fantalks.io Open in urlscan Pro
95.163.254.117 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fantalks.io/
Effective URL:
https://fantalks.io/
Submission: On December 09 via api (December 9th 2023, 5:04:05 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 57 HTTP transactions. The main IP is 95.163.254.117, located in Russian Federation and belongs to VK-AS, RU. The main domain is fantalks.io.
TLS certificate: Issued by R3 on November 12th 2023. Valid for: 3 months.

This is the only time fantalks.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	95.163.254.117 95.163.254.117	47764 (VK-AS) (VK-AS)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
4	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1 7	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a01:b740:a30... 2a01:b740:a30:f000::199	6185 (APPLE-AUSTIN) (APPLE-AUSTIN)
4	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	95.163.33.224 95.163.33.224	21051 (NIVAL-AS) (NIVAL-AS)
4	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	195.211.131.165 195.211.131.165	21051 (NIVAL-AS) (NIVAL-AS)
57	12

20 95.163.254.117 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: donationalerts.mail.ru

fantalks.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 87.230.98.74 (Bergisch Gladbach, Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

b.delivery.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::18 (Frankfurt am Main, Germany) 1 redirects

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:b740:a30:f000::199 (Frankfurt am Main, Germany)

ASN6185 (APPLE-AUSTIN, US)

applepay.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.33.224 (Russian Federation)

ASN21051 (NIVAL-AS, RU)
PTR: wf.my.games

pc.warface.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.211.131.165 (Russian Federation)

ASN21051 (NIVAL-AS, RU)

wf.cdn.gmru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fantalks.io 1 redirects fantalks.io	716 KB
16	google.com pay.google.com — Cisco Umbrella Rank: 2109 play.google.com — Cisco Umbrella Rank: 32	423 KB
11	consentmanager.net 1 redirects b.delivery.consentmanager.net — Cisco Umbrella Rank: 28969 cdn.consentmanager.net — Cisco Umbrella Rank: 14815	112 KB
4	gstatic.com www.gstatic.com	101 KB
2	gmru.net wf.cdn.gmru.net — Cisco Umbrella Rank: 833718	131 KB
1	warface.com pc.warface.com	1001 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	251 B
1	cdn-apple.com applepay.cdn-apple.com — Cisco Umbrella Rank: 16460	49 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	88 KB
0	consensu.org Failed consentmanager.mgr.consensu.org Failed
57	10

	Domain	Requested by
20	fantalks.io	1 redirects fantalks.io
12	play.google.com	www.gstatic.com
7	cdn.consentmanager.net	1 redirects fantalks.io b.delivery.consentmanager.net cdn.consentmanager.net
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	fantalks.io pay.google.com www.gstatic.com
4	b.delivery.consentmanager.net	fantalks.io b.delivery.consentmanager.net
2	wf.cdn.gmru.net	pc.warface.com
1	pc.warface.com	client
1	region1.google-analytics.com	www.googletagmanager.com
1	applepay.cdn-apple.com	fantalks.io
1	www.googletagmanager.com	fantalks.io
0	consentmanager.mgr.consensu.org Failed	fantalks.io
57	12

This site contains links to these domains. Also see Links.

Domain
www.consentmanager.net
www.donationalerts.com

Subject Issuer	Validity	Valid
fantalks.io R3	`2023-11-12` - `2024-02-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
b.delivery.consentmanager.net R3	`2023-11-15` - `2024-02-13`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
applepay.cdn-apple.com Apple Public Server ECC CA 12 - G1	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
warface.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.cdn.gmru.net GlobalSign RSA OV SSL CA 2018	`2023-03-15` - `2024-04-15`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://fantalks.io/
Frame ID: A74EFBCE56E4798CCD84A16B22909781
Requests: 37 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Ffantalks.io&mid=
Frame ID: AC05642C7D9ACC69987C82FE7D0CEC76
Requests: 13 HTTP requests in this frame

Frame: https://cdn.consentmanager.net/delivery/crossdomain.html
Frame ID: 32A86535E28D2C995FDBC178D6C2504E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FanTalks.io

Page URL History Show full URLs

http://fantalks.io/ HTTP 301
https://fantalks.io/ Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

