHkHcJ5v182uA8ESXWM57sOiterD%2BKgoopjHKweAyZrlx9nnEGNni1I%2FV2CeSSHMH1hi3I2hNLPvsxaNkNNoZHCPw1IR%2FEG9cYAT8XZFLW3jpICKgAWm93JQVFU7PpTLNGrja7mSib7UP9zuYIbL88%2FZBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 cf-ray 7315dcc62af99bb8-FRA expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	screen.min.css blog.christophetd.fr/wp-content/plugins/table-of-contents-plus/	1 KB 731 B	71ms 64ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 11 Sep 2021 09:47:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wlwaDXiNXNAAsMm8948zVvO3OxHOiJryEvEvQA67DVt054aLxmeSmJFgpEjZFL9qUUSwHyHRnVdnlSYjKDH7eaQQJXT%2BRBKRmnqWicEHIo9HZeqykstf7NudvuSo1sr%2FBYLX0n%2FK4tWuVKN9iz0PAVUmA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b0b9bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	wp-ulike.min.css blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/css/	21 KB 4 KB	80ms 73ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.6.2 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c8d52bbcce3e77904bbefe49f97e08cd5f7302db8b13b652586d020aed55a8e Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status MISS last-modified Fri, 20 May 2022 09:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6cmmGoH3Kn0Mq2mf%2BLF0bcgotfIWMEh4nT1lA6%2F2sklu02E4iPiPX1j6cw5ahTW2rUq6rM7SdyjwNDZGCRqD71uKcm2aa1f6HwY26K%2BnPsG43OjH6nB3FhGZHL0Vz3r%2B3WRByf3svFK5se1oSZy1FEXzw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b0f9bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	style.css blog.christophetd.fr/wp-content/themes/suri/	17 KB 5 KB	71ms 64ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/themes/suri/style.css?ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff4ee9c360015e2e2973b8af363e7fc65723cbb1f7ad8de6bdcc4c63cf68d7e2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=23578 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 22 Dec 2021 10:02:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5qz2JRXptj6LtWyM%2BPYwKJlo1q3TxC6M%2FTH1XqvBui8lOrODcYoD%2FOW%2BVwey3wZtl5qsHU8wCECQVTwsAIT2hpMsdO14sDacXS9PmV4O2bU%2B6In5PZrTxf6zIGzbmo%2BPzdoRrCLRt6EIQi6id7Qsy1IFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 cf-ray 7315dcc63b139bb8-FRA expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	css fonts.googleapis.com/	12 KB 1 KB	142ms 47ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A700italic%2C700&ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0a20a627f787a37fc2b4e5c9e89e3872361b112b636aebba64f7ef9b9280d876 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 27 Jul 2022 13:53:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 27 Jul 2022 13:53:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Jul 2022 13:53:38 GMT
GET H2	200	genbasic.css blog.christophetd.fr/wp-content/themes/suri/resources/fonts/genericons/	5 KB 3 KB	81ms 74ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/themes/suri/resources/fonts/genericons/genbasic.css?ver=1.0.0 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b791d29e040199614f6e2fc48432ee634395e42a31cbe9b881d653f5aadbda34 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=6172 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 22 Dec 2021 10:02:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkp2CjaztDSDiuJrP2InAOHhm6v7gWABygyW0Y%2Fk18vBHfnRtHerXweR05vO%2FBODi6pUL9JfXo6t515v9gmiHfahAYZKdBFdKtgWDAZ1Vz%2FfEbArzn63jamvEVXpKCffhzv6%2BGdLf3vzmKnbi078h4x52A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 cf-ray 7315dcc63b159bb8-FRA expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	addtoany.min.css blog.christophetd.fr/wp-content/plugins/add-to-any/	1 KB 754 B	71ms 65ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.16 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jul 2022 05:00:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1uXa%2F4yK30n2gU2ij8vU3k5Z%2FD1kx6mOJq0baMv27AVGy0MkzcjkQqM8TVws5fR6NoNqjPRoVwE3KE%2FTo2RWQ78iWkCpNauOPOfO9wCU2JBDoA3Lmx9PuDNuk9yr91blvFYFyNb3zgHVvZRMJDCOahm4w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b179bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	enlighterjs.min.css blog.christophetd.fr/wp-content/plugins/enlighter/cache/	78 KB 9 KB	73ms 66ms	Stylesheet text/css	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/enlighter/cache/enlighterjs.min.css?ver=go71mE6ZM/zlbfo Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c7fc311a232fc32e6bd553d6b6e9f791ac9a6fa3bd67338f71b4f3f8fc1c3c9 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 08 May 2022 