kwk8vxw.septbahear.live Open in urlscan Pro
185.155.186.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gobluego.com/
Effective URL:
https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevX...
Submission: On July 10 via api (July 10th 2024, 3:27:56 pm UTC) from US — Scanned from US

Summary HTTP 94 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 94 HTTP transactions. The main IP is 185.155.186.25, located in Switzerland and belongs to TEKNOLOGY, CH. The main domain is kwk8vxw.septbahear.live.
TLS certificate: Issued by E6 on July 9th 2024. Valid for: 3 months.

This is the only time kwk8vxw.septbahear.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:303... 2606:4700:3035::6815:52f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::5f	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0d::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c17::69	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c21::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5e	15169 (GOOGLE) (GOOGLE)
1	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	18.173.219.15 18.173.219.15	16509 (AMAZON-02) (AMAZON-02)
1	34.168.43.148 34.168.43.148	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c06::65	15169 (GOOGLE) (GOOGLE)
6	35.71.137.105 35.71.137.105	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c17::6a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:95db	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.155.184.32 185.155.184.32	6898 (AS-6898 C...) (AS-6898 C41.CH SAGL - LUGANO Data Center)
29	185.155.186.25 185.155.186.25	203639 (TEKNOLOGY) (TEKNOLOGY)
1	136.243.216.235 136.243.216.235	24940 (HETZNER-AS) (HETZNER-AS)
94	19

38 2606:4700:3035::6815:52f8 (United States)

ASN13335 (CLOUDFLARENET, US)

www.gobluego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0d::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::69 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f5cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c21::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.194 (San Francisco, United States)

ASN54113 (FASTLY, US)

intrstreams.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.219.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-15.jfk52.r.cloudfront.net

cdn.ethers.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.168.43.148 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 148.43.168.34.bc.googleusercontent.com

gobluego.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::65 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.137.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: a1d4ba62fdc34338f.awsglobalaccelerator.com

bsc-dataseed1.binance.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:95db (United States)

ASN13335 (CLOUDFLARENET, US)

daslkjfhi2.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.155.184.32 (Switzerland)

ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH)

winnershere.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 185.155.186.25 (Switzerland)

ASN203639 (TEKNOLOGY, CH)

kwk8vxw.septbahear.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.216.235 (Eitensheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.216.243.136.clients.your-server.de

jsontdsexit2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	gobluego.com www.gobluego.com	950 KB
29	septbahear.live kwk8vxw.septbahear.live	308 KB
6	binance.org bsc-dataseed1.binance.org — Cisco Umbrella Rank: 172805	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	290 KB
3	google.com www.google.com — Cisco Umbrella Rank: 10	1 KB
2	winnershere.life winnershere.life	61 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1271	55 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	256 KB
1	jsontdsexit2.com jsontdsexit2.com — Cisco Umbrella Rank: 370478	502 B
1	daslkjfhi2.xyz daslkjfhi2.xyz — Cisco Umbrella Rank: 749882 Failed
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 102
1	wpengine.com gobluego.wpengine.com	1 KB
1	ethers.io cdn.ethers.io — Cisco Umbrella Rank: 299473	198 KB
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77	1 KB
1	fastly.net intrstreams.global.ssl.fastly.net	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	3 KB
94	16

	Domain	Requested by
38	www.gobluego.com	www.gobluego.com
29	kwk8vxw.septbahear.live	winnershere.life kwk8vxw.septbahear.live
6	bsc-dataseed1.binance.org	cdn.ethers.io
3	www.googletagmanager.com	www.gobluego.com www.googletagmanager.com
3	www.google.com	www.gobluego.com www.gstatic.com
2	winnershere.life
2	unpkg.com	1 redirects www.gobluego.com
1	jsontdsexit2.com	kwk8vxw.septbahear.live
1	daslkjfhi2.xyz	www.gobluego.com
1	www.google-analytics.com	www.googletagmanager.com
1	gobluego.wpengine.com
1	cdn.ethers.io	www.gobluego.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	intrstreams.global.ssl.fastly.net	www.gobluego.com
1	www.gstatic.com	www.google.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.gobluego.com
94	17

This site contains no links.

Subject Issuer	Validity	Valid
www.gobluego.com E1	`2024-05-21` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-11-09` - `2024-12-10`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
ethers.io Amazon RSA 2048 M03	`2023-09-30` - `2024-10-27`	a year	crt.sh
*.wpengine.com RapidSSL TLS RSA CA G1	`2023-08-01` - `2024-08-28`	a year	crt.sh
binance.org Amazon RSA 2048 M02	`2024-05-30` - `2025-06-29`	a year	crt.sh
daslkjfhi2.xyz WE1	`2024-06-24` - `2024-09-22`	3 months	crt.sh
winnershere.life R10	`2024-06-08` - `2024-09-06`	3 months	crt.sh
septbahear.live E6	`2024-07-09` - `2024-10-07`	3 months	crt.sh
jsontdsexit2.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
Frame ID: 10E96ED5B94DA524CA108C518898AA5F
Requests: 90 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcnpgQiAAAAAFUtR9t-V2I_-A5ub6aagZ8k_N0S&co=aHR0cHM6Ly93d3cuZ29ibHVlZ28uY29tOjQ0Mw..&hl=en&v=-80zvSY9h4i8O-ocN2P5qTJk&size=invisible&cb=z1ufkmxppolz
Frame ID: E26897C1D5E8169B6D3DE132BFD8D063
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prize

Page URL History Show full URLs

http://www.gobluego.com/ HTTP 307
https://www.gobluego.com/ Page URL
https://winnershere.life/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i Page URL
https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Oxygen (Page builders) Expand

Overall confidence: 100%
Detected patterns

wp-content/plugins/oxygen

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

94
Requests

97 %
HTTPS

61 %
IPv6

16
Domains

17
Subdomains

19
IPs

3
Countries

2128 kB
Transfer

4161 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gobluego.com/ HTTP 307
https://www.gobluego.com/ Page URL
https://winnershere.life/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i Page URL
https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.gobluego.com/ HTTP 307
https://www.gobluego.com/

Request Chain 33

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

94 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
www.gobluego.com/
Redirect Chain

http://www.gobluego.com/
https://www.gobluego.com/

242 KB
67 KB

378ms
294ms

Document
text/html

2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: c43bac4573ee12a2caf174c6627e517b391fdcc0b5bd8e4af0042186249fc155

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Mobile
alt-svc: h3=":443"; ma=86400
cache-control: max-age=15552000, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a1194858a78c3fa-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 10 Jul 2024 15:27:50 GMT
last-modified: Thu, 05 May 2022 06:39:59 GMT
link: <https://www.gobluego.com/wp-json/>; rel="https://api.w.org/" <https://www.gobluego.com/wp-json/wp/v2/pages/74>; rel="alternate"; type="application/json" <https://www.gobluego.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFnZJMjYVnlFQ1l8MHcBEHTqxMK5Ccg5vagAxLprKyR5601IGj%2BZAqiUKH6d%2FI5rWUdUKBE5WEFLF4IgZXil6tAieWbm74%2BIl%2BiYuOuAUZLH1%2B5haRmGYiUtNsFmjzw5C9VnhWgT2kT0tIutkxiG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache: HIT: 366
x-cache-group: normal
x-cacheable: YES:15552000.000
x-orig-cache-control: max-age=15552000, must-revalidate
x-powered-by: WP Engine

Redirect headers

Location: https://www.gobluego.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css
fonts.googleapis.com/ 47 KB
3 KB 115ms
53ms Stylesheet
text/css 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|MonteStellaTrial:100,200,300,400,500,600,700,800,900|MarkPro:100,200,300,400,500,600,700,800,900

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f3ebc68c0eacb3d3557a757d1c1788999181e167cbbfc3fbe93cb0031b0e265

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 15:27:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H3 200 ma_customfonts.css
www.gobluego.com/wp-content/uploads/fonts/ 2 KB
780 B 34ms
30ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/fonts/ma_customfonts.css?ver=32bd0987
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2838809675471ea681ebc123ba81822b989c64c1f60b005687032da32e2a16a8

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473868
cf-polished: origSize=2036
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 05 Jul 2022 16:36:41 GMT
server: cloudflare
etag: W/"62c46899-7f4"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNP0sYT26uo4zoy6GV3pB75KpCx6RBr2Q4jgcEh2tHSgeuKeGyZF%2BFTwOaDgIELOj7iDnQB2sl%2FZ6mYpfHhmJZkpNvj12eBUaxm2ZWL4QMT3HL0NbwMdkdaAggrgWfUsdS1XOUqDBZ1f0VPBgyKh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acb1c3fa-EWR