57
Requests

95 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1620 kB
Transfer

4664 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.consentmanager.net/?utm_source=cmplogo&utm_medium=banner&utm_campaign=cmplogo&utm_term=40973&utm_content=fantalks.io
Title: consentmanager.net

Search URL Search Domain Scan URL

URL: https://www.donationalerts.com/help/support#/
Title: contact our support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fantalks.io/ HTTP 301
https://fantalks.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cdn.consentmanager.net/delivery/recall/logos/40973 HTTP 301
https://cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fantalks.io/
Redirect Chain

http://fantalks.io/
https://fantalks.io/

1 KB
656 B

325ms
151ms

Document
text/html

95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

2e1bb04b9a8baa2001eed6bd5b85ef89f0e560dc7d2135ae7cbc2479875c489d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 17:03:59 GMT
server: nginx
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Sat, 09 Dec 2023 17:03:58 GMT
Location: https://fantalks.io/
Server: nginx

GET
H2 200 jquery.min.js Show response
fantalks.io/js/ 95 KB
32 KB 182ms
179ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/jquery.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

728062087f2403eca7c071d6e20ee3d0f668e12ecbfd36c2bb89e561c197ab91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-17c7a"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
fantalks.io/js/ 731 B
743 B 264ms
261ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/jquery.ba-throttle-debounce.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-2db"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-ui.min.js Show response
fantalks.io/js/ 36 KB
10 KB 264ms
262ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/jquery-ui.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

3715323c282a8c211a3f828214481e5c8406e491805aa754c6ecc28cc388593e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-8f3c"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 moment.min.js Show response
fantalks.io/js/ 38 KB
14 KB 265ms
263ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/moment.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

d5b2dbd8ceda59840b352b864e3410776bb5424551e5efcde018d7b4505d49a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-97c0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.min.js Show response
fantalks.io/js/ 42 KB
10 KB 265ms
263ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/slick.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-a76f"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
fantalks.io/js/ 4 KB
1 KB 346ms
344ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/ga.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

205ed165bdc90d24b89470f936740588fbcf7d213aab3c8a8576a800bbc41fb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-fb7"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 axios.min.js Show response
fantalks.io/js/ 13 KB
5 KB 346ms
345ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/axios.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

d10f069919ff7017f9091f465bc45eb0f54dad9473ee98c22f4d964141947e6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-3546"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 easymde.min.js Show response
fantalks.io/js/ 297 KB
92 KB 347ms
345ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/easymde.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

2058454a9222b78ecf23453ead2a71060f384d7b4b8492c1342779a44ba33629

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-4a5db"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 perfect-scrollbar.min.js Show response
fantalks.io/js/dashboard/ 18 KB
5 KB 347ms
345ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/js/dashboard/perfect-scrollbar.min.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

9b237657ba86b4f520dcbe7af367b6b566b07e66385258442fd219a80d58629e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-4672"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 app.a87b30a0.css
fantalks.io/static/askme/dist/css/ 139 KB
20 KB 178ms
177ms Stylesheet
text/css 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/static/askme/dist/css/app.a87b30a0.css

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

dd3559adc36a429ae4fe87e4287affda76b85eda139c6493924c7f29444f0a34

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-22cdc"
x-frame-options: SAMEORIGIN
content-type: text/css
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 app.4948dcfb.js Show response
fantalks.io/static/askme/dist/js/ 439 KB
129 KB 347ms
345ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/static/askme/dist/js/app.4948dcfb.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

72c886a59649056895911b355fd748219ef7b233164fcd3c3d2fa716fc182007

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-6dcb5"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 chunk-vendors.7e38277a.js Show response
fantalks.io/static/askme/dist/js/ 614 KB
181 KB 347ms
346ms Script
application/javascript 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/static/askme/dist/js/chunk-vendors.7e38277a.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

53a2c3a13f53cd9a2c84d01af372ccf33b3f5517bed502fe160efe6234296d82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-996d0"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 145ms
59ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RKW9QWCY90

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/app.4948dcfb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

840a29a0fc1d0e9d83a1ace9afb76b72da80f0ea9f172335933e0aaa57a581dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:03:59 GMT

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 919 B
1 KB 203ms
53ms Script
text/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=eadcfddbc33a&h=https%3A%2F%2Ffantalks.io%2F&&l=en&o=1702141439770

