3ncrd.tw Open in urlscan Pro
2606:4700:3033::6815:5ee2  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://estimationoverstate.top/mahanairsj/tb.php?hhloinzj1648369796335 Page URL
2. https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	tb.php Show response estimationoverstate.top/mahanairsj/	1 KB 1 KB	396ms 370ms	Document text/html	2606:4700:3033::ac43:bae2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://estimationoverstate.top/mahanairsj/tb.php?hhloinzj1648369796335 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:bae2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7763ef93a7e0c2949e511a0c3d99fd51f6c3bf44efb412b61d094d63c3309c19 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 27 Mar 2022 10:33:20 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0e28Wb59N2L5l1H9wfi9K37cnmrI64y2AlRrnuxASEr3ajRfd3gWtfEHJnYUKrzwtFXm3%2FwLL8P3TlyKEPrIvXr3ySZAAFnonybxvEjh3Y34gpfCPobl3EgCEdSW%2FZkAND4nVJ%2FTjpl6Vc4KbQad71uK1T6pw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6f27779af9db375d-MXP Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	og2.js Show response estimationoverstate.top/j/	2 KB 2 KB	269ms 269ms	Script application/javascript	2606:4700:3033::ac43:bae2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://estimationoverstate.top/j/og2.js?_t=1648377200421 Requested by Host: estimationoverstate.top URL: http://estimationoverstate.top/mahanairsj/tb.php?hhloinzj1648369796335 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:bae2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e4be47d38af3f8cda52d9d0b66145b71da47da25a3bed9d760ca156100ca42ab Request headers Accept-Language de-DE,de;q=0.9 Referer http://estimationoverstate.top/mahanairsj/tb.php?hhloinzj1648369796335 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 27 Mar 2022 10:33:20 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Sun, 21 Nov 2021 15:02:17 GMT Server cloudflare ETag W/"619a5f79-75f" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1dHJ%2FN9r8%2FjFRiyeOZxfYwwWKJ8qNlERGaSbttRmOwaUJp37O4LW%2Fald1K1vowSlYZ5MBwRihYm0VenF9pc4iXQIhMmJouFRtwHgZfbwFCo4TQzbjBxmYGR2n3SKgUs%2F2WGzl3O8rBUy6Zba1vXzszpvErvHQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript Cache-Control max-age=43200 CF-RAY 6f27779ebaf5375d-MXP Expires Sun, 27 Mar 2022 22:33:20 GMT
POST H/1.1	200 OK	og2.php estimationoverstate.top/j/	71 B 761 B	511ms 511ms	XHR application/json	2606:4700:3033::ac43:bae2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://estimationoverstate.top/j/og2.php?_t=1648377200693 Requested by Host: estimationoverstate.top URL: http://estimationoverstate.top/j/og2.js?_t=1648377200421 Protocol HTTP/1.1 Server 2606:4700:3033::ac43:bae2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://estimationoverstate.top/mahanairsj/tb.php?hhloinzj1648369796335 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers Date Sun, 27 Mar 2022 10:33:21 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrW6la7xkpCJhiT0kByt9TW6%2BzesgC21glQ24U7QXOoFxntweJh9AHHJeMlrDhMd08j%2FF0GR15fgJHrP%2Bc29%2BmQXX4xcM1JysR1hFJW39xQg5ukluLweQ%2F7lhjQgFjWfTXOjOjDX1mO7wUT96H6SMMykzQne9w%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/json Connection keep-alive CF-RAY 6f2777a06edb375d-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	Primary Request / Show response 3ncrd.tw/G5u28UOq/mahanairsj/	89 KB 17 KB	348ms 287ms	Document text/html	2606:4700:3033::6815:5ee2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Requested by Host: estimationoverstate.top URL: http://estimationoverstate.top/j/og2.js?_t=1648377200421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5ee2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09b10052ad62090bc2ef1e7ac86d4093531b0ca4dcf4cfe06b93bff0fe292f79 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://estimationoverstate.top/ Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2L5F7ybVnmWHvBD7WWpB35jaAKI%2FTwcmexh6nO3Ock7cLhs1Ydt8MqPn5TINbKVPlA%2FnL%2F1ZRzjSoZKuJOf%2F5Q9He7gbCO%2FkJJdhddINJDArRkMVYi4ODya7zlsZtLX1SELGfkYwgw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6f2777a3fc2159b3-MXP content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/	87 KB 32 KB	83ms 37ms	Script text/javascript	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1956 x-guploader-uploadid ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:30:17 GMT server cloudflare etag W/"3e4bb227fb55271bfe9c9d4a09147bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fedmxfvpe7vTw5T5qGiBvGOziKGpGdGuBXMRQNJfL44B%2Fnc3YTrSBEir5dosfivuhytXLANI8Z271xHjacgxYr0KeRdz5iD4XLZcy%2FccgjJX7QLERhZOdWh9Z9tAlitUsb1BUkyhpWUesJlm7e4%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647502217775195 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 89501 cf-ray 6f2777a62bfc59d1-MXP expires Sun, 27 Mar 2022 10:08:10 GMT
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/	62 KB 16 KB	102ms 55ms	Script text/javascript	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1958 x-guploader-uploadid ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:36:54 GMT server cloudflare etag W/"c99230d2575380d7f95ff626606d2426" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fy4%2FJvpREpnrTlwqRYpHkUbvujLNHj8SormF2eysF00mCxR1L3WI3oGU4WrmRtbBsYaKpaj5XhsatRLefzA%2FpVjhvgqcRg0MkpMZiU7hcaigJDdm4WPy68HgT0Y1DQ15Og7QhNNVJn%2B5360hSB0%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647502614200576 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 63473 cf-ray 6f2777a62bfe59d1-MXP expires Sun, 27 Mar 2022 10:08:10 GMT