17:00:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sjr%2FPg2Wm79%2FnJml2ZE5BvZTqF9L3u5ZD8jVEzSCBxGpewEwv1ZwZYcwrV1%2BnVzco0PN%2BSZq%2BxfSoYMnJ9dcwDj7aEdji%2FR9QBFVUxi3r6lO2KZoyOSLnz6zo73L9wnw9Mc4pSMzg94UStoUvgvDZryBnQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b189bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	page.js Show response static.addtoany.com/menu/	711 B 838 B	69ms 21ms	Script application/javascript	2606:4700:10::ac43:2794 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/page.js Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9be964bae631d2126b1d11521ccc8547cb8d6f0715d6b4b8f8b88b8d6e2eddbf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT via e1s x-content-type-options nosniff cf-cache-status HIT age 135068 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jul 2022 23:37:27 GMT server cloudflare etag W/"2c7-5e4a9aaabb939" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=172800 cf-ray 7315dcc7ae479b67-FRA cf-bgj minify
GET H2	200	jquery.min.js Show response blog.christophetd.fr/wp-includes/js/jquery/	87 KB 32 KB	81ms 75ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 11 Sep 2021 08:06:33 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGq7wzNkB7FpnsVPbqkhoAz8FtUj5kDXNvfKC1guJM%2BCubM1hXRERlULKnCf9L5I4pROJNJy8p%2FdfxI2Gxq652eIRlrNdbVnTuHp5AIaY%2BTlA4NS6fE9wb9QBK%2BhurSVFa0qrgMvQFz5IOONDVXQ4UKXIw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b199bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	jquery-migrate.min.js Show response blog.christophetd.fr/wp-includes/js/jquery/	11 KB 4 KB	90ms 84ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 19 Dec 2020 15:18:29 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdogeML5FIg1%2BGCEqeP4kdUFHar6rIn%2FLhQ47uW4q2JnUUgZSgL5wL5Taw8knt3XJp%2BxksbfUxmt2MSq9mOyMkoU5g7%2BSyFyTuDytvljE20nUEtanKwjUqrqLbTGru7WExunEbjnpvxmFavJxZDQntDGvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc63b319bb8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	addtoany.min.js Show response blog.christophetd.fr/wp-content/plugins/add-to-any/	129 B 672 B	68ms 67ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 27 Jul 2022 05:00:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwfM%2FFO96qZDtbLqdlr%2Bt%2FyQ9kRuGfKRMYXmnsDmL0mVuzXFrXzQdoNbxfjS0qSEtZmvvdAi%2B888iQdH7PIODKMj2HIQ8Kxqj%2FKZNiiuC58p0AgsUtfK1jAm6M%2FECWHtxJO%2BobQKzvYP5X5Q9KEMo5jbQA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7687190b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	Cloudflare-worker.png blog.christophetd.fr/wp-content/uploads/2022/06/	42 KB 42 KB	96ms 94ms	Image image/png	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.christophetd.fr/wp-content/uploads/2022/06/Cloudflare-worker.png Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bc684a91ff387533c972084df6efeb53c81dcb27f090c877a9a95a525235ec6 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT cf-cache-status MISS last-modified Tue, 28 Jun 2022 09:08:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2U0rIpnwDtKTN%2BjOat7Fl5GCo7ztrofCmaJg%2BqrGI0bOm975M9uS1cO%2FMdkcknj3ITNIh7AUDNX6xkP2DYVhiwWyUfQce91QA5hRoZA1uGCHI0hdT154R0XTCjRbqeP0yqbf4L4nq650JZ5yzuPMJW1SA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7315dcc7687290b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 42636
GET H2	200	korean_spam_injection_hang_worker-650x580.png blog.sucuri.net/wp-content/uploads/2020/02/	203 KB 204 KB	249ms 23ms	Image image/png	2a02:fe80:1010::5 SUCURI-SEC
General Check archive.org Show headers Download Go to Show image Full URL https://blog.sucuri.net/wp-content/uploads/2020/02/korean_spam_injection_hang_worker-650x580.png Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:fe80:1010::5 , United States, ASN30148 (SUCURI-SEC, US), Reverse DNS Software nginx / Resource Hash 226fd77ff9be278ddb0358674b513f296482f66a595380113759c427feec6e01 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests; Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT x-content-type-options nosniff x-sucuri-cache HIT content-length 207943 x-xss-protection 1; mode=block x-gateway-cache-status HIT x-gateway-request-id 847dd07871be6112936d0f77725f26af last-modified Thu, 13 Feb 2020 20:52:12 GMT server nginx x-frame-options SAMEORIGIN etag "5e45b6fc-32c47" strict-transport-security max-age=31536000 x-gateway-skip-cache 0 x-gateway-cache-key 1649879312.296||https|blog.sucuri.net||/wp-content/uploads/2020/02/korean_spam_injection_hang_worker-650x580.png cache-control max-age=315360000 x-sucuri-id 19005 content-security-policy upgrade-insecure-requests; accept-ranges bytes content-type image/png expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	email-decode.min.js Show response blog.christophetd.fr/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	19ms 19ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 22 Jul 2022 16:05:12 GMT server cloudflare etag W/"62dacab8-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2rlTqfQ%2BX6BysYC4CW48lQi7ZTBCIYJH%2FtMnZtAclRRrpTOzRyGpewPkW7YGfW%2FzjBjt3vYZRRhRvCb9ly8q%2FE%2FjHGIdxhkZrJhHc5cH%2BRT6Pfrmn79fVmT9NRxEmBZkVqSIre9KzJSLs7KirGS%2F8TRxw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7485d90b8-FRA vary Accept-Encoding expires Fri, 29 Jul 2022 13:53:38 GMT
