jtdazw.heldleave.buzz Open in urlscan Pro
2606:4700:3033::ac43:b924 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jtdazw.heldleave.buzz/
Submission: On March 28 via api (March 28th 2024, 4:48:24 pm UTC) from US — Scanned from US

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3033::ac43:b924, located in United States and belongs to CLOUDFLARENET, US. The main domain is jtdazw.heldleave.buzz.
TLS certificate: Issued by GTS CA 1P5 on March 12th 2024. Valid for: 3 months.

This is the only time jtdazw.heldleave.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3033::ac43:b924	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	172.67.185.36 172.67.185.36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:440... 2606:4700:4400::ac40:9ade	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.246.24.243 47.246.24.243	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	47.246.22.230 47.246.22.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	203.107.86.226 203.107.86.226	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
44	6

1 2606:4700:3033::ac43:b924 (United States)

ASN13335 (CLOUDFLARENET, US)

jtdazw.heldleave.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.185.36 (United States)

ASN13335 (CLOUDFLARENET, US)

jtdazw.heldleave.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:4400::ac40:9ade (United States)

ASN13335 (CLOUDFLARENET, US)

static.mercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.24.243 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.22.230 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.107.86.226 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	heldleave.buzz jtdazw.heldleave.buzz	273 KB
16	mercdn.net static.mercdn.net — Cisco Umbrella Rank: 200298	2 MB
4	51.la js.users.51.la — Cisco Umbrella Rank: 114608 sdk.51.la — Cisco Umbrella Rank: 78150 ia.51.la — Cisco Umbrella Rank: 97435 collect-v6.51.la — Cisco Umbrella Rank: 61533	19 KB
44	3

	Domain	Requested by
24	jtdazw.heldleave.buzz	jtdazw.heldleave.buzz
16	static.mercdn.net	jtdazw.heldleave.buzz
1	collect-v6.51.la	sdk.51.la
1	ia.51.la	jtdazw.heldleave.buzz
1	sdk.51.la	jtdazw.heldleave.buzz
1	js.users.51.la	jtdazw.heldleave.buzz
44	6

This site contains no links.

Subject Issuer	Validity	Valid
heldleave.buzz GTS CA 1P5	`2024-03-12` - `2024-06-10`	3 months	crt.sh
*.mercdn.net GlobalSign GCC R3 DV TLS CA 2020	`2023-05-09` - `2024-06-09`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2023-04-20` - `2024-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://jtdazw.heldleave.buzz/
Frame ID: 53B5D96A0E7DA658B12C98F3D56E144F
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【ミリタリー】【お1人様1点限り】ボディケア椅子/チェア

Page Statistics

44
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

6
IPs

2
Countries

1973 kB
Transfer

2051 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
jtdazw.heldleave.buzz/ 28 KB
5 KB 611ms
544ms Document
text/html 2606:4700:3033::ac43:b924
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jtdazw.heldleave.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b924 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b731bcc4b8a25fc6351629b14d76bbd80a927248d4267fb90a641ad916e36fff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 86b91b5328ac4bcc-BUF
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Mar 2024 16:48:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BNWhPAvoZpb6n5RN5KPMaFx025%2BCdABzd5pw%2FZq6uq%2Fsj6ziRX1S5df676uZGnpHVbxlmvjKW1odQNhcpPpYRQtwS07F9HKajVavcJCaXQuqmSYhreSrp7DuPQ77zwElily510NonO%2BaPdgoQUzovNZA%2F0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style_header1.css
jtdazw.heldleave.buzz/includes/templates/newmbclp/css/ 7 KB
2 KB 102ms
101ms Stylesheet
text/css 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/style_header1.css
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e321ef6f3e67efe7d68848c6056e723a09f39c3b25933cd3f0ce3c98927804f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ba0209-1a30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jyQ2ipOvC%2BJGYuNu11Y6fQKJ%2FOzz%2BPiSItU7UE%2BS3SSXrTZRhunMNqFwqtMdxuzy%2FU4hTeXcjXJxouonR4PNH5uBFhgiEgttYL%2FEp9MlNDH72pQxTqMh3wjASK8vJ49ILyqgAkWIOxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 86b91b56aa166163-ORD
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Mar 2024 04:48:16 GMT

GET
H3 200 stylesheet.css
jtdazw.heldleave.buzz/includes/templates/newmbclp/css/ 64 KB
13 KB 131ms
129ms Stylesheet
text/css 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/stylesheet.css
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6438161d78ba8919f5029f40886ae8e8d0d630b8eb60ea1266cf4e4b47ccf9c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ba0209-10074"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nZU35x6fK%2Bcc7gOga3tXlsjsJGHMfUsP19h6B6AWFhqI8BRynpl9LV2MgEimG49RPx496oqtHeJQeoSffBNrWlpx%2B5caYVNKJE6rZasFNuM%2BFHVy1DDzS1ZlnU9EnEdEGMxmwBuelBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 86b91b56aa196163-ORD
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Mar 2024 04:48:16 GMT

GET
H3 200 header_banner1.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/ 31 KB
31 KB 103ms
102ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/header_banner1.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858b2f573630d9f5a47777b2643f8bb761db060c86183da67feb13cd9e149f86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-7a93"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fPwijj7n0BoQY3WPSiNv6jIq06n1%2BP%2BiSibgFd8FNVWi8ipuc6b7uMtlvWCzVFv%2FZQ8Bt%2FfQkYw3kTVpeYp992WK1T1NbmgDA%2BqGvJBx2Ypi%2Fk9VTMXI75zwzDIxzpLDMR206iKdGOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b56aa1a6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 31379
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 logo.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ 11 KB
12 KB 85ms
85ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/logo.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e6c2c538483e38097d0ba073fca1420878adea69c890ef70d97788380e690c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-2cc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lz0eNrzCJO8mKjO2jLVmF8s87Sfv16x5d1%2B1cMHF%2BuTtaMBothAqL7tXxqGt4pAY74aTomN6R9FzPp3nYLFErJgtcpd3M3YsmTxFqeZhIV66lj%2BRX%2F%2B7YI9kjKrDgOIDXPpw4CH0QrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b56aa1d6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 11456
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico01.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ 2 KB
2 KB 77ms
75ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ico01.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853f95bb856ac1be888c128ee8cd29f7be5bbda9cd2e1fc2fbe3b3416ea4e6df