GET
H3 200 style.min.css
www.gobluego.com/wp-includes/css/dist/block-library/ 111 KB
15 KB 38ms
34ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 14:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"65ddf637-1bae5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwsiTgj2bSBRiZvZa%2FOQPA6B0Sswygv6SxwQ75uin7gDrKfZd%2FJ2AK9M9%2BfeIuxJ2xIN4SU3Z1ny6ibHZfXDFqYD3siKSOK%2BrEffaKfruknsaqcXGTNGD1Htn2h1D3BdezSuMqSRnqMTUtyIKMW1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acb3c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 styles.css
www.gobluego.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
1 KB 37ms
33ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.5
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567211
cf-polished: origSize=2894
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:45:24 GMT
server: cloudflare
etag: W/"65817444-b4e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUCUnBmL4%2FZPai7ESuduQvyR6FgK7BQJmwJ8mujKxfR7Xzbj%2BSElLnTRLxqJYHLDER2cWweXKGEM7OZU%2FllodvU5v1t7tacAO7u7sQhZxQBvxa0efzryCqYyo%2BzBqggWgqSFhuk1S8q6ZsG9QhIT"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acb5c3fa-EWR

GET
H3 200 oxygen.css
www.gobluego.com/wp-content/plugins/oxygen/component-framework/ 17 KB
5 KB 37ms
33ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/oxygen.css?ver=4.7
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39569f71de8d932d9eb8cf0ef555c71c6831c6593929ee46d2e7f2d6221ccdfe

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
cf-polished: origSize=20669
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
server: cloudflare
etag: W/"65817508-50bd"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ttBA57io8Fcx%2BtMYWFooTfrUncqxrmPl1tHdaspo0qH%2FIZKT4Fa3%2FJ2C7Tgdf4s6l0WqHBCA69ZAbF1xUWtiIA4YsHbKt4WGRG8i4sV01mUHkysREZ8mqJCqfhy%2FFyuQZ89x6b7sLVATP9jRqjAb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acb6c3fa-EWR

GET
H3 200 slick.css
www.gobluego.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 1 KB
983 B 30ms
26ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=3.6
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473868
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:46:44 GMT
server: cloudflare
etag: W/"65817494-591"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F7OF%2F6oyN6gD%2BXGmsHG0GV7cGB06%2BqxTCxCd4PuvWSqsRj3DtIzxEVDXGkBFkWly5SNnF9PaIWXn34RSBwIsI4%2Fb%2FCT7qVCAFLGSp1iZ4%2BjRjCHSDPtLa45ZgPy2FPZfNIwnThwBYucOwSfY1zJS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acbac3fa-EWR

GET
H3 200 wpsisac-public.css
www.gobluego.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/ 11 KB
2 KB 39ms
35ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/wpsisac-public.css?ver=3.6
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b852b3a3f66eece13fcb5108bb807e240e29fd9243d4a0ca35ef8d48fb2770c

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
cf-polished: origSize=12907
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:46:44 GMT
server: cloudflare
etag: W/"65817494-326b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5r0Brs%2FelGeQwSULW%2BW566tnsuET9CMqfEmhoG%2F%2FSMU%2FESTslkeCMZgHT8FFlMr5opSvX3E36pb1V9IDl7mGb0XIG3FuN%2BuJfNMU3FGDrZHtFdZvtp0YAlhOrmw6U4wAL0zk6mFPxtClz6DSUhnf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acbdc3fa-EWR

GET
H3 200 237.css
www.gobluego.com/wp-content/uploads/oxygen/css/ 7 KB
2 KB 69ms
66ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/oxygen/css/237.css?cache=1712241134&ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c13901db24f33f380da4bd04702f6fc8b82f8351de10c2afd4edcc77014cca

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429759
cf-polished: origSize=7031
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 14:32:14 GMT
server: cloudflare
etag: W/"660eb9ee-1b77"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GmiKOt0bPN0amqwa8b9zHREQGI4Dio%2B0QebM5sR4hqElJYpEVFla4EurdHxKdFQvgRm6x6jXccBlDcUVTg2fI3h9%2BF%2B82VQSoAA7Dilp6apWBcYeF%2FgVNu7Yui11zt2JVKAkwLb%2F26rAtZ%2B8Arle"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acc1c3fa-EWR

GET
H3 200 108.css
www.gobluego.com/wp-content/uploads/oxygen/css/ 4 KB
1 KB 30ms
27ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/oxygen/css/108.css?cache=1712241140&ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615ab140c3f43044fc22d6483cd40ff1b1b19321cf771d2c43c25253b7fd8263

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429758
cf-polished: origSize=3872
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 14:32:20 GMT
server: cloudflare
etag: W/"660eb9f4-f20"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0lC6hQhCxSBnvmDjSZOmMOzr%2F9O3VM1TCXjX4DktFMnWc9zrgu8gXWQ2rhSavYy99hr77%2F9iMcTCku6UEHDbzYQxEM3zQ0yjdEueTxJljZXZUikPUfvcYiMx7rBmsR6ju%2FwLsB0x1exjJvLGqz7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acc3c3fa-EWR

GET
H3 200 74.css
www.gobluego.com/wp-content/uploads/oxygen/css/ 20 KB
4 KB 33ms
31ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/oxygen/css/74.css?cache=1712241165&ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 228bce783bd3073d214f1028544f437f27eca5057896fe762416d7be93f90de9

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429758
cf-polished: origSize=20831
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 14:32:45 GMT
server: cloudflare
etag: W/"660eba0d-515f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BaSutChEk5cW8DWTN0dHAexJzu9519%2B08iv3RtxbdOLF6PZvm9V0Efey3mKi4uJ351RXttWrV4dzKzzinyVIiCsTPzRQuqJe1gWyZ6ZeDWIolRjbyLnLasPB3vySVbsSxtgGzUeP4RrJO7%2Bl1vb4"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acc4c3fa-EWR

GET
H3 200 universal.css
www.gobluego.com/wp-content/uploads/oxygen/css/ 19 KB
4 KB 36ms
33ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/oxygen/css/universal.css?cache=1712241111&ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f1cd60ed94e737f7d4472b1ba942783580cd7993c1d23b58930a2f0de3aa56c

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
cf-polished: origSize=26975
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 14:31:51 GMT
server: cloudflare
etag: W/"660eb9d7-695f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lQ8MjMi2D7KbEHHBb%2FJR%2Bh2bStpLtowu5wQNRG58BlX1dpggd3C7W8bV5qcyQblTcQfVd5WSPVPwdMeP8u2WdxgI22iDVOLHtzeekbPgFPe8pNbx3sU8bsVjQMZaqNcWQ6vm8Tljnw8BHdOLcn%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487acc5c3fa-EWR

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 unslider.css
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/ 2 KB
1 KB 33ms
33ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/unslider.css
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec96f660841e699136f6cc482ee41853ada214b38fa4b684e49e78337cf8df2

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429758
cf-polished: origSize=2186
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
server: cloudflare
etag: W/"65817508-88a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woafUSBn3jttguyqqpRalE%2Bl9EcNrhnwqopf4P1qmsE9w4oE1NchijL5FvyBa5HG6hhDR5AveITrv%2FM1Tnu9UEOYOdtUQ6dsRYGO8MysbbjvRlZJ5AzWY%2BLMHcWpRFqQO5Os0kh%2FGLjPsR%2BmTbAw"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487fd49c3fa-EWR

GET
H3 200 email-decode.min.js Show response
www.gobluego.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 25ms
25ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gobluego.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 14:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66880371-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2Fp8FixQ8E88h0OqDB4Umm3oigvVIPjReUxdRMFWeLIvuHjzhC%2Fgr6b0B71Keqpekr65Xq6JDthOw7EJtbpPMgB50L6VfGhvvE5wkBfNaXD4%2BHvUwtJlvwxZ%2BFJRbypBRARZGg0GreT9vc7zjbqG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a119487fd55c3fa-EWR
expires: Fri, 12 Jul 2024 15:27:51 GMT

GET
H3 200 aos.css
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/aos/ 25 KB
2 KB 34ms
34ms Stylesheet
text/css 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
server: cloudflare
etag: W/"65817508-65c5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wscbGiOXlNpAhQLLX2p9AhrYAJa3alT8ffy7Ebn8wZJRcuXo8DCMmoVfTE%2FWLf3ZIdePzz8h%2BjsOpLgfevXB73%2BbN%2B9Pod%2FisyfizT7TlFXgfucO96pGb3ZxabkWup3HREWxLTWQJwdtVlDuEV%2B3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119487fd5cc3fa-EWR

GET
H3 200 rocket-loader.min.js Show response
www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jul 2024 14:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66880371-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=abDzKZiVzpK9%2FucUcqS089sorl%2BsQMRosD43Hrua9p8tWG5dJl%2F9d5%2FiA6AVqa%2FKzplZEP2VeQnDVNofFxQkuarN%2FGBj4twRaFtBClgNIdGXvIyLxHWzWUn8EEw4U5mevWccxAf2Ckb%2Bs6%2B166qr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8a1194880d6ec3fa-EWR
expires: Fri, 12 Jul 2024 15:27:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 149ms
34ms Font
font/woff2 2607:f8b0:400d:c0d::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:100,200,300,400,500,600,700,800,900|Source+Sans+Pro:100,200,300,400,500,600,700,800,900|MonteStellaTrial:100,200,300,400,500,600,700,800,900|MarkPro:100,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gobluego.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 08 Jul 2024 12:31:24 GMT
x-content-type-options: nosniff
age: 183387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Jul 2025 12:31:24 GMT