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/app.4948dcfb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

c4efc93913bf9526aa1a490b13f9a5547389b33ffde97102bfa36dacee7259be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 17:03:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 17:03:59 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.net/delivery/js/ 402 KB
87 KB 142ms
39ms Script
application/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Requested by: Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/app.4948dcfb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9167386827d13a7d8c11aba215a3f729ea1a30a95fbd6d9a6dc85d896ab0f1ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:03:59 GMT
content-encoding: gzip
x-age-lb: 3350
x-77-cache: HIT
edge-control: max-age=86400
x-accel-date: 1702138089
x-77-nzt: EgwBnJIhiwH3Fg0AAAwBJRPCKAH3DgAAAA
x-accel-expires: @1702224489
x-77-age: 3364
x-cache-lb: HIT
last-modified: Thu, 07 Dec 2023 11:01:39 GMT
server: CDN77-Turbo
etag: W/"64883-60be964576ac0"
x-77-nzt-ray: cf8787271995105fff9d7465efed0235
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Sat, 09 Dec 2023 16:07:48 GMT

GET
H/1.1 200
OK apple-pay-sdk.js Show response
applepay.cdn-apple.com/jsapi/v1/ 162 KB
49 KB 179ms
39ms Script
application/javascript 2a01:b740:a30:f000::199
APPLE-AUSTIN

General

Check archive.org

Show headers Download Go to

Full URL

https://applepay.cdn-apple.com/jsapi/v1/apple-pay-sdk.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/app.4948dcfb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a01:b740:a30:f000::199 Frankfurt am Main, Germany, ASN6185 (APPLE-AUSTIN, US),

Reverse DNS

Software

Apple /

Resource Hash

afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 23:51:57 GMT
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
content-encoding: gzip
Via: http/1.1 defra1-edge-lx-003.ts.apple.com (acdn/111.14403), http/1.1 defra1-edge-bx-011.ts.apple.com (acdn/111.14403)
Age: 61922
X-Cache: hit-fresh, hit-fresh
CDNUUID: dfac6298-ebaf-446b-b3e4-1a241e59ed46-7987778818
edge-control: cache-maxage=7d
x-envoy-upstream-service-time: 6
Connection: keep-alive
Content-Length: 48790
x-xss-protection: 1; mode=block
apple-tk: false
Server: Apple
apple-seq: 0
x-conversation-id: 8a804e19-b47f-a2f5-63e7-671bc513fb63
Etag: "836f40c1160e2cc053e0fd945a62cca3--gzip"
apple-originating-system: wp-content-server-prod1-use1
vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401, stale-while-revalidate=86400
access-control-allow-credentials: false

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 120 KB
37 KB 220ms
95ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/app.4948dcfb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

358b2b96f89a7b37a78f57d830788352d480b9ae502e6f80fd1ee190876f59e5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-vzV4Uf3DTru06l9ku-Eueg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-vzV4Uf3DTru06l9ku-Eueg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 09 Dec 2023 17:03:59 GMT

GET
H2 200 en_US.json Show response
fantalks.io/static/askme/localization/ 10 KB
4 KB 86ms
85ms XHR
application/json 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/static/askme/localization/en_US.json?t=1702141439.795

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/chunk-vendors.7e38277a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

3e777116a6c73f45ceb1429f5f497dcb6529ff32ede6ada51f74bf9070b9875c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: application/json, text/plain, */*
Referer: https://fantalks.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-29a9"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 en_US.json Show response
fantalks.io/static/askme/localization/ 10 KB
4 KB 87ms
86ms XHR
application/json 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/static/askme/localization/en_US.json?t=1702141439.797

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/chunk-vendors.7e38277a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

3e777116a6c73f45ceb1429f5f497dcb6529ff32ede6ada51f74bf9070b9875c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: application/json, text/plain, */*
Referer: https://fantalks.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-29a9"
x-frame-options: SAMEORIGIN
content-type: application/json
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET addurl.php
consentmanager.mgr.consensu.org/delivery/ 0
0

GET
H2 200 Inter-Regular.woff2
fantalks.io/static/assets/fonts/inter/ 98 KB
98 KB 84ms
84ms Font
font/woff2 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fantalks.io/static/assets/fonts/inter/Inter-Regular.woff2
Requested by: Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/css/app.a87b30a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: donationalerts.mail.ru
Software: nginx /
Resource Hash: 77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de