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-649"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VP2dskyuprM6sgLb5StVU%2Fq7FTY3Hty79%2Fvxslf3YYiYA1%2BVzJ2L8vjvUk4924LPggiJxAkE1Iu9NI7Ddzzi0PJSBw2x6%2FQinMS%2Bz6EPlhJ2tlCd0H843i3b4cjZ1IPbe9MbC%2FuNUSw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b571ac06163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1609
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico04.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ 1 KB
2 KB 119ms
115ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ico04.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acae4c1c03023c8607ec363d0f3fa689a85f89309bc41886b956c8d3c2e54ecb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-5b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ca9OcHdzGTlvH5ju6unXIrf5G5GXdJ9ohOVw0aMBZut1M%2Feg16SmT1OXl229askvV0ynwsxW2%2F9bjxs4FsImlpOrBmFrNyCgVNkWvNn77OKyM4QP%2BTJmFzNxzsg6YhHsFZUTAL80%2BTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b571ac76163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1461
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico03.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ 1 KB
2 KB 85ms
79ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/header/ico03.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5d4419c7f232cfdc91dc6e398e9f6aabdac1dfcdc4285dd93251f57b0ba2d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-5b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jiRblijh3HW%2BqOkUi6Ui1N8U1OTCCyP3q0hNah8Qe8RCjR9vbtjEanlb4I%2F95N2MHLFySfw3bWrIObdxgG3yHuHkUuT2%2FdkcY2rzcTDOd3Lf22cRMEOAP1gWikqmQonyh6bjdy5r8nA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b572aca6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1457
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 1697262048_e317f6df.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/ 87 KB
87 KB 114ms
102ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/1697262048_e317f6df.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e898711b63940831c98355c5d37d25be6778f0c1526a08d426ae3c669796620

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-15a4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fxoTlwwzTXBCF5DPMhXoWPhHieRB4KMx6%2BT1eAUOGG9dnoeyHcv%2BMqzWUPDCqF%2FwJk3JHpnU5LBQvmyBPko4lOGPp89M0ep%2F%2BysJBk0ToatN55yigr%2FUQesia4vjWFwEuln34d4Slzg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573af66163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 88651
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 md5.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/category/ 52 KB
52 KB 381ms
368ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/category/md5.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf622d67fa7f01ed75cf5efe46b8502c3b0ae0300a7d6862cdc7e6e2507030e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-cf5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOHnMNgZqJuzTy6Q9mVaNfRAvi1HWU8FglQtYDDHSO0Yqhz283L4gtSElKoXWDGCSWbx%2FtJaD4E1V2b0YmHZDP3kCtSweMsJzQhKnJEM3ffYxpIniKpdAAAul0lFoYiOX%2FumYFn2dJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573af86163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 53085
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 conttl_line01.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/index/ 9 KB
9 KB 100ms
87ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/index/conttl_line01.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d973c032b5ccd55ca5ecd51963ce9dc270d5717dbab4d17e02359fb7a77259

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-225a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HaSAdBXvCaW3ThwPqFvTeAEepQnnD5Wf%2FXk4cmig2e9dWksC%2F8%2Bh2pjGnMddn6Lcq6m2jlvkJxspqLfrRp%2FCjrFQzqIHRYKdl5%2FcG%2FvfxQooqHVlE%2BjLXjFwUmimANFqOGxAYfWtcEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573afb6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 8794
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H2 200 m85395697436_1.jpg
static.mercdn.net/item/detail/orig/photos/ 74 KB
75 KB 1753ms
1634ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m85395697436_1.jpg?1678247326

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1052dca0626005451d9e943bacb8faea49ac623876b3959d80315b8658ba9f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: CiSxeapOEBGJwjL5QEDIb4BY6A1YiVle
via: http/1.1 rear.sv211 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: AJ66FBS3MWHHX0PG
x-amz-server-side-encryption: AES256
content-length: 75992
x-amz-id-2: YcoW4f7IGCa1AG1aFMXGwravw6uul0Qm2eIHj50eYoT9TS06vXbdmP/Df2rsr5U6GfPTkLKKHZA=
last-modified: Wed, 08 Mar 2023 03:48:47 GMT
server: cloudflare
etag: W/"ED1e_M0ksw9mnwUIZCIAAAAiODI3ZWY4MzdmZDc5NjU0MWFhMzcyODJlOTQ1YzZhZjIi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dac06aee-BUF

GET
H2 200 m43170077639_1.jpg
static.mercdn.net/item/detail/orig/photos/ 198 KB
199 KB 1171ms
1053ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m43170077639_1.jpg?1682413805

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c63a972181d87053ed879e877d279272c5afee38684a9a2c2e9090a8da3ee73

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:17 GMT
x-amz-version-id: 77md4uPswqdhXGd8QG2KzNH6moULrf5s
via: http/1.1 rear.sv206 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: ZPR1SY59QJD6A2YC
x-amz-server-side-encryption: AES256
content-length: 202796
x-amz-id-2: EUkPGWnF2u15BXsyLL/Xh/STzS3vq64sIoOtuDPAe2FggqvO7za0wye9iC15oCHTBukc5x3yo1U=
last-modified: Tue, 25 Apr 2023 09:10:06 GMT
server: cloudflare
etag: W/"EH0puIzYs9-e7phHZCIAAAAiZTBjNzYyNzA3Nzc1ODM4YTgxOTYxNjU3OTJkMDA0M2Mi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dac16aee-BUF

