gtauploads.rf.gd Open in urlscan Pro
185.27.134.176 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gtauploads.rf.gd/
Effective URL:
https://gtauploads.rf.gd/?i=1
Submission: On June 29 via api (June 29th 2024, 2:25:09 am UTC) from US — Scanned from GB

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 72 HTTP transactions. The main IP is 185.27.134.176, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is gtauploads.rf.gd.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 13th 2024. Valid for: 3 months.

This is the only time gtauploads.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	185.27.134.176 185.27.134.176	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	23.212.200.80 23.212.200.80	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
72	12

20 185.27.134.176 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

gtauploads.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.212.200.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-200-80.deploy.static.akamaitechnologies.com

prod.cloud.rockstargames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	tawk.to embed.tawk.to — Cisco Umbrella Rank: 10606 va.tawk.to — Cisco Umbrella Rank: 10115	265 KB
20	rf.gd gtauploads.rf.gd	2 MB
12	rockstargames.com prod.cloud.rockstargames.com — Cisco Umbrella Rank: 36412	579 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	187 KB
3	gstatic.com fonts.gstatic.com	24 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1008	6 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	41 KB
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 96
72	9

	Domain	Requested by
20	embed.tawk.to	gtauploads.rf.gd embed.tawk.to
20	gtauploads.rf.gd	gtauploads.rf.gd
12	prod.cloud.rockstargames.com	gtauploads.rf.gd
5	va.tawk.to	embed.tawk.to
5	ka-f.fontawesome.com	kit.fontawesome.com gtauploads.rf.gd
3	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	1 redirects gtauploads.rf.gd
2	fonts.googleapis.com	gtauploads.rf.gd
1	cdn.jsdelivr.net	embed.tawk.to
1	www.youtube.com	gtauploads.rf.gd
1	kit.fontawesome.com	gtauploads.rf.gd
72	11

This site contains links to these domains. Also see Links.

Domain
socialclub.rockstargames.com

Subject Issuer	Validity	Valid
gtauploads.rf.gd ZeroSSL RSA Domain Secure Site CA	`2024-05-13` - `2024-08-11`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
prod.cloud.rockstargames.com Entrust Certification Authority - L1K	`2023-08-22` - `2024-09-22`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
tawk.to GTS CA 1P5	`2024-05-26` - `2024-08-24`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://gtauploads.rf.gd/?i=1
Frame ID: F982218DB24D98F85D5E4230F40506C8
Requests: 65 HTTP requests in this frame

Frame: https://www.youtube.com/embed/glwh6LaQ2sY
Frame ID: A5C64A6DFEA14224FA52CE78A6254442
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66790c3897f/css/min-widget.css
Frame ID: 99BEC837CA1241EF8C2D1E01B7059496
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66790c3897f/css/bubble-widget.css
Frame ID: 661BB6961F23EEAC483B3D05D2CEB303
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66790c3897f/css/message-preview.css
Frame ID: 5AAC530DEEBFAC93BE9BB94743D446A9
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/66790c3897f/css/max-widget.css
Frame ID: A6EE197C2754469C73EFB5D96959B36F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GTA Uploads - Home

Page URL History Show full URLs

http://gtauploads.rf.gd/ HTTP 307
https://gtauploads.rf.gd/ Page URL
https://gtauploads.rf.gd/?i=1 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

72
Requests

97 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

2715 kB
Transfer

4780 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://socialclub.rockstargames.com/crew/ililililililililillx/emblems
Title: See our uploads

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gtauploads.rf.gd/ HTTP 307
https://gtauploads.rf.gd/ Page URL
https://gtauploads.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gtauploads.rf.gd/ HTTP 307
https://gtauploads.rf.gd/

Request Chain 8

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
gtauploads.rf.gd/
Redirect Chain

http://gtauploads.rf.gd/
https://gtauploads.rf.gd/

828 B
688 B

720ms
131ms

Document
text/html

185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0251a5af6eafb77818ce68b2be40039cc24297cc72611afae068cc3f824e1a17