Request headers

Referer: https://fantalks.io/static/askme/dist/css/app.a87b30a0.css
Origin: https://fantalks.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:03:59 GMT
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
etag: "6571bfa6-186f8"
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 100088
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cmp.php Show response
b.delivery.consentmanager.net/delivery/ 10 KB
4 KB 64ms
64ms Script
text/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=40973&o=1702141439&h=https%3A%2F%2Ffantalks.io%2F&&l=en&odw=0&dlt=1&l=en

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?&cdid=eadcfddbc33a&h=https%3A%2F%2Ffantalks.io%2F&&l=en&o=1702141439770

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

75c41283d9a2d6cd5e8f4f3d652969e68edb5d9a73741a8328f10c7be172b5e2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 17:04:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 09 Dec 2023 17:04:00 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 134ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RKW9QWCY90&gtm=45je3bt0v895520137&_p=1702141439769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=604971339.1702141440&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702141440&sct=1&seg=0&dl=https%3A%2F%2Ffantalks.io%2F&dt=FanTalks.io&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1371
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RKW9QWCY90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 17:04:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fantalks.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bV8xLndfNDA5NzMucl9HRFBSLmxfZW4uZF8xNTY5Ny54XzEyLnYucC50XzE1Njk3Lnh0XzEy.js Show response
cdn.consentmanager.net/delivery/customdata/ 55 KB
13 KB 45ms
45ms Script
text/javascript 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.net/delivery/customdata/bV8xLndfNDA5NzMucl9HRFBSLmxfZW4uZF8xNTY5Ny54XzEyLnYucC50XzE1Njk3Lnh0XzEy.js

Requested by

Host: b.delivery.consentmanager.net
URL: https://b.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=40973&o=1702141439&h=https%3A%2F%2Ffantalks.io%2F&&l=en&odw=0&dlt=1&l=en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

cce0c366a2aa7baf71d59a45d84f8553a7da91fc09b5dd6b4b107355b6824e0f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
x-77-cache: HIT
edge-control: public, max-age=1800
x-accel-date: 1702140070
x-xss-protection: 0
x-77-nzt: EggBnJIhiwFBDAHUZjiZAddaBQAA
x-accel-expires: @1702141870
x-77-age: 1370
x-cache-lb: MISS
last-modified: Sat, 09 Dec 2023 16:41:10 GMT
server: CDN77-Turbo
x-77-nzt-ray: cf8787271995105f009e746598d41305
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
expires: Sat, 09 Dec 2023 17:11:10 GMT

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame AC05 19 KB
8 KB 229ms
229ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Ffantalks.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

901b9f2eb77aa0f70437add3eaa5c5d2f369099a0ba7b7f8059098c190ea56ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_EfhD2cU-d_b0kVSZnTa_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fantalks.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_EfhD2cU-d_b0kVSZnTa_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 crossdomain.html Show response
cdn.consentmanager.net/delivery/ Frame 32A8 2 KB
978 B 39ms
38ms Document
text/html 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.net/delivery/crossdomain.html
Requested by: Host: cdn.consentmanager.net
URL: https://cdn.consentmanager.net/delivery/js/cmp_en.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873

Request headers

Referer: https://fantalks.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
etag: W/"83b-5e9d6aed4ad40"
last-modified: Thu, 29 Sep 2022 20:25:49 GMT
server: CDN77-Turbo
vary: Accept-Encoding
x-77-age: 3340
x-77-cache: HIT
x-77-nzt: EgwBnJIhiwH3/wwAAAwBJRPCKAH3DQAAAA
x-77-nzt-ray: cf8787271995105f009e7465648afe08
x-77-pop: frankfurtDE
x-accel-date: 1702138113
x-accel-expires: @1702141713
x-age-lb: 3327
x-cache-lb: HIT

GET
H/1.1 200
OK font.css
pc.warface.com/static/general/fonts/Roboto/ 550 B
1001 B 579ms
82ms Stylesheet
text/css 95.163.33.224
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pc.warface.com/static/general/fonts/Roboto/font.css