GET
H2 200 m68237713939_1.jpg
static.mercdn.net/item/detail/orig/photos/ 55 KB
55 KB 2679ms
2561ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m68237713939_1.jpg?1681191724

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27a31a78baf169e93272c654de3803482cd0c0c357013784547ef2637949920a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:19 GMT
x-amz-version-id: GRpdvVTN7Qu6hW7KmcEGVnuJXWUhFlGR
via: http/1.1 rear.sv206 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: K5MT0PK1S1GTBH5P
x-amz-server-side-encryption: AES256
content-length: 55993
x-amz-id-2: rSOxU8C5WEP8kE0EWsWU70GgoNJL38nLa9qCNP9QDjLvfAG0QbuyhVk10ydf3ASNLK+DwXVlE4o=
last-modified: Tue, 11 Apr 2023 05:42:06 GMT
server: cloudflare
etag: W/"EFkhAg9GV5C7LvM0ZCIAAAAiYzM5ZmRkM2Y4NjAyMWFhNmVmMDNjNzYwYjI0YjhmN2Ui"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dac26aee-BUF

GET
H2 200 m14157040761_1.jpg
static.mercdn.net/item/detail/orig/photos/ 41 KB
41 KB 2220ms
2103ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m14157040761_1.jpg?1655273842

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c73afc470d8aaf4a9308d6f2fc6723d1e8e388cdd96c85ad2d872e1470f13ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: 3V26labI9SdKILqUwJBALDNnqKXBso2g
via: http/1.1 rear.sv207 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: DK1196WTGEZ2XGN2
content-length: 41595
x-amz-id-2: GoEn53dwuUJoezFI/13iW9dDhdIXIm48+J9N/nVW94KjXN2UmtLaiHGyGPQj8ll8+wtkW/DwliI=
last-modified: Wed, 15 Jun 2022 06:17:23 GMT
server: cloudflare
etag: W/"EOSHHy8tdBBKc3mpYiIAAAAiMDQzNDU2OGNlYjE2NzNiMzIzMzRhMGI0NzBmM2NjMzci"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dac36aee-BUF

GET
H2 200 m52727324100_1.jpg
static.mercdn.net/item/detail/orig/photos/ 70 KB
70 KB 1778ms
1661ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m52727324100_1.jpg?1680785175

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dc745b9f4c872429707774299b4ce66a05f210a7f064bd58294c325099a7687

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: qRIpAOsh_tLX2DogWRf6LMN9rfoy4n3N
via: http/1.1 rear.sv215 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 8AP7QNNMS07GF6XP
x-amz-server-side-encryption: AES256
content-length: 71273
x-amz-id-2: OXjlYpDAzVRHhv4FcpSiFAxDmqLvL3rixELuEgmPAberEX/c2wOy/TGCf2rjN0nUvmjlJevsAdA=
last-modified: Thu, 06 Apr 2023 12:46:16 GMT
server: cloudflare
etag: W/"EOasoOM7nhNkGL8uZCIAAAAiZjZiMmI3YmZhYWNlNDE1MTc2MDkzMzcwYjZlODc1MGIi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dabd6aee-BUF

GET
H2 200 m75867325710_1.jpg
static.mercdn.net/item/detail/orig/photos/ 188 KB
189 KB 1697ms
1580ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m75867325710_1.jpg?1682841265

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5d0d507233198d0c6432116c27f4d3fd56eb3cd5df8be450ee61b432b70559d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: OusrUuxjL8N1BAeL8c1ZsHu94U7w_4AM
via: http/1.1 rear.sv203 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: NH04Z11MEX6DJJZW
x-amz-server-side-encryption: AES256
content-length: 192588
x-amz-id-2: OikbSHIGfK2B/jChSFq6hnj25L93nNV0QC7FhfaFqqRgNkL+RuRz81gpzQnkbwFUXp7wBIcfXns=
last-modified: Sun, 30 Apr 2023 07:54:26 GMT
server: cloudflare
etag: W/"EOWncEZ-hOI7sh5OZCIAAAAiODU0MjQyMmVlMmUzOWUyMDczMDlhOTk5MDg5Zjc4NTci"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dabe6aee-BUF

GET
H2 200 m81681442045_1.jpg
static.mercdn.net/item/detail/orig/photos/ 22 KB
23 KB 40ms
36ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m81681442045_1.jpg?1682241844

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91adaefb00dd913c63ddcb9134cd842960161450d6ddeacfb4529d475e6250d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
via: http/1.1 rear.sv126 (ATS [cMsSfW])
x-content-type-options: nosniff
x-amz-version-id: RUPz4owsaLxr60VlYM6gziliEsftNowB
cf-cache-status: HIT
x-amz-request-id: G76G12MV0YXX61RE
age: 1019709
x-amz-server-side-encryption: AES256
x-amz-id-2: WOohjfYlj1FEn+eHvZ4+zWBukwOo1d5/lnn4yVg7d/xiI6DSz4B1i/JR7uoKyYTqneTh1hhtBQg=
cf-bgj: h2pri
last-modified: Sun, 23 Apr 2023 09:24:05 GMT
server: cloudflare
etag: W/"EFecNg2QAJZcNflEZCIAAAAiYzU4ZmUyMzkxZmI5MmFlMmM0NjNjMzQxYzkxMTFlNDIi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 86b91b57dac46aee-BUF

GET
H2 200 m12373138738_1.jpg
static.mercdn.net/item/detail/orig/photos/ 230 KB
231 KB 1584ms
1581ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m12373138738_1.jpg?1682766223