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html
Date: Sat, 29 Jun 2024 02:25:02 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Location: https://gtauploads.rf.gd/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK aes.js Show response
gtauploads.rf.gd/ 13 KB
5 KB 39ms
38ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/aes.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Sun, 15 Oct 2023 16:50:53 GMT
Server: nginx
ETag: W/"652c186d-35a5"
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: keep-alive

GET
H/1.1 200
OK Primary Request / Show response
gtauploads.rf.gd/ 11 KB
4 KB 62ms
62ms Document
text/html 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/?i=1
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: d64367e22d26c2b42d8433c5fa933ec1246376b40362f737a2aaf5e55e72b074

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://gtauploads.rf.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: br
Content-Type: text/html; charset=UTF-8
Date: Sat, 29 Jun 2024 02:25:02 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
962 B 242ms
66ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jun 2024 02:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 01:49:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jun 2024 02:25:03 GMT

GET
H/1.1 200
OK bootstrap.min.css
gtauploads.rf.gd/vendor/bootstrap/css/ 190 KB
24 KB 60ms
44ms Stylesheet
text/css 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:40 GMT
Server: nginx
ETag: W/"2f88b-5f91e58efd100"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK fontawesome.css
gtauploads.rf.gd/assets/css/ 114 KB
18 KB 122ms
42ms Stylesheet
text/css 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/css/fontawesome.css
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 17cf96bdd57464d0d67f030c3acc0898f8921677f3d413ea03b3674d8ece3a17

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:12:44 GMT
Server: nginx
ETag: W/"1c693-5f91e55995300"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK template4.css
gtauploads.rf.gd/assets/css/ 34 KB
6 KB 167ms
40ms Stylesheet
text/css 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/css/template4.css
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 59ba19245f5544fe70187d0d94f2ba148ede6bcd2f79c044f4e326a3dc7b44bb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Mon, 28 Aug 2023 20:29:27 GMT
Server: nginx
ETag: W/"87be-604018cfaf7c0"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK owl.css
gtauploads.rf.gd/assets/css/ 5 KB
2 KB 192ms
52ms Stylesheet
text/css 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/css/owl.css
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: bd72e6b7ad63bac5af484333c93f4bf952b002e4264dc3a7157fe21bfa0a2072

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:12:44 GMT
Server: nginx
ETag: W/"1287-5f91e55995300"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK animate.css
gtauploads.rf.gd/assets/css/ 57 KB
4 KB 208ms
65ms Stylesheet
text/css 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/css/animate.css
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:12:42 GMT
Server: nginx
ETag: W/"e283-5f91e557ace80"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
6 KB

44ms
44ms

Stylesheet
text/css

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://gtauploads.rf.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 29 Jun 2024 02:25:03 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3644017
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HY49RA74PB4WNQ3ZHCKBDSAR-lhr
server: cloudflare
etag: "3ccb-5Koe10fACH1gYqRziowpfORPwas"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 89b276bd790c957d-LHR

Redirect headers

date: Sat, 29 Jun 2024 02:25:03 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J1GWMHJ43AJ6ENZ04GH26Q40-lhr
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 339
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 89b276bd28d1957d-LHR

GET
H2 200 97c7e13229.js Show response
kit.fontawesome.com/ 12 KB
5 KB 568ms
422ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/97c7e13229.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fb1f042bb4212689921ca0c2fa2cf486e03aca4bc3bfba99729a2114ca1d9f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:03 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 89b276bd2dc24595-LHR
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F91Yd7UZJubmzr8MJqlC