GET
H3 200 MonteStellaTrial-Bold.ttf
www.gobluego.com/wp-content/uploads/fonts/ 124 KB
124 KB 47ms
47ms Font
application/octet-stream 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/fonts/MonteStellaTrial-Bold.ttf
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/wp-content/uploads/fonts/ma_customfonts.css?ver=32bd0987
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2b77256bac8b2715d6c28e5f08b2a4c4937dc6913a38fab86e734d3295c8b02

Request headers

Referer: https://www.gobluego.com/wp-content/uploads/fonts/ma_customfonts.css?ver=32bd0987
Origin: https://www.gobluego.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 567211
alt-svc: h3=":443"; ma=86400
content-length: 126936
last-modified: Fri, 01 Jul 2022 07:17:53 GMT
server: cloudflare
etag: "62be9fa1-1efd8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aBXhfdBGEtCFazzwZ6ZYvtRJ8bNHz%2BzOZnCaGayMWR4JlyIgft2PhgKsv6Rp0kSkDD%2BAO1XXl%2FVIulqwbdsP9USH9hVGJ39Nvu6YoOyugxoldsY2fwwOIhjMJnUGUvDKCWmLqEEkewSniXiT9YU%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a1194888e10c3fa-EWR

GET
H3 200 MarkPro.otf
www.gobluego.com/wp-content/uploads/fonts/ 118 KB
118 KB 88ms
87ms Font
application/octet-stream 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/fonts/MarkPro.otf
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/wp-content/uploads/fonts/ma_customfonts.css?ver=32bd0987
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0d5c1216c9720fdc7e2faa46e91efb5e33591e71a35482de3af849c40189644

Request headers

Referer: https://www.gobluego.com/wp-content/uploads/fonts/ma_customfonts.css?ver=32bd0987
Origin: https://www.gobluego.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1966923
alt-svc: h3=":443"; ma=86400
content-length: 120492
last-modified: Fri, 01 Jul 2022 07:18:02 GMT
server: cloudflare
etag: "62be9faa-1d6ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KV5hile0MAqXwG6uo3QLvCTa3sbEnTiOUSBimbhYnkgckJeH7j9PYGpPcx%2BbX1Uhsg2O9YYt3jVcAl2eXyukFOl1%2FpnMIyUdtrLQWPramCU6EGhKlGqtx8bqnT%2FST5%2BHMHtg4ibI1G8u%2FtzuEuk6"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a1194888e14c3fa-EWR

GET
H3 200 MarkPro-Medium.ttf
www.gobluego.com/wp-content/uploads/2024/01/ 142 KB
142 KB 91ms
90ms Font
application/octet-stream 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/2024/01/MarkPro-Medium.ttf
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/wp-content/uploads/oxygen/css/universal.css?cache=1712241111&ver=6.5.3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9760f1dfa69c2a1ac880ed2c007b0ec8eeb6e1d721ffde074b62e69492b4854

Request headers

Referer: https://www.gobluego.com/wp-content/uploads/oxygen/css/universal.css?cache=1712241111&ver=6.5.3
Origin: https://www.gobluego.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1966923
alt-svc: h3=":443"; ma=86400
content-length: 144936
last-modified: Thu, 04 Jan 2024 12:19:40 GMT
server: cloudflare
etag: "6596a25c-23628"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEYkvvg14zpWfA9mmVR7QOrp58xoLvNMGy4c1QAnC55dAjosQwvPDcSNzbXX%2FwO1EW2dTlV0bHy7TtMCADPopLJ89jmvzEyk2Kwd%2BbyaGXReq%2FXEVeUmDlW6NNdStTCTumGcsxzZQv92PfPWNoge"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a1194888e16c3fa-EWR

GET
H3 200 lazyload.min.js Show response
www.gobluego.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 95ms
94ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 06:43:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"6585302e-1ed2"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04OiOCpYuhsGEyqIVNKw13d72NBVWtUAhd0ypzRUO%2FDw%2B4CgbxPnKkd2lfhxeNTrpNK5hQ5gMkCG%2BPmqKT9K61twNhBf7cN386ddLhy29vCnxjRTMYye3h%2Fw3iINpRzPGxVrIX8OomnOPPUtmkay"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194888e19c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.event.swipe.js Show response
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/ 2 KB
1 KB 95ms
94ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/jquery.event.swipe.js?ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65023
cf-polished: origSize=3437
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
server: cloudflare
etag: W/"65817508-d6d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fj0LfxMkHEYRJ0FtDmf8SCLR8M4CGbQCF7EloJlebkS%2FMUo4GGqJ6Kfq%2FqpxHEOEdGdByXxRsiOnK4S7UHpQDrcRID24ZAJ8HMtk46kY0UYOz6KoZxVzzf%2FdK36XFT0OgEF8wiL%2BQLBSptraTtlX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194888e1cc3fa-EWR

GET
H3 200 jquery.event.move.js Show response
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/ 8 KB
3 KB 94ms
93ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/jquery.event.move.js?ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1429757
cf-polished: origSize=13952
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
server: cloudflare
etag: W/"65817508-3680"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyA%2BagolKIQS287SxiwG4dVsK8R2scUkJsq2JJeF%2BxAGs0LIe8ve7u3Ys0OFM6r5%2FiG07lC5JfK8El71ra%2F9%2Beg5GaeyG%2FQ9bZZkEvMcECSvSP58dOHT5PHAgBmQBPNy3dLlL6Hpud%2FbYpLhHvQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194888e20c3fa-EWR

GET
H3 200 unslider-min.js Show response
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/ 6 KB
3 KB 95ms
93ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/unslider/unslider-min.js?ver=6.5.3
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 10:48:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1429735
etag: W/"65817508-1753"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8A1b%2BBw%2FRZlg0Bi9lgUQa%2FBlh%2F2UY7SELp%2BNkzZiHPpNOX85SwamLrPHXjnJAGlEUmEcE4e0KByiJrt%2FUFpJK5udo6lRI9%2FX9udP3tnN5SZrFJcd6SAV3xfziJQplx0cqApEyfve8y8MNxaZndTJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194888e26c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 aos.js Show response
www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/aos/ 14 KB
5 KB 131ms
126ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 651408
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:58:40 GMT
server: cloudflare
etag: W/"65817760-37a3"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3NsOyUfH7w%2FPU47XQfBXB0Iigsnu5Db2OCyRb5LgOZAmd6UOZbjivUrLMjgEbpj8yddWQgqCkpqM3A9hpSupn%2BnVaQEzjwtlaY1zsmjS7EEpDpDuPK9eP%2F45CCjcItFqZlQ2nTi%2BKASKQujJRGw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e2ac3fa-EWR

GET
H3 200 index.js Show response
www.gobluego.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 4 KB
2 KB 132ms
127ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.8.5
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4871c750c6d35ee82c6192273cfd442770f90385c5f91d6df0e128de69dacd67

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:52:24 GMT
server: cloudflare
etag: W/"658175e8-ef5"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pwFP8G1Q%2B%2FRGN%2BfjwIjFo3RphjUaj9dARCOTnP%2FHhN6TPDRVLETuNJZpCukrhh9Zezf7FzkMde0oMMCygiKDCgQDXJwZS4Ygnr4TJevxbyPFlHG3VbDXAIlSM%2B8YmeGt0qRhRm5EZDvLPmuQP78a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e2cc3fa-EWR

GET
H3 200 wp-polyfill.min.js Show response
www.gobluego.com/wp-includes/js/dist/vendor/ 38 KB
14 KB 132ms
127ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2024 12:59:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"65ba444c-96be"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KxIZDX4p0G2FSjnWxi4tvglyinPHdRXhV%2BB2RwwScZ%2Fx5xwqbVzvdXRqjUtlz0XPGtRYNlCE7fpbMIgxtw8yOkppXpuQuUZMwkdBHc8pfnw7O%2BAvBkwXlwNNgMI81Zzivx6SZzOIjx5b8PK3BxBR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e2ec3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 regenerator-runtime.min.js Show response
www.gobluego.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 132ms
127ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Sep 2023 19:30:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"6509f6d0-19e1"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQdECl11muSzx%2BAqUpkMMY1XJZwglrj5iHRL5Fvjgu85bHVWQ1PCtyhKUxBCuseicx5%2FgkWH6%2FHzaA2X60jInFhyEoD1WYwiOpfdI6ENP8ULks74oVPK1cSL9DVQ8ibxfkSTJC1GU7rg6HxeVpde"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e2fc3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-polyfill-inert.min.js Show response
www.gobluego.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 134ms
130ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 18 Jan 2023 11:16:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"63c7d511-1feb"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2PYfc9Ioz6R4tP4uOFhO1P0NX6DMWQzMeQByWifVZ5jGuFgmJlsSfS8fRvfhlSMKw%2F%2FbiYPblNi1GcgjsXfaoxMGlzOFdUx8PAvvgEF%2F%2FYANv7dpSn1bOcuSFPKV7TIet%2F6%2BL4JKpZpufuSVO2Io"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e30c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
988 B 138ms
42ms Script
text/javascript 2607:f8b0:4004:c17::69
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcnpgQiAAAAAFUtR9t-V2I_-A5ub6aagZ8k_N0S&ver=3.0