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9350cef507518c622cf749b61e1d3a58cedb706c2fe9c3edd1c4e7a61f5bbca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: M58PrlIQLg288MCkGIjEAfCMtCls4MSM
via: http/1.1 rear.sv202 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: X5SMT5NX6N6KJ7EM
x-amz-server-side-encryption: AES256
content-length: 235630
x-amz-id-2: 5IdOepdirj64XSd0NhKNo2HKKTqk0PhPBaS1qHJKo6tmxoUuM2NY/daHhBgO8QhjRlXZgnAKK9k=
last-modified: Sat, 29 Apr 2023 11:03:44 GMT
server: cloudflare
etag: W/"EPWzfYjXX5-akPlMZCIAAAAiZmYzOWZiZGNlOTgxMTkyYjkzYjZmOWNiOWZiYjU0YzAi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57dac76aee-BUF

GET
H2 200 m63271740304_1.jpg
static.mercdn.net/item/detail/orig/photos/ 46 KB
46 KB 2577ms
2574ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m63271740304_1.jpg?1521861931

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743a146908561cb730ffc53d0c20edb4bdcbf6d6040e79f8bbcc3c8a4577a159

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:19 GMT
x-amz-version-id: LP.nI6KA0SD5mit0JTfn3O1eJsI0nfHs
via: http/1.1 rear.sv205 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 4J479YTD7N7QAEZM
content-length: 46785
x-amz-id-2: 734sL/r1qvwQDyBzVyi7xL1Bb4i2CkwZz1TiEBHhnSoK5SvTf0Fz4gV4Qty6NfA+NSMASuGknYA=
last-modified: Sat, 24 Mar 2018 03:25:32 GMT
server: cloudflare
etag: W/"EK2aZcGu7Dr5LMW1WiIAAAAiODA5YzQzMDdkMjI0MTE0NmJjMGM0MDQzM2Q2MzgzOWEi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead26aee-BUF

GET
H2 200 m95509517173_1.jpg
static.mercdn.net/item/detail/orig/photos/ 173 KB
174 KB 1595ms
1592ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m95509517173_1.jpg?1701784853

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb6381d2e320d2f0985ca2b0d8be5ff7698f80a48445df0095825523149b0f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
x-amz-version-id: R7qFpL8crSCKy2SWgLpemyWqoo6hmaGg
via: http/1.1 rear.sv207 (ATS [cHs f ])
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: R0ZM72EDQACA6S5V
x-amz-server-side-encryption: AES256
content-length: 177474
x-amz-id-2: w8EwVjLtuTLsQN5NuGNrNt8fFWfVblxkFrAPN3BqCAni5QuNG2Io41BVH0pDonoH4ORM+9ss+/w=
last-modified: Tue, 05 Dec 2023 14:00:54 GMT
server: cloudflare
etag: W/"EER2SWw1htGjFi1vZSIAAAAiZjNkNWZmNWE0ZTU4ZjU4ZTM2OGVjYWRiNTZlNWU2ODAi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead36aee-BUF

GET
H2 200 m35489093202_1.jpg
static.mercdn.net/item/detail/orig/photos/ 38 KB
39 KB 2334ms
2331ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m35489093202_1.jpg?1603954668

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9770da8c6bf0983a52cc2136a166a815a68b89f4b1351ed16e639ebe574741ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:18 GMT
via: http/1.1 rear.sv209 (ATS [cHs f ])
x-content-type-options: nosniff
x-amz-version-id: 0NiR7YfnkXHuHvgak3uYhxTgmVaTlokj
cf-cache-status: HIT
x-amz-request-id: 7W7430GH46YTY3SB
content-length: 39047
x-amz-id-2: sjSeKdcP61Te0cWJhaa2LCTCdey4tLkjAYk1yVzzVxiosNLOu5qaR6WWpYA7JvcqrmOVqbesuIc=
cf-bgj: h2pri
last-modified: Thu, 29 Oct 2020 06:57:49 GMT
server: cloudflare
etag: W/"EMb88zdPFgpA7WeaXyIAAAAiYzc5Y2JhMTA5NWJhMDA5YWU2NmM5OWZhYzk5YWVjYzMi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead46aee-BUF

GET
H2 200 m36155499550_1.jpg
static.mercdn.net/item/detail/orig/photos/ 109 KB
109 KB 2580ms
2577ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m36155499550_1.jpg?1704090309

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c89408846e9fbade3c8f682bd2c3425c01ee3165d94970c7874ff005243490

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:19 GMT
via: http/1.1 rear.sv115 (ATS [cHs f ])
x-content-type-options: nosniff
x-amz-version-id: 3ihWJg.PY.VO.xjlmfwuDJCxHkFuHg58
cf-cache-status: HIT
x-amz-request-id: JWQPP420BTGMEEHE
x-amz-server-side-encryption: AES256
content-length: 111232
x-amz-id-2: Ia/UHjs0u237Wm4aOziWnQp3Mq5WryrOhy1i4LlGrqcvlckkVmM21hN2eUeaAV57/f9M2sQlI8k=
cf-bgj: h2pri
last-modified: Mon, 01 Jan 2024 06:25:10 GMT
server: cloudflare
etag: W/"EE2VELoQ5k72xlqSZSIAAAAiNmVhYzNiNTE3OTAzNDExNGUzNzlkYmQxN2VkOWRiMzgi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead56aee-BUF

GET
H2 200 m24059915868_1.jpg
static.mercdn.net/item/detail/orig/photos/ 25 KB
26 KB 51ms
48ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m24059915868_1.jpg?1701519952