GET H3	200	front.min.js Show response blog.christophetd.fr/wp-content/plugins/table-of-contents-plus/	6 KB 3 KB	75ms 74ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sat, 11 Sep 2021 09:47:58 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6aV4ZdGpjAE5BQGTl3JORWCDcIGLPZ58gY2QTtZT1jRciLuAFpVnWnXfDwSVjRAUcVkGSysPQ6bmpisoTsloU%2FpZezG1xCegC9q57vJswFUMaEZt6BJAlqNGAQ2aMj%2FckxCmAPecrPP7xbVhBc0TD8swg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7486190b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	wp-ulike.min.js Show response blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/js/	15 KB 5 KB	67ms 66ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/js/wp-ulike.min.js?ver=4.6.2 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d8127fd991773b64c55f9d63e9f508501ade508349af9e08ef1922c93021823 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 20 May 2022 09:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcWgBWsPUC7LIFu4VLFtozPBKKrI8s%2FotYd%2B%2B3cX5tnKsijzR7ufbVhjmKo8PhN0kQiJ7AEnVil24rZgt4aXJ%2FFRwBC1y1C6wILL46jayyBFswu%2Bu%2FYVfPnGLMJumWZNug9OfRJAVGlAnrpLgKU0hoKYFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7586b90b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	scripts.js Show response blog.christophetd.fr/wp-content/themes/suri/resources/js/	5 KB 2 KB	66ms 64ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/themes/suri/resources/js/scripts.js?ver=1.0.0 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d0c748c907323fd8ecd92ea049f687b0a0b71883b37927d6c4b8bf69aed9097 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=7427 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 22 Dec 2021 10:02:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOZGhRP9SzOdLdsDHkCj02pjZEPtBLMOFn%2B%2FAVLEDk1h77KwdrZUDvuKshYaWPc%2FxFhkEJU19SY8bSX%2BwgRbIV%2BqL%2B4AR%2BXaWa7RHp2S1xRdhNpAA0%2FI%2F%2Br6%2BnkQrFV9tqJi0yCIcH5hHiMm7BN7Hlv8yQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 cf-ray 7315dcc7686d90b8-FRA expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	comment-reply.min.js Show response blog.christophetd.fr/wp-includes/js/	3 KB 2 KB	80ms 78ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/js/comment-reply.min.js?ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 05 Jul 2022 20:08:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfSXWdyo8DxfhNC7pChJyJc90uj7si%2F8rzQVGeAHNYpZhlHazJYf%2Bqbx%2FVOru3DpFOpte02LijU63TxwAN%2BiaeH7hW5s709Y6Q5mfGGAnlZJHh%2FvRb5JseGcyzv%2BmnQ6Jz8I%2FwjveCec7ioN4%2ByVTnejHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7686e90b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	enlighterjs.min.js Show response blog.christophetd.fr/wp-content/plugins/enlighter/cache/	61 KB 18 KB	79ms 77ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/enlighter/cache/enlighterjs.min.js?ver=go71mE6ZM/zlbfo Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3753723f9bcfdd622dad945e9b2b2ba2957d57742c4a22ad263fb3e191d5b964 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 08 May 2022 17:00:26 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysbg1msDuMzEZC%2FivYt%2FfuOU0cAMzcc8TeWUt2%2BcbUtDC3qzd0RgRRv1M3GBGcW9oys1GA1zdj5Xe1c5m8whRrozbcPxIBYBFZ%2B9YOq5lXZ%2B%2F%2FfuTXealCXtjM58comGUNzObSzZGV%2BTIwBaswku%2FPN4Mw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7686f90b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	akismet-frontend.js Show response blog.christophetd.fr/wp-content/plugins/akismet/_inc/	5 KB 2 KB	108ms 106ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1658854810 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6efeb220d581a73a92a8ca58f187ddf0c0a0b835b34b89bce6dcd5e1b348465a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=9166 cf-bgj minify alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 26 Jul 2022 17:00:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkLgfiVoXTIV7IkGC8KOcdS5M8DkdsQAbc2fXv6%2BoCl7kdN5XzC1W25mFt28CVN9vZN2eET%2BVLP2%2F7KsxPnuhIST6BHPgli78UKHwRG3jwxJh8e4TJWSqfh%2BxJ0W70OZPfwo1hKpfQLdUwj9%2Fz6YXeomNg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 cf-ray 7315dcc7687490b8-FRA expires Wed, 27 Jul 2022 14:08:38 GMT