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aaf469530d35ff78b1793eaa3a361207347056895198ac17e82ece1fd2f6861a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H3 200 index.js Show response
www.gobluego.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 134ms
130ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.5
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:45:24 GMT
server: cloudflare
etag: W/"65817444-337e"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5n7UHMbCkUeTXB7zLfPhRxFIvpzWT%2BcKP5EVuwDvZzu1NaurIZ0XlwNxlUk%2BA%2BJlawSVMUBZftR6%2BF4Mv81A1uwX8PZDwMNkFPx0L66xnsmiO0d8xgcp0p2JP5VMNp%2BBmV%2BHX%2BoAnXZDPHEu0eun"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e32c3fa-EWR

GET
H3 200 index.js Show response
www.gobluego.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
4 KB 134ms
130ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.5
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1473869
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:45:24 GMT
server: cloudflare
etag: W/"65817444-2b6d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8EZ3KlDvYF3J4g0mXrwteohu3S4ZcmZxLbrPYchoe3XGyFFsOkhpck7j%2BHNWBscKKTUe5tGn%2F86L5Ye6J5jYpyFPd3lyIlmJ924K4JqQLBkI9NSeurDl8ZgMjfUPoe%2B1bYzOp02XB7lWMmThdtpB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e34c3fa-EWR

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@11.1.4/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

147 KB
55 KB

43ms
42ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@11.1.4/swiper-bundle.min.js

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3561896
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HZ4F7NAHRYJC4F3QCFCRSTCQ-lga
server: cloudflare
etag: "24baf-SvYRfRJkVC7ONCBpuA5fO4KwFAk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a119489884e8cbf-EWR

Redirect headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J2EKRYWB9C08AVDY4CMYAQYF-lga
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 366
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@11.1.4/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8a1194894fd88cbf-EWR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 191ms
92ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W7VH4BTTTR

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ddf4e1c6dc7f35ee3955b056588ebcbf91ac5a2aab884f9db2f4d3648002abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104046
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
86 KB 147ms
49ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11101296606

Requested by

Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

858505999736a8fed8193cb8fac042597e42e98dc685ee94fa341221a97744b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87998
x-xss-protection: 0
last-modified: Wed, 10 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H3 200 jquery.min.js Show response
www.gobluego.com/wp-includes/js/jquery/ 86 KB
30 KB 133ms
131ms Script
application/javascript 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 28 Aug 2023 17:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473869
etag: W/"64ecd5ef-15601"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8cM0CA84rjf5LlgpGRdQ39CHAPBfGc0OCTaJ6wHA4aqoldtsQmDLCh8eOBNJ1LJcbsSVigeoMu988IsnEFTknyLovOJrgj6ytcs1DVRCfJwHAi54VTVAJHbvhiEPM7hbWBR8Y9%2BMoWbmU3Nteu%2Bd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a1194889e35c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 cropped-blue-insurance-logo-32x32.jpg
www.gobluego.com/wp-content/uploads/2023/11/ 638 B
1 KB 60ms
59ms Other
image/jpeg 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/cropped-blue-insurance-logo-32x32.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe307e512831e79e93e3e1fbc82c4f6362efc43acf9b381f55b0f076af05e83

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589675
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 638
cf-bgj: imgq:100,h2pri
last-modified: Fri, 24 Nov 2023 17:53:23 GMT
server: cloudflare
etag: "6560e313-27e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GHWSSwT5RWf%2F%2FZ2GWStJFL7XV8juU%2BYz0AQMUgrDHO8vl2nn0pJ%2FdWEEUWiEDYobOBIRWpoobR97Gsq3dTzkOJYGg4xdGBxdpYMtbkrp9pD3eM8YbJ618StqC%2F%2FtykOW0aa2YLhoqLfs4znShTM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a119489efb8c3fa-EWR

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/ 524 KB
208 KB 323ms
21ms Script
text/javascript 2607:f8b0:400d:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcnpgQiAAAAAFUtR9t-V2I_-A5ub6aagZ8k_N0S&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
Origin: https://www.gobluego.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 13:52:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212421
x-xss-protection: 0
last-modified: Mon, 08 Jul 2024 19:45:20 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Jul 2025 13:52:53 GMT

GET
H/1.1 200
OK j5cWkH Show response
intrstreams.global.ssl.fastly.net/ 4 KB
3 KB 383ms
295ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://intrstreams.global.ssl.fastly.net/j5cWkH?return=js.client&&se_referrer=&default_keyword=Homepage%20-%20BLUE%20Insurance&landing_url=www.gobluego.com%2F&name=_dk8ZFKzwRzjnJgm8&host=https%3A%2F%2Fintrstreams.global.ssl.fastly.net%2Fj5cWkH
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 17036284061d17f83e7130a65dca91c1b97bc9ba1d95d3af813633e790c5c906

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

X-Cache-Hits: 0
Date: Wed, 10 Jul 2024 15:27:51 GMT
Content-Encoding: gzip
Via: 1.1 varnish
X-Cache: MISS
Connection: keep-alive
Content-Length: 1685
X-Served-By: cache-lga21934-LGA
Server: nginx
X-Timer: S1720625271.469808,VS0,VE285
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes
Expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11101296606/ 2 KB
1 KB 103ms
56ms Script
text/javascript 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11101296606/?random=1720625271396&cv=11&fst=1720625271396&bg=ffffff&guid=ON&async=1&gtm=45be4730za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gobluego.com%2F&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20BLUE%20Insurance&npa=0&pscdl=noapi&auid=1276608829.1720625271&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11101296606

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf81581dfc170c5fcc2cf8a040cecf1d6bf786a156726def197e9ba60c1b1998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1350
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 307 KB
102 KB 47ms
47ms Script
application/javascript 2607:f8b0:4004:c21::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W7VH4BTTTR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11101296606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

787b12977198ef8b5e0b5612000eb82a7a8174629ff24a4f6e2071b6527dada2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jul 2024 15:27:51 GMT

GET
H2 200 ethers-5.2.umd.min.js Show response
cdn.ethers.io/lib/ 716 KB
198 KB 61ms
13ms Script
application/javascript 18.173.219.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ethers.io/lib/ethers-5.2.umd.min.js
Requested by: Host: www.gobluego.com
URL: https://www.gobluego.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.219.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-15.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 09:41:25 GMT
x-amz-version-id: 3StspTE73ijjMFvXMjx4rHtfrweE9frC
content-encoding: gzip
last-modified: Thu, 20 May 2021 21:33:05 GMT
server: AmazonS3
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
etag: W/"50ed955cf32ac8e4e1daa0fac8fcde98"
age: 20787
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Z9fC28ToQX3sTkao9kqg0eepnZw7deTStpfjEFnDQzKfqqlj_9jnuw==

GET
H3 200 logo-2.svg
www.gobluego.com/wp-content/uploads/2022/05/ 2 KB
2 KB 23ms
20ms Image
image/svg+xml 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2022/05/logo-2.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c88582d61d139db8fbde6e00c4c2c11fe9bc9af7b9187c746d3683e425df9456

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 01 Jul 2022 07:17:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1473868
etag: W/"62be9f84-920"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UbOFbF4XUURpX8hc6UQ4h8HT6iQwoRgvhzE%2FBF66LiitfBOEUUX8%2FKyox9UHssPF1%2FrG%2FJd017j5UehsPs24EZTxi7fUsRsOdo%2Blkzc2HVJdcogQBCP0GAmx1V8mz3kyMHRdSTZMC4RYkapCOjEp"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8a11948a8868c3fa-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 big2-2-min.jpg
www.gobluego.com/wp-content/uploads/2023/11/ 75 KB
75 KB 25ms
23ms Image
image/jpeg 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/big2-2-min.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1f495a5692aeaaf14accd5d425fc250eeac7918383df3d26b8dd9f4cf620c1

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428135
alt-svc: h3=":443"; ma=86400
content-length: 76843
last-modified: Wed, 29 Nov 2023 14:06:11 GMT
server: cloudflare
etag: "65674553-12c2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2yAFNEumjmfGKP9ux%2FiLN%2F1icpCMFe1phQoSqp5vzeQjxiyazHnF1weyqsLTNT2ixBA%2FPsLPxv3bQzLKZwlLhmKHooIclegbsuLHHiseg0mZ%2Fw1PV%2BYpOzcYRYMhq1ggxZNXTPaTB7gcYyVqnfh4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a886bc3fa-EWR