GET H2	200	sweetalert2.all.min.js Show response cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/	71 KB 20 KB	99ms 53ms	Script text/javascript	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1956 x-guploader-uploadid ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:40:39 GMT server cloudflare etag W/"80924b62e5b3ac73aa4849776b439770" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYs969wJRea37a7G1Dy8VvuKPUuyzdGvguXPFP8ugeQv4a8eQIx%2Fw4xwdbB13GY%2Fro3G5NJH39%2BDQizfO%2FxEcSXXBMcxEX6fhVnWkW4A19xYXS8dyYIZhB8WypkSylVrTjf%2BRmSeSfE9MUnsGIo%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647502839791727 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 72765 cf-ray 6f2777a62bff59d1-MXP expires Sun, 27 Mar 2022 10:08:10 GMT
GET H2	200	lazyload.min.js Show response cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/	5 KB 3 KB	82ms 36ms	Script text/javascript	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1936 x-guploader-uploadid ADPycdtR3AgAIN3_QYAw_67mnc51aKbU-2aPQ-R-QSkeTj3nsSu1Jsaz2TdmBL4OvQNJlTeYbHR1kd1BX1amk8hCkho x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:42:43 GMT server cloudflare etag W/"dc6de9813c714ba99733ca4fb5d3a1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOyBhjc1bjc4jsbtbo5MwaVbYHH38h5GF7f57W8xbUDnJzW%2FUH3bAMFbyRfTk5ZIhYl8dtE19Av7f0Fg5z3qixWNeIHguPFU3PQuHvZi3XUQtRdCiUu2aluD94w7B9yVSAYp6zflmGlxKbHCAe0%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647502963816044 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 4798 cf-ray 6f2777a63c0259d1-MXP expires Sun, 27 Mar 2022 10:08:03 GMT
GET H2	200	popper.min.js Show response cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/	21 KB 8 KB	100ms 54ms	Script text/javascript	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1936 x-guploader-uploadid ADPycdu1_c45kD5Yfcahhyee5k60gFdhKF0DCxZU0gsZaJj5VB2X1mJ8GPzxrK27ja8jtIuK1TM4NgHxSepdplcvatU x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:44:44 GMT server cloudflare etag W/"31c898c6d2ea13c30441657ff1900d81" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIrbiyOrOghS3GtEKz3%2Bzj%2Ftz6QmCFc4Lp50VMHvyA1lzz6pOFnxVuYMVFqjTwczHuPTQ4jNAcCFGJ5wDrqc7IqV0zJDP1K1YT2Byaa9sCw%2FEzXP496lGod7%2FQt7IUea%2B0z4DFsYzibh9eAcdV0%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647503084523089 content-type text/javascript cache-control public, max-age=3600 x-goog-stored-content-length 21236 cf-ray 6f2777a63c0559d1-MXP expires Sun, 27 Mar 2022 10:08:03 GMT
GET H2	200	bootstrap.min.css cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/	158 KB 25 KB	85ms 39ms	Stylesheet text/css	2606:4700:3030::6815:d63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q== date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1940 x-guploader-uploadid ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 17 Mar 2022 07:38:12 GMT server cloudflare etag W/"feba0d0760607b9e21393156949afcd9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC%2FWN%2FxCgxTbOhPp7CZblYegG707TPr0i2jk3MMAnbA5ZfkvoQfAnct48ViOF%2F8sr0qq2MCO1eZpbB%2F%2Fj%2FfIvZFRDv%2F%2FXZxDvBVpNwk8LmjAYcms6FUSENTlbGSccnxRspbUVMLnIe2U7DQzYIY%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647502692716912 content-type text/css cache-control public, max-age=3600 x-goog-stored-content-length 161415 cf-ray 6f2777a62bfa59d1-MXP expires Sun, 27 Mar 2022 10:08:03 GMT
GET H2	200	elssd-kongbai.png img.publicdn.xyz/upload/	1 KB 2 KB	85ms 34ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/elssd-kongbai.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c22164eb5c0c42ad8395720c15df29f006b15fc55c84f4b0523860df48cfdd Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=ev/KfQ==, md5=qfQ0Jdc9C+VDJbUekQBG5g== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1611 x-guploader-uploadid ADPycdsITez5hUpGKLGWWcB8p8qCcduDPEiiwZF5fjuAcloUnOxRu4MXv_f_okxbbv5u9mqFti249bztZTqJifnqatc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1049 last-modified Sat, 12 Mar 2022 11:31:34 GMT server cloudflare etag "a9f43425d73d0be54325b51e910046e6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzPWVibvbhePsKR2DR2CBY1xQJpPHeaqwtXa2sudf%2FPgoF%2Bh8%2BM91eW8IRd01JfKY%2BZEmVFHJArSf9FqSv9Ziqryqjtz11QWIhb%2F4%2FL9Q%2F%2FFFMzGWImqeaxckj5JB94nlSmat6mtSgy6ir1J3uqq"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647084694062038 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 1049 accept-ranges bytes cf-ray 6f2777a6fc240dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	ylhk-zuobian.png img.publicdn.xyz/upload/	13 KB 13 KB	73ms 35ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-zuobian.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 649777a845d3865c2292582c86a90894ffee0151b37d3262db0856bf43c4cd35 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=UhBvhg==, md5=+S8cDFb05IQKCGahC1W1GA== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1611 x-guploader-uploadid ADPycduLk22zExP0OtjKNB63ZwR0COZaPojD9vKYa00vKH3m7DiYNT_BVZ5B9gtywAws6oaXlxI4qHKC4kD7dF4fJdA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12991 last-modified Sat, 12 Mar 2022 12:45:27 GMT server cloudflare etag "f92f1c0c56f4e4840a0866a10b55b518" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4gYAncFeVyy3W43nHn6g6PuF5ml8OmBcNCTisrBzsPT3ZzU4DA0Y1NjDNNR8gmr6YYERNZYGnyta4oF8msJkENfTOY8kzjHcU0eMhRm1F0%2FxRpGs%2FXOnMMLhegypDrr390xcHhBWFyjQJqKVX18"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089127526305 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 12991 accept-ranges bytes cf-ray 6f2777a6fc270dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	ylhk-youbian.png img.publicdn.xyz/upload/	1 KB 2 KB	119ms 82ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-youbian.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 63e5ad1bdd19abb11c172313e153308af6c627cb2d87079907c3e74f04c4b6d3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=MlVopA==, md5=r2VqSba0FrXC59NEPHlKmw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2846 x-guploader-uploadid ADPycdtYtKqdMlRpHmEaC75XMOCZ9PLcE481B-d0K_i1vican_WI8sNA19qnAASTY8yFcZ9lpOAfq4iC0e989LRbwDA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1120 last-modified Sat, 12 Mar 2022 12:45:26 GMT server cloudflare etag "af656a49b6b416b5c2e7d3443c794a9b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WRogeY0Smu3j2mRKH6gXgUjSbioabmC%2FylVnWj0FwCzuU90Mo6spgs82BHTm8lIpKxP8CA9HFNVETQq0qR6wYIqpdCyrRQ4%2FfvPL2t4S8JUuolt0Hnencf6kj%2F7IUbGwNNyjYkVa%2BXe4mSxMl%2FQ"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089126823850 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 1120 accept-ranges bytes cf-ray 6f2777a6fc290dfe-MXP expires Sun, 27 Mar 2022 10:45:55 GMT