Requested by

Host: client
URL: about:client

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

95.163.33.224 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

wf.my.games

Software

nginx /

Resource Hash

73c390dff2abb5703c4327ba2161b0ff40ede1c8b983cb51c50d9c1c197197de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 17:04:00 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Feb 2022 15:10:58 GMT
Server: nginx
ETag: "620bc282-226"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 550
X-Cached: HIT
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

cmplogo.svg
cdn.consentmanager.net/delivery/whitelabel/
Redirect Chain

https://cdn.consentmanager.net/delivery/recall/logos/40973
https://cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg

4 KB
2 KB

39ms
39ms

Image
image/svg+xml

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg
Requested by: Host: fantalks.io
URL: https://fantalks.io/
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4fac8ac68ec0b3328e35eb3962ee1ce7ed17a3b35051b139e519748a8b844536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
x-age-lb: 89758
x-77-cache: HIT
edge-control: max-age=2592000
x-accel-date: 1702051682
x-77-nzt: EgwBnJIhiwH3nl4BAAwB1GY4EQH3DgAAAA
x-accel-expires: @1733587668
x-77-age: 89772
x-cache-lb: HIT
last-modified: Wed, 03 May 2023 16:01:17 GMT
server: CDN77-Turbo
etag: W/"104c-5facc2a822d40"
x-77-nzt-ray: cf8787271995105f009e7465530b6911
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 16:07:48 GMT

Redirect headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:04:00 GMT
x-age-lb: 29583
x-77-cache: HIT
edge-control: public, max-age=86400, max-age=2592000
x-accel-date: 1702111857
x-77-nzt: EgwBnJIhiwGzj3MAAAwB1GY4CQH3vAoAAA
x-accel-expires: @1702225092
x-77-age: 32331
x-cache-lb: EXPIRED
server: CDN77-Turbo
x-77-nzt-ray: cf8787271995105f009e74653ca7f40e
content-type: text/javascript; charset=utf-8
location: /delivery/whitelabel/cmplogo.svg
cache-control: public, max-age=86400
expires: Sun, 10 Dec 2023 16:18:12 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
404 B 57ms
57ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=40973&did=1&cfdid=26415&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=https%3A%2F%2Ffantalks.io%2F&o=1702141440224&l=EN&lv=40195&d=1&ct=14&e=&e2=&e3=&i=&sv=9&dv=12&

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 17:04:00 GMT
Last-Modified: Sat, 09 Dec 2023 17:04:00 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
b.delivery.consentmanager.net/delivery/info/ 43 B
404 B 108ms
50ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.delivery.consentmanager.net/delivery/info/?id=40973&did=1&cfdid=1&t=cv&h=https%3A%2F%2Ffantalks.io%2F&o=1702141440225&l=EN&lv=40195&d=1&ct=14&e=&e2=&e3=&i=&sv=9&dv=12&

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 Bergisch Gladbach, Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 17:04:00 GMT
Last-Modified: Sat, 09 Dec 2023 17:04:00 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Edge-Control: no-store, no-cache, must-revalidate
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmplogo.svg
cdn.consentmanager.net/delivery/whitelabel/ 4 KB
2 KB 39ms
39ms Image
image/svg+xml 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg
Requested by: Host: fantalks.io
URL: https://fantalks.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4fac8ac68ec0b3328e35eb3962ee1ce7ed17a3b35051b139e519748a8b844536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
x-age-lb: 89758
x-77-cache: HIT
edge-control: max-age=2592000
x-accel-date: 1702051682
x-77-nzt: EgwBnJIhiwH3nl4BAAwB1GY4EQH3DgAAAA
x-accel-expires: @1733587668
x-77-age: 89772
x-cache-lb: HIT
last-modified: Wed, 03 May 2023 16:01:17 GMT
server: CDN77-Turbo
etag: W/"104c-5facc2a822d40"
x-77-nzt-ray: cf8787271995105f009e74655dbb770f
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
expires: Sat, 07 Dec 2024 16:07:48 GMT