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e61cc5f905a10ce0ac77c46573ccbdbcac3ef92a79bc13a414f1808070d309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
via: http/1.1 rear.sv118 (ATS [cHs f ])
x-content-type-options: nosniff
x-amz-version-id: yFTOab7ORoF6Vd.5EGsAd5N1rKdStbGD
cf-cache-status: HIT
x-amz-request-id: 904KYQQ2KYP85J3H
age: 1019709
x-amz-server-side-encryption: AES256
content-length: 25689
x-amz-id-2: u8cx4jKEOMPckpVSc7d5Ygo5cQj/FxKpJCVMUTTfA0/ooGZ9SUA0IBL8NDoH2dBpjD+m4mpBXU8=
cf-bgj: h2pri
last-modified: Sat, 02 Dec 2023 12:25:53 GMT
server: cloudflare
etag: W/"EDa6ZrpSAM66USJrZSIAAAAiNGNlMDM0OTZkZDM2ZGU3ODY1MWU4ZTMxYjBlNDk5ZTAi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead66aee-BUF

GET
H2 200 m28922349811_1.jpg
static.mercdn.net/item/detail/orig/photos/ 140 KB
140 KB 73ms
70ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m28922349811_1.jpg?1674596525

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3678a22e1624b5dcb6280a00d6f8749710c83a92340e774da3cf2f7350048e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
via: http/1.1 rear.sv113 (ATS [cHs f ])
x-content-type-options: nosniff
x-amz-version-id: lXgvFbvSkaCikQMNPF4ngiihcsS1QMVq
cf-cache-status: HIT
x-amz-request-id: 52N89BHNXABFR440
age: 537350
x-amz-server-side-encryption: AES256
content-length: 143193
x-amz-id-2: AJEf4mPGup5J3sqx1UnmqLgWiyVh10u2pa4AvwUOXlern8i6qWUqNRjYEc8xWvGR9R7DHMOCY40=
cf-bgj: h2pri
last-modified: Tue, 24 Jan 2023 21:42:06 GMT
server: cloudflare
etag: W/"ENT7Qr6DWXFQrlDQYyIAAAAiM2RkOWYzZDg0NmE1MGJjZTg1NjNhZThiYWZlMmFmZDki"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead76aee-BUF

GET
H2 200 m34070364688_1.jpg
static.mercdn.net/item/detail/orig/photos/ 62 KB
63 KB 52ms
50ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m34070364688_1.jpg?1689923819

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651b63f5a339e76c3e4a45f9e80119af7bb155b157a9e413ccd6dc7c82960a31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
via: http/1.1 rear.sv113 (ATS [cMsSfW])
x-content-type-options: nosniff
x-amz-version-id: w.k.Zj4QAa9khaFz3m75vRo28TkNIVfH
cf-cache-status: HIT
x-amz-request-id: 1R1W2TQFW3EK31Y1
age: 13180
x-amz-server-side-encryption: AES256
x-amz-id-2: Bn1TRV3EuJcbHt0yA7yp1BF1tlh/Oi0+EaeXFiEZiFsnz/ZuLTUVkx/A7dlvNWKWgVnkhOtLUCo=
cf-bgj: h2pri
last-modified: Fri, 21 Jul 2023 07:17:00 GMT
server: cloudflare
etag: W/"EEcIWJMexmhE7DC6ZCIAAAAiYTJhOGUwZjllYTYzNTdkNTM3ZjJhMmM3N2U0ZDcwZDMi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 86b91b57ead86aee-BUF

GET
H2 200 m58748247716_1.jpg
static.mercdn.net/item/detail/orig/photos/ 200 KB
201 KB 73ms
71ms Image
image/jpeg 2606:4700:4400::ac40:9ade
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m58748247716_1.jpg?1692070381

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ade , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61b9ec65eb79871226d72a473b4fce8fc412bc09085b9fb24c7b5a84f81dd0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
via: http/1.1 rear.sv205 (ATS [cHs f ])
x-content-type-options: nosniff
x-amz-version-id: s03mIHr2XV8_6TviMnr0jGdc1hiA87tv
cf-cache-status: HIT
x-amz-request-id: MN91KZFJ5TF960H6
age: 357763
x-amz-server-side-encryption: AES256
content-length: 205264
x-amz-id-2: ZWqZlPln+lQ31RvOeVykMa26NOwARmLv1DlqtRtw8XTAG0TZpVr5csQuCFjpNVvXOQ4iv1W2vOg=
cf-bgj: h2pri
last-modified: Tue, 15 Aug 2023 03:33:02 GMT
server: cloudflare
etag: W/"EBGJ55awENEF7vHaZCIAAAAiNTYzNGI3MTMxMzVjYWE1ZTkxY2VkYjg4ZmI1MGFmY2Mi"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 86b91b57ead96aee-BUF

GET
H3 200 ico01.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 2 KB
2 KB 83ms
72ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico01.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 832a718ad8ede72f6eeb80aab2655f2ef35df35dcb23e1586416f4abc3a266fa

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-6a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9OjYcJybv3Eifdx3sKLzj7KHB5ARCXqahmcwqybpG3186kOijvAy95qWo%2FHOljlDBCS3AxRDi%2BsrLglhn3WNnXAM8ZJ7QW8YJ%2FQqfj%2BJi6W7Friu2bA5CVUi%2FrAwsce%2BfZbUSjMPm1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b026163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1700
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico02.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 2 KB
2 KB 97ms
87ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico02.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 095c2e22804a228ad5a7fc3d6f1b33ff7cc318d9fe59e76dd2134303f06f4d41