GET H2	200	ylhk-img.jpg img.publicdn.xyz/upload/	68 KB 69 KB	118ms 80ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-img.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bea8fdeff50a93f3ab37005cb92d20a9aff74bb1d5e52c74051c61e5d333aa87 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=1tgF4Q==, md5=6/SHc46my26tWANQphEd3Q== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3062 x-guploader-uploadid ADPycdvgHm7nkH16KdQiyndvfkwaNIFsYFqzHfPbExFxhdhfmoLTI9lBrB1r81ABcsZadXNNeQI3VKS85aD936psbpQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 69323 last-modified Sat, 12 Mar 2022 12:45:24 GMT server cloudflare etag "ebf487738ea6cb6ead580350a6111ddd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpyfHKQ3fUalSkPbc6IB9sG9fRaip2jKQIBacZpJhatSPOyC0df7IDqekRbJIn0DNX2ufC21ulKsinMVUtUsJkgQKemlaWllcq8cSv3qVvyhhfQ8MktjnR5FfZlYi%2FCVHhdy%2BOT13CwgQliFgUau"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089124114964 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 69323 accept-ranges bytes cf-ray 6f2777a6fc2b0dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	elarabyg.oubox.png.png img.publicdn.xyz/upload/	107 KB 108 KB	88ms 50ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/elarabyg.oubox.png.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 122e4e03ca391142cbd2e6de7ed21a77dd36fd64c0ce403e9a804548cac4a52e Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=0/gKQg==, md5=/23pkz4UsDYSc+2MdrU0Kg== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1610 x-guploader-uploadid ADPycduMVJ-TjX8hJZPyMEJyjjpBuN_I9BIMOgH1NBSbaHoQvL7-3_qoXU9fUgDLNTT73DYtl4KvFzcnriUxzbdvta0 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 110057 last-modified Wed, 16 Mar 2022 02:09:04 GMT server cloudflare etag "ff6de9933e14b0361273ed8c76b5342a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Fyij45i13BYm%2FpiSWMmLYZ8KQIf%2FNA0zRF5FeRo9eyDFkPicQ5JNjkU1Npkpk3GPIvhLk7MBdGersk8bbm4AlLg0ewxROmz9OuYfDzi%2FMf%2BYjubRTxFK%2FsT%2FwVLxCeHowZh4O%2F%2F9cyhM8S6%2BFFD"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647396544204774 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 110057 accept-ranges bytes cf-ray 6f2777a6fc2d0dfe-MXP expires Sun, 27 Mar 2022 10:44:11 GMT
GET H2	200	ylhk-b1.png img.publicdn.xyz/upload/	28 KB 28 KB	117ms 80ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-b1.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2febdc2fdfa0e616ac87b61deed35cbfb9fbacf457739b46003739f6b1d46d85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=7SI5bg==, md5=fwIXKQDOYccq2K/lWrBP1Q== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3221 x-guploader-uploadid ADPycduVUNfZOHw3JtpewhQM_KoeSnjRNZhfjSNag1c8FaQyqKQmlrely08Ud68NyIHyikwcf6FmZqrtkb0OfjDfkmc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28477 last-modified Sat, 12 Mar 2022 12:45:27 GMT server cloudflare etag "7f02172900ce61c72ad8afe55ab04fd5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xn6tkPTy4cWbWZ3cbwnJ83Dxyn%2FEUIUp%2BwzyzklCpYh9uNzgOUotekebXi7v%2Bz8RhDPjQ8T4r4%2F%2BA0kjOosK4Gof9VSwcvABDzzjD3OxQcdLgpHKelz9PzLvocsqPCZT9Dgfi2XM8JYHl6TxxC5i"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089127949928 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 28477 accept-ranges bytes cf-ray 6f2777a6fc2f0dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	ylhk-b2.png img.publicdn.xyz/upload/	8 KB 8 KB	67ms 66ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-b2.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b35f68ce0120b039324888741386231843f1145ea0a2b8299826f37afc284875 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=M3zC5g==, md5=E5zCUatqdyC6pocE2p5q6Q== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2167 x-guploader-uploadid ADPycdtHRWVSwFwhLofkczgf2nY28XZpm82lq2kBuyZCOhjIh1ZgnAJqYcvlvZspPXr5hv17BzUhMvM65pT2zLSgysw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7875 last-modified Sat, 12 Mar 2022 12:45:27 GMT server cloudflare etag "139cc251ab6a7720baa68704da9e6ae9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpMCucmI8rimnCVQVF35Ub14J0MdNtnqadZga78ZJ6gy6Deq%2BlxvO3ytoR%2FlINMrpJtsEDbSEL9191nGJ5mDLmmq4H0aevKzV4Dpr6CWS6LxoC1FSOBZcniBd50FrcDSJ8F4uQTqXORJ8tx0lyvR"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089127925639 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 7875 accept-ranges bytes cf-ray 6f2777a70c4e0dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	elarabyg.inbix.png.png img.publicdn.xyz/upload/	12 KB 13 KB	70ms 69ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/elarabyg.inbix.png.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cae2eec4ad2990d9dedbf3f91e1e730ac7992d98b75e9a778d7296b3f1d52ae0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=TT85dA==, md5=JoO4TqBNBUa6AD5sJxD/Pw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2167 x-guploader-uploadid ADPycdvqzg_a3i7RQMFltkY16RV70qKOBQlm4AZeDwcKBcGTzdMuuWTAmkhV0ihyaK1TIcl7lTbeWlqda9RTlPcb764 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12336 last-modified Wed, 16 Mar 2022 02:19:25 GMT server cloudflare etag "2683b84ea04d0546ba003e6c2710ff3f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e3eZ1qRsoIailjCA495wrUOzTW5dB2aDkjlvk%2BEOTnzmSG3SvtV10N9NZfTT4AYaNQUjQLqlDvMVCpdH3zYrAvV3l4GAiq5VBe0ZpKs6Z%2FCuUsyD5LmYzq%2B9STh6C%2FgHAFyqoouBKm2RTLIwb3d"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647397165085599 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 12336 accept-ranges bytes cf-ray 6f2777a70c500dfe-MXP expires Sun, 27 Mar 2022 10:06:26 GMT