GET
H2 200 Mask-group.svg
gobluego.wpengine.com/wp-content/uploads/2022/05/ 1 KB
1 KB 547ms
246ms Image
image/svg+xml 34.168.43.148
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gobluego.wpengine.com/wp-content/uploads/2022/05/Mask-group.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.43.148 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 148.43.168.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 00ca2a21d755f89b7ffbdafacecd557eccf65f2c1df69b055e0d50ca00796f46

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
content-encoding: br
last-modified: Fri, 01 Jul 2022 07:18:20 GMT
server: nginx
etag: W/"62be9fbc-5cc"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3 200 download-1.png
www.gobluego.com/wp-content/uploads/2023/11/ 9 KB
10 KB 26ms
24ms Image
image/png 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/download-1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d91d4ea129986fe8f2e4af963f9f14fea1a21a5c3136c46a6656b78c65e6f5

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428135
alt-svc: h3=":443"; ma=86400
content-length: 9620
last-modified: Thu, 30 Nov 2023 14:37:20 GMT
server: cloudflare
etag: "65689e20-2594"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7X1PmOWfCa8PtJtUY%2FrKgZ4UAJA9bYTrKoLecPzomqbo9H%2F2fL82xWZuPtkRovvGeP3MXc4v3dhalk96Hwl52IziWgSgaH5s8yjOpL63AAAnbhasWAW3TA%2F24J%2ByT2A1tL6QlivMsleMziaH%2BvIL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a886dc3fa-EWR

GET
H3 200 BHSI-Logo-FINAL-R.webp
www.gobluego.com/wp-content/uploads/2023/11/ 8 KB
9 KB 28ms
26ms Image
image/webp 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/BHSI-Logo-FINAL-R.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb723cad6c713c521569e52ddce131a24379c12de6f2859419da1f0bd59b0925

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428135
alt-svc: h3=":443"; ma=86400
content-length: 8646
last-modified: Thu, 30 Nov 2023 14:11:38 GMT
server: cloudflare
etag: "6568981a-21c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pYOkJXozVYYdjskMv6nv1Y%2BiLd6AJJEvs2GIN3JWYVO2CoBMvoq5qDqaqHiSSjYhIcrdS4kZ0tX%2FUPTtGegunojPU%2B0iNzoDYZQdOynuBGCdEPsSTlYKaMCKZ%2Bp7LxRphPj2fUtmihCnMruYb%2FuH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a886ec3fa-EWR

GET
H3 200 download-2.png
www.gobluego.com/wp-content/uploads/2023/11/ 5 KB
5 KB 28ms
27ms Image
image/png 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/download-2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9b24060afff8cb087031b04a0aaa6a1e257ebf6291da267e9a04cef9d7c55e

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428135
alt-svc: h3=":443"; ma=86400
content-length: 4832
last-modified: Thu, 30 Nov 2023 14:37:29 GMT
server: cloudflare
etag: "65689e29-12e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0tG%2FWtwgTJ%2FoFw0URBwWA8OSmjs8GkYt1srF0EjX%2B9AtU2%2FpKIDTczvSfX%2Fmi8XPPaFtl7yoGmVP27kCXjomPaCl3DCkAr05z%2FwpNya7AckRCgiduEFcphGByytFHt9rFq2wEFVldXT%2ByD21jJY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a886fc3fa-EWR

GET
H3 200 download-3.png
www.gobluego.com/wp-content/uploads/2023/11/ 2 KB
3 KB 25ms
24ms Image
image/png 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/11/download-3.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68d58004957a455392e993c336043dddfc25003ccfdc929de90e9224a48b73d

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1428135
alt-svc: h3=":443"; ma=86400
content-length: 2208
last-modified: Thu, 30 Nov 2023 14:37:27 GMT
server: cloudflare
etag: "65689e27-8a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7EHvcNcWdgah1UnKoBN0w1%2F4YwYjWxLFZlOzLnl%2F34GoPV7kfNC3EEOlKK5bRAHbUKDmv%2BRcGYZmF8PiytCJ6YGeoVscj%2B%2BpcMM66Foydp%2Byc1XHth7zBRBpMbewV6jgAN8pK80GNuboc%2FhihOZ2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a8871c3fa-EWR

GET
H3 200 Mask-Group-2.png
www.gobluego.com/wp-content/uploads/2023/12/ 273 KB
274 KB 489ms
488ms Image
image/png 2606:4700:3035::6815:52f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gobluego.com/wp-content/uploads/2023/12/Mask-Group-2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:52f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c616ca01d21657d87d3b446ee29455b1f93e0fd0d1bddbfbedf69e8f11a45d92

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 05:36:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6583cec3-4458a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8avSYmIUSVjcvf9Irjz6udcHFmsC4D1Ti6oOcwVvdtOX7MTYoEyxxbIppid%2B%2FR513a01BwaXuTQtIzkYXPghiASG%2BaNDEEZPrClLqt%2BZx0dd0u9QwAXC0%2FRrAZGPwYQTwfIMivAVcD%2BfBmNW0PLV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 8a11948a8872c3fa-EWR
alt-svc: h3=":443"; ma=86400
content-length: 279946

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 529ms
36ms Fetch
text/plain 2607:f8b0:4004:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-W7VH4BTTTR&gtm=45je4730v9174105775za200&_p=1720625271332&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1383984782.1720625271&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720625271&sct=1&seg=0&dl=https%3A%2F%2Fwww.gobluego.com%2F&dt=Homepage%20-%20BLUE%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=928&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W7VH4BTTTR
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2024 15:27:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gobluego.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11101296606/ 42 B
64 B 44ms
43ms Image
image/gif 2607:f8b0:4004:c17::69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11101296606/?random=1720625271396&cv=11&fst=1720623600000&bg=ffffff&guid=ON&async=1&gtm=45be4730za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.gobluego.com%2F&hn=www.googleadservices.com&frm=0&tiba=Homepage%20-%20BLUE%20Insurance&npa=0&pscdl=noapi&auid=1276608829.1720625271&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLW_4YrZQQiuKYDFNoNoZWfyyZcwLyGA&random=2893363697&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::69 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jul 2024 15:27:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
bsc-dataseed1.binance.org/ Frame 0
0 146ms
16ms Preflight 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gobluego.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
date: Wed, 10 Jul 2024 15:27:51 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
bsc-dataseed1.binance.org/ 41 B
470 B 18ms
17ms Fetch
application/json 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Requested by

Host: cdn.ethers.io
URL: https://cdn.ethers.io/lib/ethers-5.2.umd.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

64fa9bad3274e0dc928755d2d8d827dbe0470406cc1a29ee19f6cd8f35ccbe75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gobluego.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
content-encoding: br
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
x-nr-trace-id: 00000000000000000000000000000000
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: *
x-xss-protection: 1; mode=block

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame E268 0
0 175ms
47ms Document
text/html 2607:f8b0:4004:c17::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcnpgQiAAAAAFUtR9t-V2I_-A5ub6aagZ8k_N0S&co=aHR0cHM6Ly93d3cuZ29ibHVlZ28uY29tOjQ0Mw..&hl=en&v=-80zvSY9h4i8O-ocN2P5qTJk&size=invisible&cb=z1ufkmxppolz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-80zvSY9h4i8O-ocN2P5qTJk/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jMndIuQ0nn1bPJwF8xwglQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-jMndIuQ0nn1bPJwF8xwglQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jul 2024 15:27:51 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
bsc-dataseed1.binance.org/ 41 B
470 B 18ms
17ms Fetch
application/json 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Requested by

Host: cdn.ethers.io
URL: https://cdn.ethers.io/lib/ethers-5.2.umd.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

353e3d3edc78ebd2e7ce43717cbf8756584bc56703bf9f2324981e69cb1a4923

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
content-encoding: br
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
x-nr-trace-id: 00000000000000000000000000000000
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: *
x-xss-protection: 1; mode=block

OPTIONS
H2 204 /
bsc-dataseed1.binance.org/ Frame 0
0 18ms
18ms Preflight 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gobluego.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
date: Wed, 10 Jul 2024 15:27:51 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
bsc-dataseed1.binance.org/ 1 KB
970 B 19ms
18ms Fetch
application/json 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Requested by

Host: cdn.ethers.io
URL: https://cdn.ethers.io/lib/ethers-5.2.umd.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

e105c56ab04d4f423cf68a6c00fff80370705bc6feac2328a154b5fa10fa30c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Jul 2024 15:27:51 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
content-encoding: br
access-control-max-age: 600
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
x-nr-trace-id: 00000000000000000000000000000000
content-type: application/json; charset=utf-8
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: *
x-xss-protection: 1; mode=block

OPTIONS
H2 204 /
bsc-dataseed1.binance.org/ Frame 0
0 17ms
16ms Preflight 35.71.137.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bsc-dataseed1.binance.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.137.105 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1d4ba62fdc34338f.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gobluego.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
date: Wed, 10 Jul 2024 15:27:51 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST page
daslkjfhi2.xyz/ 0
0

OPTIONS
H3 502 page
daslkjfhi2.xyz/ Frame 0
0 243ms
207ms Preflight
text/html 2606:4700:3037::ac43:95db
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://daslkjfhi2.xyz/page