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k9skSLctIbRk3iB6NHdckCY%2Bqml9yJACzFv9yBTNHvBkjPfZ6iugVSrqOm6U6FH6VSY2b60ZiHqWQOEJOK5tQfsbUJ2xisJa40uYUAmpZ1i5G7%2B%2B5DblcdHbVOJuDe9VeZi9I3wMHYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b076163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1608
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico03.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 2 KB
2 KB 96ms
86ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico03.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8efd6f385b2947b19b5a8b4f34f30cfdd7b5216025924a618de32d0d80d1add4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-662"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PaqEwdB2TjpPs4n4dcsFJUOiBvFwVm1twkdaWuQ%2FiLhouYfr1nytZ3yNREiyGpBUCUp5c6Xw7u%2FjgeGn0uENSjeOkA2dnwWG4hGhBt97hFUTL3yOWW7Xk%2F1NaWaz%2FcdDlUR88PvVCww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b0a6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1634
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico04.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 1 KB
2 KB 92ms
82ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico04.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893e40aead3752be28d57b9d97108d3b8458d0c0d3bc525a6d51d2110625ed4e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-5f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y47yvQLwwuKYdo2hpOZXMlGL9hWnd6F4aF%2Bby2OG6LeFCFmALWD6BsnlbJO9gyJr%2BpDQOV%2BYKsxvWtLUZxZMMVi5OKvwMtoWYEi%2Fie06C6luuvnRBoJMeUdt3F9QFwPvk4lSRp%2FbH0k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b0d6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1528
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico05.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 1 KB
2 KB 83ms
73ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico05.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4f29921955df3f2089d490c8d7b1df45f2f63ea92db31e488b39a5fcbe241e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-54d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyJN7at581xFXO0mfVjmewfYL3kCkebjxo2QgdpokqVf0x06Z%2BuN67kjPRswF2cBbqYr11crQT%2FVp7eLxXHpMAxJApeSVd7kuV61JjPDCpPqYezfyhE%2BRHov32RwvmETJktudYhf9aE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b106163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1357
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico06.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 1 KB
2 KB 104ms
94ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico06.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edac076d7cd0aba24b4eace4784b3b7ce489feb6fb4ba31826752fb0c9b18eb6

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-555"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaiehouK%2FDG5fgXkedCuBcHBx9EBdqESMveaNTGTtVqxE8j7Sr0%2BXuBKL6zjsNJj0s9KgTX4pbZVTO1aDZaqCBEIj%2BcSa%2BRyhSxZoOLvaRr%2FIpIhOEl2HwXrZe%2FEnAkIq8AMiGoexsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b136163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1365
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico07.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 1 KB
2 KB 98ms
89ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico07.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8636e7db914f17a6a6aed5b5d3b07dd5fd4c2bbf068bd5639c73b7d0b52f770

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-55e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pDdEr4iABDDMqTGNyS3VpqH%2BxlatzBw6cj%2BQ3Igw9ZBkYqU%2BObDJvTgSFodMds8ZltgYDyBo6Q1ofQzZ4wRxXEAfS3boTWFJSRbhqgSCHY1kt5%2Fw5snctYCrecAINNB4vVsmt3XO5NA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b156163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1374
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 ico08.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ 1 KB
2 KB 101ms
91ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/footer/ico08.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db3ad7da55159629ee20220c8fde6bc6a15a16c0d19bc093595b716b9f82c644

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-522"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gt%2BFjFKeZu9V7%2FA0oAV5jfmOiB8jApKQV0ardagT%2FgjTXK1XLhB8nnwB7upR%2FrQqNXZPJ62KO9vYZPyR%2FU%2FehGzbI0ALdqfez2XCr8489a8f%2FiPHkXxAcfbHzhs%2FlCOrPfujE%2FNs178%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b186163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 1314
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 email-decode.min.js Show response
jtdazw.heldleave.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 61ms
55ms Script
application/javascript 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jtdazw.heldleave.buzz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8AFGjlby8r1NDFLykQw0x8H6Vpf9B5sLaFzOt4c1ZjBH%2FwY59X3qK0SXeyqiu72yONCdtFVRLVrZ3p4IurJsa5Sgy5SdN9hcM0%2FIyM3VV%2BdzGcK4bYIoQx9FvKAyXc7v4XniaasLJ2o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 86b91b572acd6163-ORD
expires: Sat, 30 Mar 2024 16:48:16 GMT

GET
H/1.1 200
OK 21850541.js Show response
js.users.51.la/ 5 KB
5 KB 598ms
295ms Script
application/javascript 47.246.24.243
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21850541.js
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.24.243 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 78e92c0487b0bdb2438613a69931d86496bbfbe8350662e605847346097065c4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 28 Mar 2024 16:48:16 GMT
Via: cache22.l2us1[249,249,200-0,M], cache21.l2us1[251,0], ens-cache7.us18[254,253,200-0,M], ens-cache16.us18[254,0]
X-Swift-CacheTime: 0
Transfer-Encoding: chunked
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Thu, 28 Mar 2024 16:48:17 GMT
Server: Tengine
Ali-Swift-Global-Savetime: 1711644497
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
EagleId: 2ff618a417116444968124554e

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 155ms
35ms Script
application/javascript 47.246.22.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.22.230 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 14 Mar 2024 15:55:06 GMT
via: cache10.l2us1[0,0,304-0,H], cache31.l2us1[1,0], cache8.us13[0,0,200-0,H], cache2.us13[1,0]
content-encoding: gzip
x-oss-request-id: 65F31DDA51C5F93234F57F3A
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 1212790
x-swift-cachetime: 1096005
x-cache: HIT TCP_MEM_HIT dirn:10:219431425
x-oss-cdn-auth: success
x-swift-savetime: Sat, 16 Mar 2024 23:28:21 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1710431706
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: 2ff6169617116444966285561e
x-oss-server-time: 2

GET
H3 200 conttl_line01.png
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/index/ 9 KB
9 KB 125ms
120ms Image
image/png 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/index/conttl_line01.png
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18d973c032b5ccd55ca5ecd51963ce9dc270d5717dbab4d17e02359fb7a77259