GET H2	200	ylhk-b3.png img.publicdn.xyz/upload/	16 KB 17 KB	68ms 66ms	Image image/png	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ylhk-b3.png Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 601195aba8f77491422990c838567e810d507423a43837b50e9e57109df53a53 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=I4R+Cw==, md5=cY73pPj4TNllz5fd5C5NSg== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2167 x-guploader-uploadid ADPycdvkSbGxWsx-_2cZ7GMxKEP5Xk_b15MGLVUNC7kssZGrGV6hi_Y5tcMGCdIHVVH4DC2zpegqj73lnwAMoEEdzkk x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16660 last-modified Sat, 12 Mar 2022 12:45:29 GMT server cloudflare etag "718ef7a4f8f84cd965cf97dde42e4d4a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbvm6gpUzR1evu%2FiYu7m9AenrXZekqgdqzDAwLkP7A%2F11r8RHNrKYczzbPlhvhfSCEqsFSZSTNbsx4MfGNr7BNTNMMNvc7iNwJ9sbdv%2F2sfDCx7jZuqPHuFPxw00v7%2FpOn%2FUNSZhpTqBLtZlgMMT"}],"group":"cf-nel","max_age":604800} x-goog-generation 1647089129136134 content-type image/png cache-control public, max-age=14400 x-goog-stored-content-length 16660 accept-ranges bytes cf-ray 6f2777a70c510dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	responsive.js Show response qoaaa.com/js/	3 KB 1013 B	122ms 34ms	Script application/javascript	185.66.201.42 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://qoaaa.com/js/responsive.js Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS affilist.com Software nginx / Resource Hash 4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br last-modified Tue, 21 Dec 2021 14:23:16 GMT server nginx etag W/"61c1e354-b1d" content-type application/javascript
GET H2	200	bnr.php Show response uprimp.com/	427 B 681 B	120ms 36ms	Script application/javascript	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash 4a7c4c74faf6c78809350f41e618a7d948c4721eccf2d32df1ded2672541febb Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 27 Mar 2022 10:33:21 GMT last-modified Sun, 27 Mar 2022 10:33:21 GMT server nginx content-type application/javascript cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 x-robots-tag noindex, nofollow, noarchive, nosnippet expires Sun, 27 Mar 2022 10:33:21 GMT
GET H2	200	meiguo1.jpg img.publicdn.xyz/upload/	17 KB 17 KB	68ms 67ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo1.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67f0cf27307e984ea83ad6e8fd1f54d663bcf9d9f8347e8d83a08cd57cad9982 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=g0VJKA==, md5=BD9jfDi9j1l4pQ7ezaspWw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1609 x-guploader-uploadid ADPycdtGkYfLwuQno5JDQ9LR3uykiMHluhNHbV7mBq0YcQ0CnKrzAp9VCFhgQ_a_M-rZWJRzeTT6gLeI44XXDHL5qaw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16966 last-modified Wed, 02 Mar 2022 08:15:13 GMT server cloudflare etag "043f637c38bd8f5978a50edecdab295b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIoAjW8s1ru6iMPJqbUMyVBoKM3OOF6S1TLL3EZKITiCkpeqvPgmzDdrl%2BKnLDsupMwo34FRpTEric5wIi3qFTRPBJapVdII%2FibNTmzE%2Bz6m5afhr%2BKFU7kKF1tf7V%2BI8hbE5S0tWuuzd5UUQ1vj"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646208913732597 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 16966 accept-ranges bytes cf-ray 6f2777a70c530dfe-MXP expires Sun, 27 Mar 2022 10:15:03 GMT
GET H2	200	meiguo2.jpg img.publicdn.xyz/upload/	13 KB 13 KB	154ms 153ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo2.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dcd34461266b7e5bcfa257cd1b63a5941386baaec19fbb9c1599fed9864863a8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=muIy6w==, md5=tlrJ10uTunYsJA7wQof/sg== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ADPycdvMctnAEexnQCotEYNoweSrdwTYLK13ItOkeFpsXBwnDg72TadTL2abP34LgrqSW3joGkB7O66f32rKFakkaLw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13278 last-modified Wed, 02 Mar 2022 08:15:13 GMT server cloudflare etag "b65ac9d74b93ba762c240ef04287ffb2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwtVvAJhqDfDX3lvMudRAgDk%2BxNC7CM5Y8VTrXC9%2B1iP%2BPbTq66DpKx1of9Ftk3%2BhNtnqQtgh8LcmZqltyK0DnEhBNucrmQhR4a8TIyofzX9Rs8bcgTG15Ahq%2FCW24VRywbRqyVVqMPa91ciJXYn"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646208913740523 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 13278 accept-ranges bytes cf-ray 6f2777a70c540dfe-MXP expires Sun, 27 Mar 2022 11:33:21 GMT
GET H2	200	meiguo3.jpg img.publicdn.xyz/upload/	21 KB 21 KB	153ms 151ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo3.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a923941bccedb95c0c93039c1dab32e665479cacb47107545682e5ad1da7517c Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=U6PIow==, md5=aPr6c4V3oxlwd03rdOlxnw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status REVALIDATED x-guploader-uploadid ADPycds-IqYxGj7efImLhWn-wYYH1bmiGnxHUUryUvLc7YFxpwDf_d2ywgqpWfd8K31rSP0Rx7B32rrFc4ceGU34zmo x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 21027 last-modified Wed, 02 Mar 2022 08:15:13 GMT server cloudflare etag "68fafa738577a31970774deb74e9719f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]} x-goog-generation 1646208913746769 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 21027 accept-ranges bytes cf-ray 6f2777a70c560dfe-MXP cross-origin-opener-policy-report-only same-origin; report-to="gfe-default_product_name" expires Sun, 27 Mar 2022 11:33:21 GMT