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:95db , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gobluego.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8a11948e4cfac411-EWR
content-length: 6347
content-type: text/html; charset=UTF-8
date: Wed, 10 Jul 2024 15:27:52 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9Ihb40QKak8EmRR%2F2vxHI3yX%2BJxfLo2bs8UDyEVlm02GVuM31Zk2VffMNH7lRBAp%2FAucBvEhJnGZmfzIOAxSt4JnsBHtD93NGNv2vJ1lKsUzPAYfpm%2F74ZLWU6AbRGcFDdBPvpHbos%2BPS5XiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H/1.1 200
OK / Show response
winnershere.life/ 60 KB
61 KB 447ms
108ms Document
text/html 185.155.184.32
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://winnershere.life/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash: 1f3ee7477292b2a095a316442a7c9dd5eeca30413374d7f1869e9b045fd9a55d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 61570
Content-Type: text/html
Date: Wed, 10 Jul 2024 15:27:52 GMT
Server: openresty
cache-control: private

GET
H/1.1 204
No Content favicon.ico
winnershere.life/ 0
136 B 99ms
98ms Other
text/plain 185.155.184.32
LUGANO Data Center

General

Check archive.org

Show headers Download Go to

Full URL: https://winnershere.life/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.155.184.32 , Switzerland, ASN6898 (AS-6898 C41.CH SAGL - LUGANO Data Center, CH),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer: https://winnershere.life/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:53 GMT
Cache-Control: no-transform
Server: openresty
Connection: keep-alive

GET
H/1.1 200
OK Primary Request / Show response
kwk8vxw.septbahear.live/efxbmraa/ 12 KB
12 KB 788ms
116ms Document
text/html 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
Requested by: Host: winnershere.life
URL: https://winnershere.life/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: openresty /
Resource Hash: 015acfd5a71a8868e776a21e1c3982a48411e81ed6ea8d18dc47fac0a75c26b3

Request headers

Referer: https://winnershere.life/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 12484
Content-Type: text/html
Date: Wed, 10 Jul 2024 15:27:53 GMT
Server: openresty
cache-control: private

GET
H/1.1 200
OK style7.css
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 8 KB
9 KB 197ms
107ms Stylesheet
text/css 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/style7.css

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

6c907f63aa4bdcfbf8ab58e9e4ee3503ea373210d98b63db6058d32e38c3af14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC45F0DD17
Connection: keep-alive
Content-Length: 8236
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:42 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:42.104Z
ETag: "ed23a57bbdb6707b5857192e179d6e2b"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719877711#0/gid:0/gname:root/mode:33188/mtime:1719965142#73557298/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK 1.js Show response
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 3 KB
3 KB 315ms
105ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/1.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

39c1cf6c1834a771d8d0ce074e1d2b8649a63cba014c68ecac6f617dc36bf7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC5D706EE3
Connection: keep-alive
Content-Length: 2665
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:13 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:13.124Z
ETag: "ad30984b7bb6c4ca8b5e5f939898c7cd"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964514#368283608/gid:0/gname:root/mode:33188/mtime:1719965113#93499614/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK 2.js Show response
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 691 B
1 KB 314ms
104ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/2.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

602961a4576ff0260a08857629f92136ab28039f7016555b8f903dd200ca7788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC5D2F1464
Connection: keep-alive
Content-Length: 691
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Thu, 04 Jul 2024 15:15:59 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-04T15:15:59.541Z
ETag: "6f0f537986f28cfbb5f65d73cf7847ec"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1720106159#537798779/gid:0/gname:root/mode:33188/mtime:1720106159#509798718/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK jquery.min.js Show response
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 85 KB
85 KB 314ms
104ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/jquery.min.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC623650AC
Connection: keep-alive
Content-Length: 86659
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:25 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:25.475Z
ETag: "c9f5aeeca3ad37bf2aa006139b935f0a"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719876455#0/gid:0/gname:root/mode:33188/mtime:1719965125#445524222/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK 4.js Show response
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 3 KB
4 KB 315ms
106ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/4.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC601F18D0
Connection: keep-alive
Content-Length: 3533
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:14 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:14.107Z
ETag: "116c9460f5e882a7fcf4e837f7efc72a"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965114#77501585/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK u.js Show response
kwk8vxw.septbahear.live/media/mainstream/ 23 KB
24 KB 315ms
106ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/u.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

da6b9222d60f021de37dbcfb23d67a505271716c8105a3507e94160a51db8a14

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E27D9BEF6F61
Connection: keep-alive
Content-Length: 24047
X-Xss-Protection: 1; mode=block
Last-Modified: Sun, 16 Jun 2024 17:12:20 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-06-16T17:12:20.609Z
ETag: "562a2c0e490c568c065b562b78cb0f42"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1718557357#527417626/gid:0/gname:root/mode:33188/mtime:1718557940#564575085/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK flag-icon.css
kwk8vxw.septbahear.live/media/mainstream/flag-icon/css/ 39 KB
40 KB 303ms
106ms Stylesheet
text/css 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/flag-icon/css/flag-icon.css

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

299595fd56aa6a2fcfac34fcf780d33b61785ad96f19485e65a33ead8fd69cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC4DF04BDA
Connection: keep-alive
Content-Length: 39806
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:15 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:59.318598233Z
ETag: "b7a46a018dcd21a4828bae0b04ddcc6c"
Vary: Origin, Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223446#151840557/gid:0/gname:root/mode:33279/mtime:1655387459#318598233/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK amazon_1000_summerwater.png
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 26 KB
27 KB 104ms
103ms Image
image/png 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/amazon_1000_summerwater.png

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

e2b3714956b1a6aec1afc6ab880dc1d7d4ce3e2fb4613b346fa6db4c1507380f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC912C3E1B
Connection: keep-alive
Content-Length: 26660
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:16 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:16.886Z
ETag: "d0d2bf402b8019683b172c2622588a26"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965116#853507143/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET logo_f01.png
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 0
0

GET
H/1.1 200
OK 3.js Show response
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 13 KB
14 KB 104ms
104ms Script
text/javascript 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/3.js

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

ae820c12d86e4add3b493c282f84c9714fc79cd8dc7ac05d3a2e2d7d7ddb5e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC5D0931D9
Connection: keep-alive
Content-Length: 13485
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:13 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:13.918Z
ETag: "ceb6d05a50375e588f86955e6507eccd"
Vary: Origin, Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719874912#0/gid:0/gname:root/mode:33188/mtime:1719965113#889501208/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK box.png
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 23 KB
24 KB 105ms
105ms Image
image/png 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/box.png

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

a208625353fe3613a5bd7498c69d0921b33facd1a658fe8cc661b704c248e0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC84331B54
Connection: keep-alive
Content-Length: 23977
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:18 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:18.131Z
ETag: "b31b2de6ba6ab0d538c6249ba43af93d"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965118#97509633/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK google_play_card.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 4 KB
5 KB 108ms
107ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/google_play_card.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

f9b405ee4b9f6b58e46bafb40463fb08a4ee39c945389d2fcd7e3f8f15959c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC87F5F555
Connection: keep-alive
Content-Length: 4130
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:21 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:21.542Z
ETag: "3776a9f0c3b19e203951d23c2d577f31"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965121#509516467/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_1.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 1 KB
2 KB 106ms
105ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_1.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

e29bf548cb100dfd46c3307ce6d47ac27cab8671b850af34dbec1f7e0625d90e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC869BE358
Connection: keep-alive
Content-Length: 1434
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:44 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:44.526Z
ETag: "21bda39c69a0527bcb17d0f5d3ce9ebd"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965144#497562137/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_initial_m.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 950 B
2 KB 108ms
107ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_initial_m.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

669c7de8cc4685bb673f13db0b8de84fd8142005c4db680cbe35fad7b852c631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC8674D69E
Connection: keep-alive
Content-Length: 950
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:45 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:45.904Z
ETag: "62a261739e9a386d39d542903d5ab050"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965145#865564867/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_3.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 2 KB
2 KB 106ms
105ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_3.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

3172231a2fb01d648be217c0118e25437c0a52d7d1cf057bdad7d6d86fc29889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC86C0E81B
Connection: keep-alive
Content-Length: 1721
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:44 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:44.908Z
ETag: "6442f84b2acd86e6e571a24313651987"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965144#877562896/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_cat2.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 1 KB
2 KB 254ms
104ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_cat2.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

cd6fc5a817d3e74f516b53fcd9ba5c691ce7b036ffed9947579edf4c76c12b98

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC8A48A740
Connection: keep-alive
Content-Length: 1388
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:45 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:45.484Z
ETag: "0ac513ee31a4aa2855ef74476d76c95a"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965145#453564045/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_heart.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 1 KB
2 KB 149ms
104ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_heart.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