GET H3	200	wp-emoji-release.min.js Show response blog.christophetd.fr/wp-includes/js/	18 KB 5 KB	70ms 69ms	Script application/javascript	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://blog.christophetd.fr/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 05 Jul 2022 20:08:04 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vfe7R88exziNYbxFNw45rEHcp56kBOViD9Go4o4YRUm1evSgSmtYvBjPvDIqW5bMluAZWO0c8g7Yy%2Fik4jpJJGP3VdZDuzpr8vAYcJXsSAzkQHLxrQFsHafkPklNDVQh2dJvqiTWcnxidTDBuT%2BQ4FbDtw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=900 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc7687590b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 27 Jul 2022 14:08:38 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	138ms 45ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A700italic%2C700&ver=6.0.1#038;subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 08:01:51 GMT x-content-type-options nosniff age 539507 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jul 2023 08:01:51 GMT
GET H2	200	ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 fonts.gstatic.com/s/notoserif/v21/	27 KB 27 KB	191ms 98ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A700italic%2C700&ver=6.0.1#038;subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 19:24:28 GMT x-content-type-options nosniff age 152950 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27456 x-xss-protection 0 last-modified Mon, 09 May 2022 20:10:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jul 2023 19:24:28 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	140ms 47ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A700italic%2C700&ver=6.0.1#038;subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 08:44:49 GMT x-content-type-options nosniff age 18529 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 27 Jul 2023 08:44:49 GMT
GET DATA	200 OK	truncated /	1 KB 1 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a1bd1e7282bf5aebdf7e96c0bf5fd64b90fa119bbc335206c1ea5713dbcce833 Request headers Referer Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v30/	17 KB 17 KB	85ms 85ms	Font font/woff2	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400italic%2C700italic%2C400%2C700%7CNoto+Serif%3A700italic%2C700&ver=6.0.1#038;subset=latin%2Clatin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 11:25:53 GMT x-content-type-options nosniff age 181665 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17368 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jul 2023 11:25:53 GMT
GET H3	200	image-4-1024x341.png blog.christophetd.fr/wp-content/uploads/2022/06/	33 KB 34 KB	83ms 82ms	Image image/png	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.christophetd.fr/wp-content/uploads/2022/06/image-4-1024x341.png Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b896de3063455cef7bb902f47298710d976939d7eaa16b43d0d030bdf9a0cbe2 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT cf-cache-status MISS last-modified Mon, 27 Jun 2022 21:57:22 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLujQWiilzOd77oARPmPjOxbFXCqSN58qe1HJU%2FsEuBKpq7tu57e%2Bv85U1OeFVC59jSu9tnmDuiAT%2FVxtCBjuWXsNJFCXChKtLlWJNCpPWMzS76fRfkkT6zLuJbX2jJO6LwXJfF88BrEx%2FGCEIkHimnJIQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7315dcc869e590b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 34157
GET H3	200	image-5-1024x259.png blog.christophetd.fr/wp-content/uploads/2022/06/	55 KB 56 KB	88ms 87ms	Image image/png	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.christophetd.fr/wp-content/uploads/2022/06/image-5-1024x259.png Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d733e37941a892b0e741c36dba19b2d2ebadcf8eac55b900c285117103333d8a Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT cf-cache-status MISS last-modified Mon, 27 Jun 2022 22:07:24 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOKh%2FZsEKQkYEaC3v2dow2D4i28i5bFWuuWF2Wq0t4YqEU4M0ib%2BMSI9G0nM06gl%2B%2FlCB8pDzEuSEVvsqrvPRw%2BtR8%2F5eb%2BtQgIqzvl0qffkyDdm7HXV7Uc9VHkWbbFqgBd%2BDM%2BFEktToBF%2Fy%2FXUd1FvaQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7315dcc869e690b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 56601