GET
H2 200 en.gif
cdn.consentmanager.net/delivery/flags/ 384 B
793 B 40ms
40ms Image
image/gif 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.net/delivery/flags/en.gif
Requested by: Host: fantalks.io
URL: https://fantalks.io/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sat, 09 Dec 2023 17:04:00 GMT
x-age-lb: 89754
x-77-cache: HIT
edge-control: max-age=2592000
x-accel-date: 1702051686
content-length: 384
x-77-nzt: EgwBnJIhiwH3ml4BAAwB1GY4CQH3EAAAAA
x-accel-expires: @1733587670
x-77-age: 89770
x-cache-lb: HIT
last-modified: Mon, 14 Jun 2021 21:37:37 GMT
server: CDN77-Turbo
etag: "180-5c4c0aa828a40"
x-77-nzt-ray: cf8787271995105f009e7465de577d0f
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 16:07:50 GMT

GET
H2 200 front Show response
fantalks.io/api/v1/env/ 1 KB
819 B 126ms
125ms XHR
application/json 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://fantalks.io/api/v1/env/front

Requested by

Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/js/chunk-vendors.7e38277a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

5a48957836b3335c43b9f8d65812b0d0db4cada28c0ed4f5a771bd053d609047

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: application/json, text/plain, */*
Referer: https://fantalks.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
content-encoding: br
server: nginx
x-frame-options: SAMEORIGIN
content-language: en_US
content-type: application/json
cache-control: no-cache, private
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame AC05 2 KB
2 KB 148ms
148ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: fantalks.io
URL: https://fantalks.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame AC05 159 KB
57 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri5Tk_cUviK_TFZC8zGC4MF4miuEw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Ffantalks.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0db8f3e594e776c5322b2c6753ed7791d36adf3669b8c94914cf00f58d200dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57524
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 07:41:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:44:31 GMT

GET
H2 200 logo_FanTalks.svg
fantalks.io/static/askme/dist/assets/images/ 7 KB
3 KB 85ms
85ms Image
image/svg+xml 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fantalks.io/static/askme/dist/assets/images/logo_FanTalks.svg

Requested by

Host: fantalks.io
URL: https://fantalks.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

donationalerts.mail.ru

Software

nginx /

Resource Hash

c591e4759f317bcafc3d0cc42e6d7396ffdc36842f30018f0c22f35d92d92e81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fantalks.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
content-encoding: br
etag: W/"6571bfa6-1de0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 Inter-Medium.woff2
fantalks.io/static/assets/fonts/inter/ 104 KB
105 KB 86ms
86ms Font
font/woff2 95.163.254.117
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fantalks.io/static/assets/fonts/inter/Inter-Medium.woff2
Requested by: Host: fantalks.io
URL: https://fantalks.io/static/askme/dist/css/app.a87b30a0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.163.254.117 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: donationalerts.mail.ru
Software: nginx /
Resource Hash: a3878d7a4119b2c2112f6cf5bb937b5ba10644b615e0ffe8bd202d68f04b5bab

Request headers

Referer: https://fantalks.io/static/askme/dist/css/app.a87b30a0.css
Origin: https://fantalks.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
last-modified: Thu, 07 Dec 2023 12:50:46 GMT
server: nginx
etag: "6571bfa6-1a0b8"
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 106680
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame AC05 73 KB
27 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjYluF8TBNoy4njgDUaR1CdPryzjg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/am=AAYx/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri5Tk_cUviK_TFZC8zGC4MF4miuEw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0efd65451f52f30cc4a6b94730d1c2ebdcb499f2b69e7084e5b0f2729229f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27213
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 21:05:04 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame AC05 1 MB
376 KB 118ms
118ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b772a30d825dd7a44dca15594e018dac2f812857d99a10664aedee0052b9d467

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ciJSPLte5AOS6yzOvMTXqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ciJSPLte5AOS6yzOvMTXqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 09 Dec 2023 17:04:00 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame AC05 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjYluF8TBNoy4njgDUaR1CdPryzjg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0cc878c64832bf392246fed84ac42feeaca1cf118a444ca535ef4bb3448b250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3730
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:44:31 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6y... Frame AC05 37 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.QQWti-OhN_U.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi._G0q6yEG8Cs.L.B1.O/am=AAYx/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjYluF8TBNoy4njgDUaR1CdPryzjg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdfaded3cad56f34e1499ceb8b84290ecd7797d6761f1c4554be10b64b531636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 06:38:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 17:44:31 GMT