GET H2	200	meiguo4.jpg img.publicdn.xyz/upload/	17 KB 17 KB	67ms 66ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo4.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 88b94432dde391f8974b4f4a5008e570c1e915ac6ff55fbf165a25ff6e5a2a08 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=KrGZdA==, md5=nn6dXZYpZSLg/yDSdMcSiw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1607 x-guploader-uploadid ADPycdtw1EbX_rRPwIl90CxOOFvZlGx3DY70KiROr9PHhsfYvTDl8xuXhLShY5WEKCAULJvQ6u1KWGcXSz-CWNgFyXg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 17379 last-modified Wed, 02 Mar 2022 08:15:14 GMT server cloudflare etag "9e7e9d5d96296522e0ff20d274c7128b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqpP82q3YlBVKzeWOLU%2FuOK4qWWj3bsbEoKGmEJOSKtgQvVQSWMf%2BHjYttgS%2Bq4nDmmtbhWekjcKNdxUV60QhakbyiCZjIoS21L%2FdY8F5dWdDGIUW8cijKlVKWttex%2BpCsDBzNwe56QQCqIgcDeK"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646208914700392 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 17379 accept-ranges bytes cf-ray 6f2777a70c570dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	meiguo5.jpg img.publicdn.xyz/upload/	16 KB 16 KB	147ms 146ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo5.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6dfcc4724f0630247b359236312b1dfadd3c13cbf47284bfecdeaf4ecbd6992 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=+JB84w==, md5=N/vKD7sZgOfCMTUhw+TLTw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ADPycdt1jC-LjpYKFn5u30BhPzu2GNUq0qyZHk1OMaeqWlBYJrccglHzMEZKE0L5tWY7QXeU9zTVsqBPeZp4KAAz98U x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 15954 last-modified Wed, 02 Mar 2022 08:15:14 GMT server cloudflare etag "37fbca0fbb1980e7c2313521c3e4cb4f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HT3hBOZB%2BTrLUllC9C8udQ7uJfiuQXJG0sdCvABlJ1OEjQ%2BetYTPfwyepLO7R2I8p0QoCLv1fD7mWrzAMq9Yrs%2BE5Cbqeneq3ebRzJ1RBeq9m0g5%2BU7czeV5fktIU66MqaLr2I4SOJY%2F7AqA5tRd"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646208914662144 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 15954 accept-ranges bytes cf-ray 6f2777a70c590dfe-MXP expires Sun, 27 Mar 2022 11:33:21 GMT
GET H2	200	meiguo6.jpg img.publicdn.xyz/upload/	14 KB 15 KB	69ms 68ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/meiguo6.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06fed875f683d54bf1a85b7e1711f1a27195bdf50242e9448a3b45d82c9c8921 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=lmBaUQ==, md5=vPGXCy1NAb3E++6kQfzVaA== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1607 x-guploader-uploadid ADPycdu_WGo5ko8A3u3veukdzQqbNxlAVCdXDc5U-MoZYeZzKWzUoaAZQxKvygTtUfkLBz1I0_O6HDycJH3gEwJxCws x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14513 last-modified Wed, 02 Mar 2022 08:15:14 GMT server cloudflare etag "bcf1970b2d4d01bdc4fbeea441fcd568" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e52nx%2BPgCg6p1eui9jDVC3g3AjtbECxgpa1lhgxfYuaEY9q8HA8hSkQ4fiX92pVuEfnzZkuH0qnAxI9lEzgsfY6YB7OusOCcASf5eLxWgxjVQAYh9JZp1CHg9eO1rGsXl8f30WOH%2FNscnF6BZqaG"}],"group":"cf-nel","max_age":604800} x-goog-generation 1646208914714574 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 14513 accept-ranges bytes cf-ray 6f2777a70c5a0dfe-MXP expires Sun, 27 Mar 2022 10:19:42 GMT
GET H2	200	vv4.jpg img.publicdn.xyz/upload/	12 KB 13 KB	68ms 67ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/vv4.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f09646f6ff3d861e7b19064a21df23d16513596191b33d3b08eae2b3ca5aa0da Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=X1bvVA==, md5=o7IRHlBNdQD5B+YhiM1HdA== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3427 x-guploader-uploadid ADPycduvdJg7KCM4RkkgnfZ0b_OtUFISspI7yEc3SZgUr_L_QpDMMuR2b0i9v6wmBwrFegdK7KUtVqh5t11ih-67JRg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12485 last-modified Sat, 19 Feb 2022 01:35:15 GMT server cloudflare etag "a3b2111e504d7500f907e62188cd4774" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5i6dMGn%2BjL0MTOZK6bW8E9iSCxf9utP%2F8H5jv0UctFfF5h5J0v23V07t6Nu8ORnt1y1taXs9ZnRgHHiH%2BOclJ3%2FINBctA%2BXiSo%2FZyd8Gk8LZ0jyAFPWWwB8XKEkpuz0Dmuidt3GLXJjsNxZUZjq"}],"group":"cf-nel","max_age":604800} x-goog-generation 1645234515016710 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 12485 accept-ranges bytes cf-ray 6f2777a70c5c0dfe-MXP expires Sun, 27 Mar 2022 10:28:18 GMT
GET H2	200	v5.jpg img.publicdn.xyz/upload/	11 KB 12 KB	69ms 68ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/v5.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8e47313ba5db208b76221814e2c5c7836f3db72eb62713e04ffabc8c57b8290 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=9yCDkg==, md5=F4WYHdNxnhkhCOwNAUSurw== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2579 x-guploader-uploadid ADPycdtw3BxXEDLApy1Lh39lvYXlyE8xNwsB2GZGjqGy6cr7hsx9esjtwCACjBQHHKZKnh5CvHc_CCi99EXT5nE2iQc x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 11563 last-modified Fri, 18 Feb 2022 21:39:13 GMT server cloudflare etag "1785981dd3719e192108ec0d0144aeaf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P9NiV%2F5osoohy0GtF1%2BuFiiyosQ1ExWDE4o0oK2wyfb94aYTVGoV9LDFZd9a1FSkyjZSw3KOx5%2BBX2tHU9mTosGUm%2B1TMEAvbKCnkA2S3UbQYNTElCmYE6dBYmOnUgL3B15ilkXf9WsZxBrskgu"}],"group":"cf-nel","max_age":604800} x-goog-generation 1645220353265293 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 11563 accept-ranges bytes cf-ray 6f2777a70c5d0dfe-MXP expires Sun, 27 Mar 2022 10:50:22 GMT