GET H3	200	like.svg blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/img/svg/	919 B 1019 B	73ms 73ms	Image image/svg+xml	2606:4700:3031::ac43:ab3a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/img/svg/like.svg Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.6.2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:ab3a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c6ab1eb7c698511d412ce15b395edc2e5172e16637cc729e369d9df069015876 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/wp-content/plugins/wp-ulike/assets/css/wp-ulike.min.css?ver=4.6.2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:38 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 20 May 2022 09:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkNpFn9aZyg83PRRln92cVfKWN6tIZ2TXffGJYm%2BE%2FeEA%2BfLTVPmy8GOBEwp3yukExN4CTknY5ISDJj2C2pH3mp22RLyhWi3ZyiPw2di%2FT7brRi4i1oT2sCbrWVUTFM70aczrrtG2Odzy3FjXw4EVqme5Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7315dcc89a1690b8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	31 KB 31 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855 Request headers Referer Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	core.aba90b1c.js Show response static.addtoany.com/menu/modules/	72 KB 26 KB	356ms 26ms	Script application/javascript	2606:4700:10::ac43:2794 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/modules/core.aba90b1c.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c65b1c9e27a3f16dc317b838240d4fff2d9aefe1c20dd4cc0bd1d6071dcee309 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://blog.christophetd.fr/ Origin https://blog.christophetd.fr accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:39 GMT via e1s x-content-type-options nosniff cf-cache-status HIT age 200801 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 21 Jul 2022 03:56:12 GMT server cloudflare etag W/"120ec-5e448b2d021b6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control max-age=315360000, immutable cf-ray 7315dccb3f5c8ff2-FRA cf-bgj minify
GET H2	200	26c5.svg s.w.org/images/core/emoji/14.0.0/svg/	814 B 679 B	770ms 6ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/14.0.0/svg/26c5.svg Requested by Host: blog.christophetd.fr URL: https://blog.christophetd.fr/abusing-cloudflare-workers/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5NsFT84PoQ0EseVuQcW_1Fsr52VhCuRQsRsPrf1oyP_gozmLOnUGKaOtB4F4aSlzRuLuN1saBztI-IW9-uiiGiEsMy4-DLCMDVZ4iXovM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash c58312dbda29fc440531c66f345ea2e18da6d2145cbd8a58b8d10a1be4442911 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-nc HIT hhn 2 date Wed, 27 Jul 2022 13:53:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 12 Apr 2022 03:47:50 GMT server nginx x-frame-options SAMEORIGIN vary Accept-Encoding access-control-allow-methods GET, HEAD content-type image/svg+xml access-control-allow-origin * cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	96 KB 29 KB	97ms 8ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6713) / Resource Hash ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 27 Jul 2022 13:53:39 GMT Content-Encoding gzip Vary Accept-Encoding Age 176 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2 Content-Length 29212 x-tw-cdn VZ Last-Modified Tue, 19 Jul 2022 20:07:06 GMT Server ECS (frb/6713) Etag "3b16e031477759af620cd0de990c6783+gzip" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=1800
GET H3	200	sm.23.html Show response static.addtoany.com/menu/ Frame E342	741 B 787 B	70ms 53ms	Document text/html	2606:4700:10::ac43:2794 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/sm.23.html Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://blog.christophetd.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 769096 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=315360000, immutable cf-cache-status HIT cf-ray 7315dcce9b769b74-FRA content-encoding br content-type text/html; charset=utf-8 date Wed, 27 Jul 2022 13:53:39 GMT etag W/"2e5-5cc9e128a4c38" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Wed, 22 Sep 2021 23:42:51 GMT p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary Accept-Encoding via e4s x-content-type-options nosniff
GET DATA	200 OK	truncated /	34 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	icons.30.svg.js Show response static.addtoany.com/menu/svg/	77 KB 33 KB	28ms 25ms	Script application/javascript	2606:4700:10::ac43:2794 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/svg/icons.30.svg.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/modules/core.aba90b1c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:39 GMT via e3s x-content-type-options nosniff cf-cache-status HIT age 15834301 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 10 Nov 2021 01:49:04 GMT server cloudflare etag W/"132a9-5d0656e4a26b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=315360000, immutable cf-ray 7315dcce9b759b74-FRA cf-bgj minify