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 155ms
74ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 143ms
46ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 153ms
73ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 143ms
47ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 152ms
72ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 141ms
47ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 154ms
74ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 141ms
47ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 154ms
74ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 140ms
48ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame AC05 131 B
155 B 153ms
74ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 09 Dec 2023 17:04:00 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 17:04:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 139ms
48ms Preflight
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 09 Dec 2023 17:04:00 GMT
expires: Sat, 09 Dec 2023 17:04:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H/1.1 200
OK Roboto-Regular.woff2
wf.cdn.gmru.net/static/general/fonts/Roboto/ 65 KB
65 KB 380ms
152ms Font
application/octet-stream 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/Roboto/Roboto-Regular.woff2

Requested by

Host: pc.warface.com
URL: https://pc.warface.com/static/general/fonts/Roboto/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

3dfef93487e319eb52cba7d47dfc72aa51d2be6d2ad59b7fc91559dd39e16e64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pc.warface.com/static/general/fonts/Roboto/font.css
Origin: https://fantalks.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 17:04:01 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Feb 2022 14:54:55 GMT
Server: nginx
ETag: "620bbebf-10210"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 66064
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED:prod

GET
H/1.1 200
OK Roboto-Medium.woff2
wf.cdn.gmru.net/static/general/fonts/Roboto/ 65 KB
66 KB 403ms
166ms Font
application/octet-stream 195.211.131.165
NIVAL-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wf.cdn.gmru.net/static/general/fonts/Roboto/Roboto-Medium.woff2

Requested by

Host: pc.warface.com
URL: https://pc.warface.com/static/general/fonts/Roboto/font.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.211.131.165 , Russian Federation, ASN21051 (NIVAL-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

69e854863c4de393d91378de923ee7611cb891e3876aa1540393f1c3063ffef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pc.warface.com/static/general/fonts/Roboto/font.css
Origin: https://fantalks.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 17:04:01 GMT
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Feb 2022 14:54:55 GMT
Server: nginx
ETag: "620bbebf-104c0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 66752
X-XSS-Protection: 1; mode=block
X-Cached: EXPIRED:prod

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/addurl.php?id=40973&h=https%3A%2F%2Ffantalks.io%2F

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RKW9QWCY90&gtm=45je3bt0v895520137&_p=1702141439769&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=604971339.1702141440&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702141440&sct=1&seg=0&dl=https%3A%2F%2Ffantalks.io%2F&dt=FanTalks.io&en=scroll&epn.percent_scrolled=90&_et=5&tfd=6377

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fantalks.io/	1970-01-21 02:17:49	Name: __cmpcc Value: 1
.google.com/	1970-01-20 21:12:32	Name: NID Value: 511=bj-9FEUpvx1PikNiET9kGH2v-s3KqU3BIBjADqTiRS7qDiramFFr1jP6tpBF0Ka-dYl6pCGO5IMZOzhjWQQSdKdHkQ8rk4m4j30h13vSGCQRBM9pW6WHdSVvmyCIuvwRBNbW5lqUVr2PjEloHGTa4EksLJVs7ZDMoRj6saQcgDc
.fantalks.io/	1970-01-21 02:25:01	Name: _ga Value: GA1.1.604971339.1702141440
.fantalks.io/	1970-01-21 02:25:01	Name: _ga_RKW9QWCY90 Value: GS1.1.1702141440.1.0.1702141440.0.0.0
b.delivery.consentmanager.net/	1970-01-20 16:49:01	Name: __cmpcc Value: 2
.fantalks.io/	1970-01-20 17:09:11	Name: __cmpcccx40973 Value: aBP2jiwCAAgAzADAAuA4kCwIAIwYgA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://consentmanager.mgr.consensu.org/delivery/addurl.php?id=40973&h=https%3A%2F%2Ffantalks.io%2F Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