GET
H/1.1 200
OK sitelogo.png
gtauploads.rf.gd/assets/images/ 142 KB
143 KB 199ms
57ms Image
image/png 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtauploads.rf.gd/assets/images/sitelogo.png
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c03fcb90888e96189ba51d978b1dd8a5066fb7b70a43ad75127d656d4c381cc1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Last-Modified: Wed, 12 Apr 2023 07:12:59 GMT
Server: nginx
ETag: "2397d-5f91e567e34c0"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 145789
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK favicon.png
gtauploads.rf.gd/assets/images/ 108 KB
109 KB 138ms
74ms Image
image/png 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtauploads.rf.gd/assets/images/favicon.png
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0b75fe1985e13aee2e46fa1fd4d50ec67b98ec5803ce2d8d071bd1b96f20ff39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Last-Modified: Wed, 12 Apr 2023 07:12:51 GMT
Server: nginx
ETag: "1b187-5f91e560422c0"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110983
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET
H/1.1 200
OK 7f1949b1227fa6eb13ca1882ffdcfd7f6374dffd_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 35 KB
35 KB 724ms
515ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/7f1949b1227fa6eb13ca1882ffdcfd7f6374dffd_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

7e659afb9310e15297bac7e92de518d21cc693e7f769e233636275d909354dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2023 07:48:41 GMT
ETag: "638164505219110000"
Content-Type: image/png
Cache-Control: public, max-age=800
Connection: keep-alive
Content-Length: 35342

GET
H/1.1 200
OK aa63191bb1c3909081bdcd9c9a217a4815652a3b_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 22 KB
22 KB 387ms
179ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/aa63191bb1c3909081bdcd9c9a217a4815652a3b_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

f73e718d1cc0097fb4a5bed2315846368490139ba66002758d60e77eec321ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2023 05:58:54 GMT
ETag: "638164439341000000"
Content-Type: image/png
Cache-Control: public, max-age=879
Connection: keep-alive
Content-Length: 22334

GET
H/1.1 200
OK f11ecf01ca7f144593692f75b8889d2ad82856d0_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 35 KB
36 KB 410ms
302ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/f11ecf01ca7f144593692f75b8889d2ad82856d0_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

142e1e954ebdaf3a3e1c1df4f049020fc3c967ffca1e795cedfe388699ac1e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2023 01:26:59 GMT
ETag: "638164276190840000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 36212

GET
H/1.1 200
OK b3a3d53a6c8fcf49af9b0acd38cda9139927f88a_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 91 KB
91 KB 409ms
266ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/b3a3d53a6c8fcf49af9b0acd38cda9139927f88a_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

805ba57045187003767ae2dd987fa0b9158bdfbee3a4c0a5b91e9c77d52b8255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 05 Apr 2023 03:36:46 GMT
ETag: "638162626061830000"
Content-Type: image/png
Cache-Control: public, max-age=874
Connection: keep-alive
Content-Length: 92838

GET
H/1.1 200
OK ab7f6a58f89a5919cbdd62500aa67dc2a4707ec9_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 93 KB
94 KB 399ms
257ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ab7f6a58f89a5919cbdd62500aa67dc2a4707ec9_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

99ec996166408bbe489b788777cded4aab1eee19fb67d088a4047dda77e28581

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 03 Jan 2023 20:30:42 GMT
ETag: "638083746428460000"
Content-Type: image/png
Cache-Control: public, max-age=847
Connection: keep-alive
Content-Length: 95606

GET
H/1.1 200
OK cbf5f9caa46b36aff0dd7554dd6c2cb83011745f_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 52 KB
52 KB 356ms
249ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/cbf5f9caa46b36aff0dd7554dd6c2cb83011745f_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d9c7105169d516fbe56f54a58d4aa2578f74343c90d7a5f52f1b0853d5cd00d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 06 Jan 2023 12:59:34 GMT
ETag: "638086067742580000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 52895

GET
H/1.1 200
OK 6931634915a77a491a9ce4d63b097c75894d9d88_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 34 KB
34 KB 488ms
181ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/6931634915a77a491a9ce4d63b097c75894d9d88_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

dff3709ffb18287f1e0ce9adadc377d485eea2f48339369074f0f3bbd4fab683

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 08 Jan 2023 12:15:18 GMT
ETag: "638087769189870000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 34494

GET
H/1.1 200
OK 0aac4ad0be3f99e791d6f1e6cc6cfe311bf75e78_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 35 KB
35 KB 149ms
148ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/0aac4ad0be3f99e791d6f1e6cc6cfe311bf75e78_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