GET H2	200	ninsd.jpg img.publicdn.xyz/upload/	10 KB 11 KB	158ms 157ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ninsd.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 806a9e4829949c3db94f068547f9c849fc66927000539f55cc252a17b18c18bc Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=aHQijw==, md5=wGkrydPJVskZhS6XvVJB/g== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ADPycdvjCzBD2BSBClXzfg9ln1MiqEVSM0ORgFf7QsrHkI9qaZfNzvSFkSk2LBl--cZvjEHjSkaxfkEznQ6Mapu_Vr8 x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10575 last-modified Mon, 14 Feb 2022 08:36:32 GMT server cloudflare etag "c0692bc9d3c956c919852e97bd5241fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ji%2B3b%2FgIAf%2FvdUsuSQHlGBQnW%2BNRbMSxPlzvph8mzjwclCHcGQuw8YgQ9ZCb6ML6qXJFAc6KllObVj%2BGew2I40oM1dssS3MrCcEdtuvnMr2tJSGvAD%2FLr4Tf1mmFjNuXi075SXBC0Iynxglyaxd"}],"group":"cf-nel","max_age":604800} x-goog-generation 1644827792794441 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 10575 accept-ranges bytes cf-ray 6f2777a70c5e0dfe-MXP expires Sun, 27 Mar 2022 11:33:21 GMT
GET H2	200	ninsf.jpg img.publicdn.xyz/upload/	13 KB 14 KB	67ms 66ms	Image image/jpeg	2606:4700:3034::ac43:debe CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.publicdn.xyz/upload/ninsf.jpg Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:debe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6d1b4ce402ec9a99eacaa76873ece37b0e460640ac7ce26e3944fa4a4b986067 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-goog-hash crc32c=f25FZQ==, md5=w6MWJjDobYBn2wfW9W803Q== date Sun, 27 Mar 2022 10:33:21 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 94 x-guploader-uploadid ADPycdsImtVd3HtVUrlo94xrnjR3HGuJTFeWaV5Ovf9V4Ub0SKfd7W1Rkyv5DkZ5iO8lrjvYuBs7nzSODWUXoKEgM0E x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13287 last-modified Mon, 14 Feb 2022 08:36:32 GMT server cloudflare etag "c3a3162630e86d8067db07d6f56f34dd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVU8hJoVMbj2vG021ij5kuS6qCtuN%2B6nDKkf2Tgd4ZAT3pEZvHT1mA44dAJTgLjGTuUHTG6AFFi85E53c9uMYPNQL0BGXRbfZN8JqV%2BOYDC8PNeFVgHP5AIS%2BShw23nEwQ2iS1Q47x8%2BVEziwIbu"}],"group":"cf-nel","max_age":604800} x-goog-generation 1644827792906934 content-type image/jpeg cache-control public, max-age=14400 x-goog-stored-content-length 13287 accept-ranges bytes cf-ray 6f2777a70c600dfe-MXP expires Sun, 27 Mar 2022 11:31:47 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	38ms 16ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2QCXPE9LNW Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1d7e2728d93eeb800623d728f75a52aaf29b34dc5ed45a9f64047f50b63789d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65103 x-xss-protection 0 expires Sun, 27 Mar 2022 10:33:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	19ms 18ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c0787acc5076e94cd33bc91152ccc190fc24489b541b804e039522fbdd5b5d8c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65103 x-xss-protection 0 expires Sun, 27 Mar 2022 10:33:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	16ms 16ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 48a88324e39a7460fc3123dcacce0f20e94efb3715e8f0d3fab5b6e156017848 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65103 x-xss-protection 0 expires Sun, 27 Mar 2022 10:33:21 GMT
GET H2	200	bnr_xload.php Show response uprimp.com/ Frame A3D1	0 255 B	42ms 42ms	Document text/html	185.66.200.220 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=164837720133376&xtt=4812982 Requested by Host: uprimp.com URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS 185.66.200.220.skhosting.eu Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ Response headers server nginx date Sun, 27 Mar 2022 10:33:21 GMT content-type text/html; charset=UTF-8 expires Sun, 27 Mar 2022 10:33:21 GMT last-modified Sun, 27 Mar 2022 10:33:21 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex, nofollow, noarchive, nosnippet
GET H2	200	yuming.js Show response 3ncrd.tw/G5u28UOq/mahanairsj/	268 B 564 B	290ms 290ms	XHR application/javascript	2606:4700:3033::6815:5ee2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3ncrd.tw/G5u28UOq/mahanairsj/yuming.js?1648377201808&_=1648377201671 Requested by Host: cdn.jsdelivr.cc URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:5ee2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:22 GMT content-encoding br cf-cache-status MISS last-modified Sat, 19 Mar 2022 15:07:41 GMT server cloudflare etag W/"6235f1bd-10c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCw1pIjLakRzI1I2wTF2qcW7%2B%2FvuEfgFRPqCH4YOdqTFFHiJNlVzuiOg62f4VTJsqb9UEN1PzbH00g8g5B8UC1wt25RRMphc3PvppKXSHcFN783giEQ3O%2F9w6BAA5O3xQh4CABq4EQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=43200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f2777a76d1359b3-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Sun, 27 Mar 2022 22:33:21 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	35 KB 13 KB	1532ms 325ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6 Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 84e506c81faf8dd43cefe733d846ffed172298efcd3a41eccc94ccf1206b3392 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 27 Mar 2022 10:33:23 GMT Content-Encoding gzip Server apache Etag 6ecba84359d32e378110e30b3b18fbd0 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 13002
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	40 KB 15 KB	1545ms 334ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?d3d0726996faee5623de6c694d1e502e Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 04dc88efec1587974f67f8d4c38281c9efebf0a4435ce622b5d654a051907f26 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 27 Mar 2022 10:33:23 GMT Content-Encoding gzip Server apache Etag ae17b44fa632e0c78b71d8f74ab18da4 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 14607