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 8794
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
server: cloudflare
etag: "65ba0209-225a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ga5d6BsVMXl%2FK2yDrnz9%2FxKz0rekRb1BjoQmzJ%2B%2FrJOLgsSiBps3eze6fv6R7GVyGG2qOBO0byzP9aXtu%2FFjzPqSNVcKqwKsjLp6JbXWUgXjIYjSHp%2FSwXjSDF%2FBgomgOvY%2FjIghpfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b573b1a6163-ORD
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 left_bg.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/ 14 KB
14 KB 77ms
73ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/left_bg.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/stylesheet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 179df76c045785d73745d5fc6b232bddd1504115bbd1705e9b08591eeee336cd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/stylesheet.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-3720"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxE8sAeELeNCK8xAhCQ62EDbwfmv119Qt6YdzUfRRFWEowPwkBnDL0WxxXgDQsX3DtQc0qPdoB5i9wuYgsdtKAhvr5Bof2PZNly6D69paz1VowXsQS03lH8wzP5PX7Uphi%2FfjHX1YC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b57abef6163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 14112
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H3 200 right_bg.jpg
jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/ 14 KB
15 KB 91ms
87ms Image
image/jpeg 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/images/banner/right_bg.jpg
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/stylesheet.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0043b386e69eb237c8f97cb208e8ad65f773044c6ddbb6d18b2f9f97890e236

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/includes/templates/newmbclp/css/stylesheet.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:16 GMT
cf-cache-status: MISS
last-modified: Wed, 31 Jan 2024 08:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ba0209-39d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqNRUFWpUgd3TiJSphx0fLjIzDCRS3154YAlEqSXXCiSOc4Ozuxo2ElJKMh6OqeXmHdy%2FflQoem1gnEIr5Ca%2Flh4e2SKV4srAcDi7dcsruIL76OKrVZ7N8qhXcDtWArLjaz1RTWVQH4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 86b91b57abf06163-ORD
alt-svc: h3=":443"; ma=86400
content-length: 14804
expires: Sat, 27 Apr 2024 16:48:16 GMT

GET
H/1.1 200 go1
ia.51.la/ 0
317 B 1162ms
318ms Image
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21850541&rt=1711644497094&rl=800*600&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=description&ing=1&ekc=&sid=1711644497094&tt=%25E3%2580%2590%25E3%2583%259F%25E3%2583%25AA%25E3%2582%25BF%25E3%2583%25AA%25E3%2583%25BC%25E3%2580%2591%25E3%2580%2590%25E3%2581%258A1%25E4%25BA%25BA%25E6%25A7%25981%25E7%2582%25B9%25E9%2599%2590%25E3%2582%258A%25E3%2580%2591%25E3%2583%259C%25E3%2583%2587%25E3%2582%25A3%25E3%2582%25B1%25E3%2582%25A2%25E6%25A4%2585%25E5%25AD%2590%252F%25E3%2583%2581%25E3%2582%25A7%25E3%2582%25A2&kw=%25E3%2580%2590%25E3%2583%259F%25E3%2583%25AA%25E3%2582%25BF%25E3%2583%25AA%25E3%2583%25BC%25E3%2580%2591%25E3%2580%2590%25E3%2581%258A1%25E4%25BA%25BA%25E6%25A7%25981%25E7%2582%25B9%25E9%2599%2590%25E3%2582%258A%25E3%2580%2591%25E3%2583%259C%25E3%2583%2587%25E3%2582%25A3%25E3%2582%25B1%25E3%2582%25A2%25E6%25A4%2585%25E5%25AD%2590%252F%25E3%2583%2581%25E3%2582%25A7%25E3%2582%25A2&cu=https%253A%252F%252Fjtdazw.heldleave.buzz%252F&pu=
Requested by: Host: jtdazw.heldleave.buzz
URL: https://jtdazw.heldleave.buzz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Date: Thu, 28 Mar 2024 16:48:18 GMT
Content-Length: 0

POST
H/1.1 403 collect Show response
collect-v6.51.la/v6/ 0
521 B 1053ms
356ms XHR
text/plain 203.107.86.226
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://jtdazw.heldleave.buzz
Date: Thu, 28 Mar 2024 16:48:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 404 favicon.ico
jtdazw.heldleave.buzz/ 145 B
508 B 75ms
72ms Other
text/html 172.67.185.36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jtdazw.heldleave.buzz/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.185.36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://jtdazw.heldleave.buzz/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:19 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fW7yqdhA5pNMweQ0JFbVaYybzzbJY%2FU2GbyvQlsbrllVIDsAkKsWSY2or%2FzdziTu3FRlbUQOHSpvlpn7qcjcJXAmdRHXiTOakKVOh1lK7tEKKQiBP3a3Jnlhg4syQhx9I0ATXKGXIQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 86b91b6979a26163-ORD
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal object| LA number| laWaitTime

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jtdazw.heldleave.buzz/	1969-12-31 23:59:59	Name: zenid Value: m33776nb18aorp8cva2a64j4n3
jtdazw.heldleave.buzz/	1969-12-31 23:59:59	Name: __tins__21850541 Value: %7B%22sid%22%3A%201711644497094%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201711646297094%7D
jtdazw.heldleave.buzz/	1969-12-31 23:59:59	Name: __51cke__ Value:
jtdazw.heldleave.buzz/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
jtdazw.heldleave.buzz/	1969-12-31 23:59:59	Name: __vtins__KFljSR4QFKi1AvgJ Value: %7B%22sid%22%3A%20%22b9e08364-a3eb-5e8b-be4d-c6dbe8ffb20d%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201711646297113%2C%20%22ct%22%3A%201711644497113%7D
jtdazw.heldleave.buzz/	1970-01-21 05:03:24	Name: __51uvsct__KFljSR4QFKi1AvgJ Value: 1
jtdazw.heldleave.buzz/	1970-01-21 05:03:24	Name: __51vcke__KFljSR4QFKi1AvgJ Value: 164839b9-c443-585d-a301-d1f9821fee64
jtdazw.heldleave.buzz/	1970-01-21 05:03:24	Name: __51vuft__KFljSR4QFKi1AvgJ Value: 1711644497139
.static.mercdn.net/	1970-01-20 19:27:26	Name: __cf_bm Value: Borj6LAn.01sfmHVjWOSGqNEWjr2FFYtAimPP9lRGSI-1711644499-1.0.1.1-PP5Hv6.kRp51Ac5tZRW7poatykftXXK76HBIh.4sSx.N.9afZPwxgV6NwAss6u6F5Gae2KzkbNY2VhEMGuW4Zg