27e548eae9447f8d928b3778eb4d14e7c6be1582f8c53c040e771f5f5e72ced7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC7DDCA183
Connection: keep-alive
Content-Length: 1428
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:45 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:45.681Z
ETag: "d1d2ce3b77a4b6f4347c3ae674142664"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719965145#677564492/gid:0/gname:root/mode:33188/mtime:1719965145#649564436/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_2.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 2 KB
3 KB 254ms
103ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_2.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

acad01dcfdc01b98f69db941ca21c784835aa118c53025dc8006705e49145da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC7BC5A8E7
Connection: keep-alive
Content-Length: 1856
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:44 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:44.716Z
ETag: "0751077bb39eb354771c0918dd4651a2"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965144#685562512/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_initial_s.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 751 B
1 KB 148ms
103ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_initial_s.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

7125f531b9cdb3ef75f1b5b608b974f492794764638bfe482c4b4c5083acbcdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC7BB5510A
Connection: keep-alive
Content-Length: 751
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:46 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:46.293Z
ETag: "e8c1454c15c6596bb21d99f4d907f632"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965146#261565657/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_cat.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 1 KB
2 KB 215ms
102ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_cat.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

479c7be121469bcd135a4d80cccfb35cb9838c811d505f8ceeca07ccb581f7aa

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC7E5561DE
Connection: keep-alive
Content-Length: 1422
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:45 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:45.292Z
ETag: "386e89d83d4f84499cbb1611b2db4173"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442556#0/gid:0/gname:root/mode:33188/mtime:1719965145#261563662/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_4.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 2 KB
3 KB 157ms
111ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_4.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

7c1304a435337d677c1bb2e43007b946aea6571cacb2b12bf150676dcbd6b8c3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC7DD1EC29
Connection: keep-alive
Content-Length: 1891
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:45 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:45.098Z
ETag: "7ba72cafb47b63a3277ff2ee2f06d7df"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719965145#93563327/gid:0/gname:root/mode:33188/mtime:1719965145#69563279/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK winner_initial_r.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 807 B
2 KB 217ms
104ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/winner_initial_r.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

7fbbaed15a8beaf623f6eaab8c739875e3f90dd929e09a03bcdb2327e486c438

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E2AC7F03BD9B
Connection: keep-alive
Content-Length: 807
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:46 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:46.101Z
ETag: "3c777668dafeeb70ccc712b2772d7bc5"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719965146#97565330/gid:0/gname:root/mode:33188/mtime:1719965146#69565274/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK chrome58x58.png
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 8 KB
9 KB 146ms
104ms Image
image/png 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/chrome58x58.png

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E35182457D2A
Connection: keep-alive
Content-Length: 8496
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:18 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:18.532Z
ETag: "6111593186764223a5c03ae8fe3820ef"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1653343200#0/gid:0/gname:root/mode:33188/mtime:1719965118#501510443/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK 0xES5Sl_v6oyT7dAKuoni4gp9Q8gbYrhqGlRav_IXfk.woff2
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 11 KB
13 KB 123ms
104ms Font
font/woff2 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/0xES5Sl_v6oyT7dAKuoni4gp9Q8gbYrhqGlRav_IXfk.woff2

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/style7.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

07f0b8f1a8d489ee696e2b30e2f9806e60fa277bfa7880195a89cf233f132a99

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/style7.css
Origin: https://kwk8vxw.septbahear.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Content-Security-Policy: block-all-mixed-content
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Amz-Request-Id: 17E0E3517F635DCE
Connection: keep-alive
Content-Length: 11708
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:12 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:12.712Z
ETag: "719d1148dce08063b33810d095a48d12"
Vary: Origin, Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: https://kwk8vxw.septbahear.live
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
Cache-Control: max-age=31536000
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1719964513#752282332/gid:0/gname:root/mode:33188/mtime:1719965112#681498788/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK box.png
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 23 KB
0 2ms
2ms Image
image/png 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/box.png

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

a208625353fe3613a5bd7498c69d0921b33facd1a658fe8cc661b704c248e0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC84331B54
Content-Length: 23977
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:18 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:18.131Z
ETag: "b31b2de6ba6ab0d538c6249ba43af93d"
Vary: Origin, Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965118#97509633/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 200
OK google_play_card.jpg
kwk8vxw.septbahear.live/media/mainstream/all/fc2/ 4 KB
0 0ms
0ms Image
image/jpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/google_play_card.jpg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

f9b405ee4b9f6b58e46bafb40463fb08a4ee39c945389d2fcd7e3f8f15959c14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2AC87F5F555
Content-Length: 4130
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2024 00:05:21 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2024-07-03T00:05:21.542Z
ETag: "3776a9f0c3b19e203951d23c2d577f31"
Vary: Origin, Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1610442552#0/gid:0/gname:root/mode:33188/mtime:1719965121#509516467/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H2 200 getextparams Show response
jsontdsexit2.com/ExtService.svc/ 630 B
502 B 336ms
98ms XHR
application/json 136.243.216.235
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jsontdsexit2.com/ExtService.svc/getextparams
Requested by: Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/media/mainstream/u.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 136.243.216.235 Eitensheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.235.216.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 0461d474f04940681ddf41a7ff5002bdcea02b8add9b181e8352407ccded3baa

Request headers

Referer: https://kwk8vxw.septbahear.live/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jul 2024 15:27:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK alert.mp3 Show response
kwk8vxw.septbahear.live/media/mainstream/ 9 KB
9 KB 103ms
103ms XHR
audio/mpeg 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/alert.mp3

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E27E475C1BA5
Connection: keep-alive
Content-Length: 8802
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:06 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:50:52.802583242Z
ETag: "6d2d3da2ea28ace816fa4a138829dc18"
Vary: Origin, Accept-Encoding
Content-Type: audio/mpeg
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695324533#997523934/gid:0/gname:root/mode:33279/mtime:1655387452#802583242/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

GET
H/1.1 204
No Content favicon.ico
kwk8vxw.septbahear.live/ 0
107 B 104ms
103ms Other
text/plain 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to

Full URL: https://kwk8vxw.septbahear.live/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kwk8vxw.septbahear.live/efxbmraa/?u=wxv8kwk&o=qhkwu36&cid=26sa3bju4k3i&f=1&sid=t2~m2ozzcdb0wwpgq1rpe1zjo3l&fp=HYOCg6aevXYKq2vmKWPfZA%3D%3D
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 10 Jul 2024 15:27:54 GMT
Server: openresty

GET
H/1.1 200
OK us.svg
kwk8vxw.septbahear.live/media/mainstream/flag-icon/flags/4x3/ 6 KB
7 KB 104ms
104ms Image
image/svg+xml 185.155.186.25
TEKNOLOGY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kwk8vxw.septbahear.live/media/mainstream/flag-icon/flags/4x3/us.svg

Requested by

Host: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/media/mainstream/flag-icon/css/flag-icon.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

185.155.186.25 , Switzerland, ASN203639 (TEKNOLOGY, CH),

Reverse DNS

Software

openresty /

Resource Hash

7db44305e217e7a44845b47fe090b5f077a1cecf820899c7a6977b26549cdc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kwk8vxw.septbahear.live/media/mainstream/flag-icon/css/flag-icon.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Wed, 10 Jul 2024 15:27:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Amz-Request-Id: 17E0E2B05962945B
Connection: keep-alive
Content-Length: 6215
X-Amz-Id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
X-Xss-Protection: 1; mode=block
Last-Modified: Tue, 21 Nov 2023 12:30:16 GMT
Server: openresty
x-amz-meta-mm-source-mtime: 2022-06-16T13:51:17.446639958Z
ETag: "2b327bda75ccb4c9c3cd7ea61c4fed82"
Vary: Origin, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-amz-meta-mc-attrs: atime:1695223448#267845249/gid:0/gname:root/mode:33279/mtime:1655387477#446639958/uid:0/uname:root
Expires: Thu, 10 Jul 2025 15:27:54 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: daslkjfhi2.xyz
URL: https://daslkjfhi2.xyz/page

Domain: kwk8vxw.septbahear.live
URL: https://kwk8vxw.septbahear.live/media/mainstream/all/fc2/logo_f01.png