GET H/1.1	200 OK	widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html Show response platform.twitter.com/widgets/ Frame EB00	320 KB 104 KB	8ms 7ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fblog.christophetd.fr Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6794) / Resource Hash 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf Request headers Referer https://blog.christophetd.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 668658 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105435 Content-Type text/html; charset=utf-8 Date Wed, 27 Jul 2022 13:53:39 GMT Etag "95e1b50b0c179aefb47b5b211bb347b5+gzip" Last-Modified Tue, 19 Jul 2022 20:05:03 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/6794) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1 Vary Accept-Encoding X-Cache HIT x-tw-cdn VZ
GET H2	200	settings Show response syndication.twitter.com/ Frame EB00	580 B 541 B	165ms 112ms	Fetch application/json	104.244.42.8 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=ceaeba4cf38886cc8dc9ed470c2cf544b7706f01 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=https%3A%2F%2Fblog.christophetd.fr Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.8 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-response-time 106 date Wed, 27 Jul 2022 13:53:39 GMT content-encoding gzip last-modified Wed, 27 Jul 2022 13:53:39 GMT server tsa_o vary Origin strict-transport-security max-age=631138519 content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com cache-control must-revalidate, max-age=600 access-control-allow-credentials true x-connection-hash e459cbf70240e63d5775f24d138248246b184504228af48f70cef9f84fb5a20b content-length 260
GET H/1.1	200 OK	button.fed83577e235944f1c02f314fdfd94dd.js Show response platform.twitter.com/js/	7 KB 3 KB	7ms 7ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6713) / Resource Hash dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Date Wed, 27 Jul 2022 13:53:39 GMT Content-Encoding gzip Age 668658 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1 Content-Length 2359 x-tw-cdn VZ Last-Modified Tue, 19 Jul 2022 20:04:46 GMT Server ECS (frb/6713) Etag "c1233079fb145bc77c712143fa5dcd65+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control public, max-age=315360000
GET H/1.1	200 OK	tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html Show response platform.twitter.com/widgets/ Frame 3A37	37 KB 14 KB	8ms 7ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.dc05643fdb8d0e2b89e5cc3c1d26d1b5.en.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6713) / Resource Hash ffe1fc548e8d8c0e937c360cdb0d8ad6fa1a293dc72fe52325d1e3f95524a125 Request headers Referer https://blog.christophetd.fr/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 668657 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 13674 Content-Type text/html; charset=utf-8 Date Wed, 27 Jul 2022 13:53:40 GMT Etag "836d4ee21a1d9b1817c4d6170a2173a3+gzip" Last-Modified Tue, 19 Jul 2022 20:04:55 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/6713) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1 Vary Accept-Encoding X-Cache HIT x-tw-cdn VZ
GET H2	200	jot syndication.twitter.com/i/	43 B 380 B	114ms 114ms	Image image/gif	104.244.42.8 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fblog.christophetd.fr%2Fabusing-cloudflare-workers%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22christophetd%22%2C%22widget_creator_screen_name%22%3A%22christophetd%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658930017702%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%226da0b7085cc99%3A1658260301864%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ceaeba4cf38886cc8dc9ed470c2cf544b7706f01 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.8 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://blog.christophetd.fr/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 27 Jul 2022 13:53:40 GMT content-encoding gzip x-content-type-options nosniff status 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 x-response-time 107 pragma no-cache last-modified Wed, 27 Jul 2022 13:53:40 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash e459cbf70240e63d5775f24d138248246b184504228af48f70cef9f84fb5a20b x-transaction 5489218a53dbf016 expires Tue, 31 Mar 1981 05:00:00 GMT
GET DATA	200 OK	truncated / Frame 3A37	822 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers Content-Type image/svg+xml