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://jtdazw.heldleave.buzz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://jtdazw.heldleave.buzz/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

collect-v6.51.la
ia.51.la
js.users.51.la
jtdazw.heldleave.buzz
sdk.51.la
static.mercdn.net
172.67.185.36
203.107.86.226
2606:4700:3033::ac43:b924
2606:4700:4400::ac40:9ade
47.246.22.230
47.246.24.243
095c2e22804a228ad5a7fc3d6f1b33ff7cc318d9fe59e76dd2134303f06f4d41
1052dca0626005451d9e943bacb8faea49ac623876b3959d80315b8658ba9f50
179df76c045785d73745d5fc6b232bddd1504115bbd1705e9b08591eeee336cd
18d973c032b5ccd55ca5ecd51963ce9dc270d5717dbab4d17e02359fb7a77259
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27a31a78baf169e93272c654de3803482cd0c0c357013784547ef2637949920a
2e898711b63940831c98355c5d37d25be6778f0c1526a08d426ae3c669796620
3678a22e1624b5dcb6280a00d6f8749710c83a92340e774da3cf2f7350048e35
37c89408846e9fbade3c8f682bd2c3425c01ee3165d94970c7874ff005243490
3c63a972181d87053ed879e877d279272c5afee38684a9a2c2e9090a8da3ee73
3e5d4419c7f232cfdc91dc6e398e9f6aabdac1dfcdc4285dd93251f57b0ba2d8
56e6c2c538483e38097d0ba073fca1420878adea69c890ef70d97788380e690c
5e61cc5f905a10ce0ac77c46573ccbdbcac3ef92a79bc13a414f1808070d309e
61b9ec65eb79871226d72a473b4fce8fc412bc09085b9fb24c7b5a84f81dd0a1
6438161d78ba8919f5029f40886ae8e8d0d630b8eb60ea1266cf4e4b47ccf9c5
651b63f5a339e76c3e4a45f9e80119af7bb155b157a9e413ccd6dc7c82960a31
6c73afc470d8aaf4a9308d6f2fc6723d1e8e388cdd96c85ad2d872e1470f13ea
743a146908561cb730ffc53d0c20edb4bdcbf6d6040e79f8bbcc3c8a4577a159
78e92c0487b0bdb2438613a69931d86496bbfbe8350662e605847346097065c4
7a6fd962b4686f8277823b26cda79726ee97abc0c7f649225eb3c35df2949fe4
7bf622d67fa7f01ed75cf5efe46b8502c3b0ae0300a7d6862cdc7e6e2507030e
7dc745b9f4c872429707774299b4ce66a05f210a7f064bd58294c325099a7687
832a718ad8ede72f6eeb80aab2655f2ef35df35dcb23e1586416f4abc3a266fa
853f95bb856ac1be888c128ee8cd29f7be5bbda9cd2e1fc2fbe3b3416ea4e6df
858b2f573630d9f5a47777b2643f8bb761db060c86183da67feb13cd9e149f86
893e40aead3752be28d57b9d97108d3b8458d0c0d3bc525a6d51d2110625ed4e
8efd6f385b2947b19b5a8b4f34f30cfdd7b5216025924a618de32d0d80d1add4
9770da8c6bf0983a52cc2136a166a815a68b89f4b1351ed16e639ebe574741ab
acae4c1c03023c8607ec363d0f3fa689a85f89309bc41886b956c8d3c2e54ecb
b0043b386e69eb237c8f97cb208e8ad65f773044c6ddbb6d18b2f9f97890e236
b731bcc4b8a25fc6351629b14d76bbd80a927248d4267fb90a641ad916e36fff
bb6381d2e320d2f0985ca2b0d8be5ff7698f80a48445df0095825523149b0f48
c91adaefb00dd913c63ddcb9134cd842960161450d6ddeacfb4529d475e6250d
c9350cef507518c622cf749b61e1d3a58cedb706c2fe9c3edd1c4e7a61f5bbca
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
db3ad7da55159629ee20220c8fde6bc6a15a16c0d19bc093595b716b9f82c644
e321ef6f3e67efe7d68848c6056e723a09f39c3b25933cd3f0ce3c98927804f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f29921955df3f2089d490c8d7b1df45f2f63ea92db31e488b39a5fcbe241e4
e5d0d507233198d0c6432116c27f4d3fd56eb3cd5df8be450ee61b432b70559d
edac076d7cd0aba24b4eace4784b3b7ce489feb6fb4ba31826752fb0c9b18eb6
f8636e7db914f17a6a6aed5b5d3b07dd5fd4c2bbf068bd5639c73b7d0b52f770

jtdazw.heldleave.buzz Open in urlscan Pro 2606:4700:3033::ac43:b924 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

44 Requests

100 %HTTPS

33 %IPv6

3 Domains

6 Subdomains

6 IPs

2 Countries

1973 kBTransfer

2051 kBSize

9 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jtdazw.heldleave.buzz Open in urlscan Pro
2606:4700:3033::ac43:b924 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

6
IPs

2
Countries

1973 kB
Transfer

2051 kB
Size

9
Cookies

44 HTTP transactions
0 data transactions