applepay.cdn-apple.com
b.delivery.consentmanager.net
cdn.consentmanager.net
consentmanager.mgr.consensu.org
fantalks.io
pay.google.com
pc.warface.com
play.google.com
region1.google-analytics.com
wf.cdn.gmru.net
www.googletagmanager.com
www.gstatic.com
consentmanager.mgr.consensu.org
region1.google-analytics.com
195.211.131.165
2001:4860:4802:32::36
2a00:1450:4001:800::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2008
2a00:1450:400c:c0c::5c
2a01:b740:a30:f000::199
2a02:6ea0:c700::18
87.230.98.74
95.163.254.117
95.163.33.224
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
2058454a9222b78ecf23453ead2a71060f384d7b4b8492c1342779a44ba33629
205ed165bdc90d24b89470f936740588fbcf7d213aab3c8a8576a800bbc41fb5
2b15114adb679270e25e0d47ca2d8ee278701c0a23d815ebcbbd0a4630211873
2e1bb04b9a8baa2001eed6bd5b85ef89f0e560dc7d2135ae7cbc2479875c489d
358b2b96f89a7b37a78f57d830788352d480b9ae502e6f80fd1ee190876f59e5
3715323c282a8c211a3f828214481e5c8406e491805aa754c6ecc28cc388593e
3dfef93487e319eb52cba7d47dfc72aa51d2be6d2ad59b7fc91559dd39e16e64
3e777116a6c73f45ceb1429f5f497dcb6529ff32ede6ada51f74bf9070b9875c
4fac8ac68ec0b3328e35eb3962ee1ce7ed17a3b35051b139e519748a8b844536
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53a2c3a13f53cd9a2c84d01af372ccf33b3f5517bed502fe160efe6234296d82
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a48957836b3335c43b9f8d65812b0d0db4cada28c0ed4f5a771bd053d609047
69e854863c4de393d91378de923ee7611cb891e3876aa1540393f1c3063ffef9
728062087f2403eca7c071d6e20ee3d0f668e12ecbfd36c2bb89e561c197ab91
72c886a59649056895911b355fd748219ef7b233164fcd3c3d2fa716fc182007
73c390dff2abb5703c4327ba2161b0ff40ede1c8b983cb51c50d9c1c197197de
75c41283d9a2d6cd5e8f4f3d652969e68edb5d9a73741a8328f10c7be172b5e2
77677cd3d62f53fce403b743c6ab0dfacf6109cfa5f2c511a57b0779222c76de
840a29a0fc1d0e9d83a1ace9afb76b72da80f0ea9f172335933e0aaa57a581dd
901b9f2eb77aa0f70437add3eaa5c5d2f369099a0ba7b7f8059098c190ea56ed
9167386827d13a7d8c11aba215a3f729ea1a30a95fbd6d9a6dc85d896ab0f1ed
9b237657ba86b4f520dcbe7af367b6b566b07e66385258442fd219a80d58629e
a0cc878c64832bf392246fed84ac42feeaca1cf118a444ca535ef4bb3448b250
a0db8f3e594e776c5322b2c6753ed7791d36adf3669b8c94914cf00f58d200dd
a0efd65451f52f30cc4a6b94730d1c2ebdcb499f2b69e7084e5b0f2729229f79
a3878d7a4119b2c2112f6cf5bb937b5ba10644b615e0ffe8bd202d68f04b5bab
afd584eb5736dd0208473226960ee2d03ca960465d28b21bf9e3a610c70899e5
b772a30d825dd7a44dca15594e018dac2f812857d99a10664aedee0052b9d467
c4efc93913bf9526aa1a490b13f9a5547389b33ffde97102bfa36dacee7259be
c591e4759f317bcafc3d0cc42e6d7396ffdc36842f30018f0c22f35d92d92e81
cce0c366a2aa7baf71d59a45d84f8553a7da91fc09b5dd6b4b107355b6824e0f
cdfaded3cad56f34e1499ceb8b84290ecd7797d6761f1c4554be10b64b531636
d10f069919ff7017f9091f465bc45eb0f54dad9473ee98c22f4d964141947e6e
d5b2dbd8ceda59840b352b864e3410776bb5424551e5efcde018d7b4505d49a1
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dd3559adc36a429ae4fe87e4287affda76b85eda139c6493924c7f29444f0a34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

fantalks.io Open in urlscan Pro 95.163.254.117 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

64 %IPv6

10 Domains

12 Subdomains

12 IPs

4 Countries

1620 kBTransfer

4664 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fantalks.io Open in urlscan Pro
95.163.254.117 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

64 %
IPv6

10
Domains

12
Subdomains

12
IPs

4
Countries

1620 kB
Transfer

4664 kB
Size

6
Cookies

57 HTTP transactions
0 data transactions