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 02:16:17	Name: _GRECAPTCHA Value: 09AB84Sru0ZIQFj55L4-QXQHCD56L9MqLcsRC3UH5NrXJvqX5RrjGVgCQqdTAOYWtPWdiNZYKRzhCqmVaHMW6jJ4E
www.gobluego.com/	1969-12-31 23:59:59	Name: nitroCachedPage Value: 0
.gobluego.com/	1970-01-21 00:06:41	Name: _gcl_au Value: 1.1.1276608829.1720625271
.gobluego.com/	1970-01-21 07:33:05	Name: _ga_W7VH4BTTTR Value: GS1.1.1720625271.1.0.1720625271.0.0.0
.gobluego.com/	1970-01-21 07:33:05	Name: _ga Value: GA1.1.1383984782.1720625271
.doubleclick.net/	1970-01-20 21:57:06	Name: test_cookie Value: CheckForPermission
winnershere.life/	1969-12-31 23:59:59	Name: sid Value: t2~m2ozzcdb0wwpgq1rpe1zjo3l
winnershere.life/	1969-12-31 23:59:59	Name: p1 Value: https://septbahear.live/efxbmraa/
winnershere.life/	1969-12-31 23:59:59	Name: s1 Value: e87adxcnl1vpahlw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.gobluego.com/ Message: Access to fetch at 'https://daslkjfhi2.xyz/page' from origin 'https://www.gobluego.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://daslkjfhi2.xyz/page Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bsc-dataseed1.binance.org
cdn.ethers.io
daslkjfhi2.xyz
fonts.googleapis.com
fonts.gstatic.com
gobluego.wpengine.com
googleads.g.doubleclick.net
intrstreams.global.ssl.fastly.net
jsontdsexit2.com
kwk8vxw.septbahear.live
unpkg.com
winnershere.life
www.gobluego.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
daslkjfhi2.xyz
kwk8vxw.septbahear.live
136.243.216.235
151.101.1.194
18.173.219.15
185.155.184.32
185.155.186.25
2606:4700:3035::6815:52f8
2606:4700:3037::ac43:95db
2606:4700::6811:f5cb
2607:f8b0:4004:c06::65
2607:f8b0:4004:c17::69
2607:f8b0:4004:c17::6a
2607:f8b0:4004:c1d::9b
2607:f8b0:4004:c21::61
2607:f8b0:400d:c04::5e
2607:f8b0:400d:c0d::5e
2607:f8b0:400d:c0e::5f
34.168.43.148
35.71.137.105
00ca2a21d755f89b7ffbdafacecd557eccf65f2c1df69b055e0d50ca00796f46
015acfd5a71a8868e776a21e1c3982a48411e81ed6ea8d18dc47fac0a75c26b3
0461d474f04940681ddf41a7ff5002bdcea02b8add9b181e8352407ccded3baa
07f0b8f1a8d489ee696e2b30e2f9806e60fa277bfa7880195a89cf233f132a99
17036284061d17f83e7130a65dca91c1b97bc9ba1d95d3af813633e790c5c906
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
18c13901db24f33f380da4bd04702f6fc8b82f8351de10c2afd4edcc77014cca
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1d1f495a5692aeaaf14accd5d425fc250eeac7918383df3d26b8dd9f4cf620c1
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1f3ee7477292b2a095a316442a7c9dd5eeca30413374d7f1869e9b045fd9a55d
228bce783bd3073d214f1028544f437f27eca5057896fe762416d7be93f90de9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27e548eae9447f8d928b3778eb4d14e7c6be1582f8c53c040e771f5f5e72ced7
2838809675471ea681ebc123ba81822b989c64c1f60b005687032da32e2a16a8
298bafa05900a3bc3d44e4b7406618e73c3ddec2878fcb761b04f4ee9983b7de
299595fd56aa6a2fcfac34fcf780d33b61785ad96f19485e65a33ead8fd69cbc
2f3ebc68c0eacb3d3557a757d1c1788999181e167cbbfc3fbe93cb0031b0e265
3172231a2fb01d648be217c0118e25437c0a52d7d1cf057bdad7d6d86fc29889
353e3d3edc78ebd2e7ce43717cbf8756584bc56703bf9f2324981e69cb1a4923
39569f71de8d932d9eb8cf0ef555c71c6831c6593929ee46d2e7f2d6221ccdfe
39c1cf6c1834a771d8d0ce074e1d2b8649a63cba014c68ecac6f617dc36bf7b1
3b852b3a3f66eece13fcb5108bb807e240e29fd9243d4a0ca35ef8d48fb2770c
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3f1cd60ed94e737f7d4472b1ba942783580cd7993c1d23b58930a2f0de3aa56c
4460f1596174d06cca957fdaca2c71e1a377cf1d6f07ee4c75ffb3bf3fc97a03
479c7be121469bcd135a4d80cccfb35cb9838c811d505f8ceeca07ccb581f7aa
4871c750c6d35ee82c6192273cfd442770f90385c5f91d6df0e128de69dacd67
4a38335b55379462b766727785b7505320bcc608f7c9c8890b7bf70513570624
602961a4576ff0260a08857629f92136ab28039f7016555b8f903dd200ca7788
615ab140c3f43044fc22d6483cd40ff1b1b19321cf771d2c43c25253b7fd8263
64fa9bad3274e0dc928755d2d8d827dbe0470406cc1a29ee19f6cd8f35ccbe75
651141c8290087af54c66793aa063ee5697661fb914925f56bd09390a2895ce4
669c7de8cc4685bb673f13db0b8de84fd8142005c4db680cbe35fad7b852c631
68ccb3e710e9f83015617a055d3c3aa203cc60e872f128665869dd9a69ade0c5
6b2476edf95aa04cd7ccb301051fb62853b69d39af09c929a81fdba43143bc5a
6c907f63aa4bdcfbf8ab58e9e4ee3503ea373210d98b63db6058d32e38c3af14
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7125f531b9cdb3ef75f1b5b608b974f492794764638bfe482c4b4c5083acbcdb
787b12977198ef8b5e0b5612000eb82a7a8174629ff24a4f6e2071b6527dada2
7c1304a435337d677c1bb2e43007b946aea6571cacb2b12bf150676dcbd6b8c3
7db44305e217e7a44845b47fe090b5f077a1cecf820899c7a6977b26549cdc08
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
7fbbaed15a8beaf623f6eaab8c739875e3f90dd929e09a03bcdb2327e486c438
82dfce8760ca230bb796f728f5444cec9f3611c94bfe33298cad70aa524e0eb2
858505999736a8fed8193cb8fac042597e42e98dc685ee94fa341221a97744b5
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8aaf90a00d378f096c89c7a0a3503c98d8f663eabab958bb1b226020c4f2ad2e
8ddf4e1c6dc7f35ee3955b056588ebcbf91ac5a2aab884f9db2f4d3648002abc
8ec96f660841e699136f6cc482ee41853ada214b38fa4b684e49e78337cf8df2
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
9e9b24060afff8cb087031b04a0aaa6a1e257ebf6291da267e9a04cef9d7c55e
a0d5c1216c9720fdc7e2faa46e91efb5e33591e71a35482de3af849c40189644
a208625353fe3613a5bd7498c69d0921b33facd1a658fe8cc661b704c248e0c0
a9d91d4ea129986fe8f2e4af963f9f14fea1a21a5c3136c46a6656b78c65e6f5
aaf469530d35ff78b1793eaa3a361207347056895198ac17e82ece1fd2f6861a
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
acad01dcfdc01b98f69db941ca21c784835aa118c53025dc8006705e49145da7
ae820c12d86e4add3b493c282f84c9714fc79cd8dc7ac05d3a2e2d7d7ddb5e4a
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
c43bac4573ee12a2caf174c6627e517b391fdcc0b5bd8e4af0042186249fc155
c616ca01d21657d87d3b446ee29455b1f93e0fd0d1bddbfbedf69e8f11a45d92
c88582d61d139db8fbde6e00c4c2c11fe9bc9af7b9187c746d3683e425df9456
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cb723cad6c713c521569e52ddce131a24379c12de6f2859419da1f0bd59b0925
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd6fc5a817d3e74f516b53fcd9ba5c691ce7b036ffed9947579edf4c76c12b98
cf81581dfc170c5fcc2cf8a040cecf1d6bf786a156726def197e9ba60c1b1998
cfe307e512831e79e93e3e1fbc82c4f6362efc43acf9b381f55b0f076af05e83
d2b77256bac8b2715d6c28e5f08b2a4c4937dc6913a38fab86e734d3295c8b02
d68d58004957a455392e993c336043dddfc25003ccfdc929de90e9224a48b73d
d79bc81189750262716692ade6cc4d6fb6c4fbc4aa01c2b9d0aa67e5788821fc
da6b9222d60f021de37dbcfb23d67a505271716c8105a3507e94160a51db8a14
e105c56ab04d4f423cf68a6c00fff80370705bc6feac2328a154b5fa10fa30c4
e29bf548cb100dfd46c3307ce6d47ac27cab8671b850af34dbec1f7e0625d90e
e2b3714956b1a6aec1afc6ab880dc1d7d4ce3e2fb4613b346fa6db4c1507380f
e2d4b7ac2cf724a064d15a4379ccca7a81c346dcb143f279d83a0e99f9563cc7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9760f1dfa69c2a1ac880ed2c007b0ec8eeb6e1d721ffde074b62e69492b4854
f9b405ee4b9f6b58e46bafb40463fb08a4ee39c945389d2fcd7e3f8f15959c14

kwk8vxw.septbahear.live Open in urlscan Pro 185.155.186.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

97 %HTTPS

61 %IPv6

16 Domains

17 Subdomains

19 IPs

3 Countries

2128 kBTransfer

4161 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kwk8vxw.septbahear.live Open in urlscan Pro
185.155.186.25 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

97 %
HTTPS

61 %
IPv6

16
Domains

17
Subdomains

19
IPs

3
Countries

2128 kB
Transfer

4161 kB
Size

9
Cookies

94 HTTP transactions
1 data transactions