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	35 KB 13 KB	1556ms 335ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8 Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 4f3ed0d71493b1df328547d210497ffe5d5cb809c4ff8951d30fc7d8913612f2 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 27 Mar 2022 10:33:23 GMT Content-Encoding gzip Server apache Etag 75a1a98302d075fc6078102f4e77cea4 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 12997
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	35 KB 13 KB	1558ms 337ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?e8430a361305901aaf21019d086a2e3f Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash c1a8bc3c925e87d2a0d123d4a3de200198b6e8945a3fb1c943e212b3d4903ec4 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sun, 27 Mar 2022 10:33:23 GMT Content-Encoding gzip Server apache Etag f717c0b6cb3cb18b94d39e9281a4dc85 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 13004
POST H2	204	collect www.google-analytics.com/g/	0 342 B	40ms 14ms	Ping text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-2QCXPE9LNW&gtm=2oe3e0&_p=1845006401&sr=1600x1200&ul=en-us&cid=635994056.1648377202&_s=1&dl=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206&dr=http%3A%2F%2Festimationoverstate.top%2F&dt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A&sid=1648377201&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2QCXPE9LNW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 27 Mar 2022 10:33:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://3ncrd.tw cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	18ms 17ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2QCXPE9LNW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d910dbd1a3c33a83ceef18f7b30629f6c407c38b2879e23fb36f9323853b5be2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65104 x-xss-protection 0 expires Sun, 27 Mar 2022 10:33:21 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	17ms 16ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2QCXPE9LNW Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cf24c6bf55987f2990edd32559e1af856cbf0c1528eb1772cf6c9c5e6f316127 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:21 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65107 x-xss-protection 0 expires Sun, 27 Mar 2022 10:33:21 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	30ms 14ms	Ping text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oe3e0&_p=1845006401&sr=1600x1200&ul=en-us&cid=635994056.1648377202&_s=1&dl=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206&dr=http%3A%2F%2Festimationoverstate.top%2F&dt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A&sid=1648377201&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 27 Mar 2022 10:33:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://3ncrd.tw cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	22ms 14ms	Ping text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oe3e0&_p=1845006401&sr=1600x1200&ul=en-us&cid=635994056.1648377202&_s=1&dl=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206&dr=http%3A%2F%2Festimationoverstate.top%2F&dt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A&sid=1648377201&sct=1&seg=0&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Sun, 27 Mar 2022 10:33:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://3ncrd.tw cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	tb2.php Show response 3ncrd.tw/G5u28UOq/j/	264 B 649 B	272ms 272ms	XHR text/html	2606:4700:3033::6815:5ee2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://3ncrd.tw/G5u28UOq/j/tb2.php?c=mahanairsj&np=taoluming&_=1648377201672 Requested by Host: cdn.jsdelivr.cc URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:5ee2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3314e5bd39d22562ccf1587539a73397fb32eba92b182fbcbed7e97fd6d4c65 Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:22 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1JiN5IYCF5nsQ%2FuTlYxqGXNFahShEpu0%2Bk%2Fcd%2BzkEXAbv%2FV2e8hLW5Bc5b3jaFf3jNfLgljgq4U%2BsaawfvQZz6vtctPFBI9YUJwwOWnIqb%2BanjEKP7WGwLztDlJ%2BpEHAUcc2IeK1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 6f2777a939a583b2-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	333ms 332ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=73774748&si=d3d0726996faee5623de6c694d1e502e&su=http%3A%2F%2Festimationoverstate.top%2F&v=1.2.91&lv=1&sn=40884&r=0&ww=1600&ct=!!&u=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206%231648377202311&tt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 27 Mar 2022 10:33:23 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	330ms 329ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=278448304&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Festimationoverstate.top%2F&v=1.2.91&lv=1&sn=40884&r=0&ww=1600&ct=!!&u=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206%231648377202311&tt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 27 Mar 2022 10:33:24 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	339ms 339ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1950660072&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Festimationoverstate.top%2F&v=1.2.91&lv=1&sn=40884&r=0&ww=1600&ct=!!&u=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206%231648377202311&tt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 27 Mar 2022 10:33:24 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	332ms 332ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=212007143&si=e8430a361305901aaf21019d086a2e3f&su=http%3A%2F%2Festimationoverstate.top%2F&v=1.2.91&lv=1&sn=40884&r=0&ww=1600&ct=!!&u=https%3A%2F%2F3ncrd.tw%2FG5u28UOq%2Fmahanairsj%2F%3F_t%3D1648377201206%231648377202311&tt=%F0%9F%8E%89%F0%9F%9B%AB%EF%B8%8F%EF%B8%8F%EF%B8%8FGeschenk%20zur%20Feier%20des%2020-j%C3%A4hrigen%20Jubil%C3%A4ums%20von%20Mahan%20Air!%F0%9F%9B%AB%F0%9F%92%B8%EF%B8%8F%F0%9F%8E%8A Requested by Host: 3ncrd.tw URL: https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Sun, 27 Mar 2022 10:33:24 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	/ Show response qoaaa.com//4fe48aebd6/4f59451604/ Frame FC06	33 KB 3 KB	88ms 88ms	Document text/html	185.66.201.42 SKHOSTING-EU
General Check archive.org Show headers Download Go to Full URL https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Requested by Host: qoaaa.com URL: https://qoaaa.com/js/responsive.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK), Reverse DNS affilist.com Software nginx / Resource Hash dc21e27c77894682131b772aea7bcc53c94596b6f94a12ca571ad180edf4adba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://3ncrd.tw/G5u28UOq/mahanairsj/?_t=1648377201206 Response headers server nginx date Sun, 27 Mar 2022 10:33:24 GMT content-type text/html; charset=UTF-8 expires Sun, 01 Jan 2014 00:00:00 GMT cache-control no-store, no-cache, must-revalidate post-check=0, pre-check=0 pragma no-cache x-robots-tag noindex,nofollow access-control-allow-origin * content-encoding br
GET H2	200	css fonts.googleapis.com/ Frame FC06	1 KB 934 B	41ms 17ms	Stylesheet text/css	2a00:1450:4001:82b::200a
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Catamaran:800&display=swap Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a -, , ASN (), Reverse DNS Software ESF / Resource Hash 0c1d892e34d56dfcb797f641d7cfedf70faf9cbbec63ce3e8ee6cbd29d72261f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 27 Mar 2022 10:33:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 27 Mar 2022 10:33:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 27 Mar 2022 10:33:24 GMT
GET H2	200	fire.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	95 KB 96 KB	161ms 68ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/fire.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash 3ede3834b5ab7b96eb553d15389b0a2d6dca3f2c2f8b6c7a80c313f0c125a949 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:26:37 GMT server nginx etag W/"5d9da7cd-17dc1" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET H2	200	tornado.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	41 KB 40 KB	262ms 169ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/tornado.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash e3f8c209cb36df0ec275c3e0a5181494b023893e96fd25c668646fde8cf10003 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:25:36 GMT server nginx etag W/"5d9da790-a397" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET H2	200	shark.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	102 KB 102 KB	263ms 170ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/shark.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash 9ef2b1aecd71c5ee019f84f0e50624057f65be84e1834f53281eda772426d0e0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:26:04 GMT server nginx etag W/"5d9da7ac-197f9" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET H2	200	unicorn.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	131 KB 130 KB	263ms 170ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/unicorn.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash b5d9a3fb3f15053974af593c51e39440f1dfea9a23250fe7bb6e7c9a3f6369d5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:24:51 GMT server nginx etag W/"5d9da763-20b52" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET H2	200	ufo.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	79 KB 79 KB	263ms 170ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/ufo.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash 627c82828babeaca73f02040facb14b5200b06511fa5ad572c1e3b4ae8b97a38 Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:25:05 GMT server nginx etag W/"5d9da771-13b4b" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET H2	200	rocket.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	64 KB 0	263ms 170ms	Image image/jpeg	185.66.200.127
General Check archive.org Show headers Download Go to Show image Full URL https://aff-a.advertica-cdn.com/genericImages/breaking-news/rocket.jpg Requested by Host: qoaaa.com URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_6438&maxw=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.66.200.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://qoaaa.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 27 Mar 2022 10:33:24 GMT content-encoding gzip last-modified Wed, 09 Oct 2019 09:26:15 GMT server nginx etag W/"5d9da7b7-160b5" vary Accept-Encoding x-cache HIT content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000 x-server cdnbts expires Tue, 26 Apr 2022 10:33:24 GMT
GET		spider.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	0 0
GET		monster.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	0 0
GET		water.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	0 0
GET		tsunami.jpg aff-a.advertica-cdn.com/genericImages/breaking-news/ Frame FC06	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

aff-a.advertica-cdn.com

URL

https://aff-a.advertica-cdn.com/genericImages/breaking-news/spider.jpg

Domain

aff-a.advertica-cdn.com

URL

https://aff-a.advertica-cdn.com/genericImages/breaking-news/monster.jpg

Domain

aff-a.advertica-cdn.com

URL

https://aff-a.advertica-cdn.com/genericImages/breaking-news/water.jpg

Domain

aff-a.advertica-cdn.com

URL

https://aff-a.advertica-cdn.com/genericImages/breaking-news/tsunami.jpg