6c18fe8237a9f7d44a05f33c9dd5006d7e178b33a3cef7de25564397c702c968

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 08 Jan 2023 21:09:25 GMT
ETag: "638088089658330000"
Content-Type: image/png
Cache-Control: public, max-age=898
Connection: keep-alive
Content-Length: 36044

GET
H/1.1 200
OK 4af943a230bdf106d6ba407b84a42dbc762930f0_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 28 KB
28 KB 337ms
337ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/4af943a230bdf106d6ba407b84a42dbc762930f0_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

4fd59111c56f423bac787333a53a6a0f36783ff249f8a2ac99f5c00696f21d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2023 01:09:31 GMT
ETag: "638164265715520000"
Content-Type: image/png
Cache-Control: public, max-age=883
Connection: keep-alive
Content-Length: 28250

GET
H/1.1 200
OK 18e8d705d5255c68576430c3852f8a5bf252ec41_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 23 KB
24 KB 146ms
146ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/18e8d705d5255c68576430c3852f8a5bf252ec41_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

eaddaf75cec85cb889dafd8d08ca234dafc71766f3454b34f0dd6eb24c6219a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2023 05:48:44 GMT
ETag: "638164433244490000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 24063

GET
H/1.1 200
OK 213bc2f57765da6d8a91d3086297fd57d4cb1538_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 39 KB
39 KB 191ms
190ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/213bc2f57765da6d8a91d3086297fd57d4cb1538_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

5c7a91890742f274c1ce697003f39dc4bb66dd61c85581e204ab4ce699f537fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 08 Jan 2023 17:51:51 GMT
ETag: "638087971119310000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 39703

GET
H/1.1 200
OK d6c650e7f45bfb039f5acd216f1f5d2f489b9184_512.png
prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/ 90 KB
90 KB 144ms
144ms Image
image/png 23.212.200.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod.cloud.rockstargames.com/crews/sc/1446/67242174/publish/emblems/d6c650e7f45bfb039f5acd216f1f5d2f489b9184_512.png

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.212.200.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-200-80.deploy.static.akamaitechnologies.com

Software

Resource Hash

86a5e9b830426daf5c5c29d0bccbfaacbd0e57b384f566dbb9524af92eeaad27

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:04 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 10 Apr 2023 06:59:14 GMT
ETag: "638167067548980000"
Content-Type: image/png
Cache-Control: public, max-age=900
Connection: keep-alive
Content-Length: 91998

GET
H/1.1 200
OK jquery.min.js Show response
gtauploads.rf.gd/vendor/jquery/ 85 KB
29 KB 52ms
50ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/vendor/jquery/jquery.min.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:37 GMT
Server: nginx
ETag: W/"1538e-5f91e58c20a40"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
gtauploads.rf.gd/vendor/bootstrap/js/ 59 KB
15 KB 52ms
50ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:41 GMT
Server: nginx
ETag: W/"eac8-5f91e58ff1340"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK isotope.min.js Show response
gtauploads.rf.gd/assets/js/ 117 KB
37 KB 78ms
76ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/js/isotope.min.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1522ff2d1fe63764ed279743eafd491d3e6e143a1ea7c4a20ccb7cf5f3be4754

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:04 GMT
Server: nginx
ETag: W/"1d4af-5f91e56ca8000"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK owl-carousel.js Show response
gtauploads.rf.gd/assets/js/ 88 KB
19 KB 62ms
59ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/js/owl-carousel.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c48789f1b49bf24638fab122ee8b340f7526e3194ceee9df00540e1f6e50a08b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:06 GMT
Server: nginx
ETag: W/"15f87-5f91e56e90480"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK tabs.js Show response
gtauploads.rf.gd/assets/js/ 458 KB
102 KB 68ms
65ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/js/tabs.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:07 GMT
Server: nginx
ETag: W/"7296c-5f91e56f846c0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK popup.js Show response
gtauploads.rf.gd/assets/js/ 1 KB
830 B 93ms
90ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/js/popup.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 95b7f1cb96824cadf8341a6e88ee8b69ce8cb4f531b4cb68993264a68e0cd970

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:05 GMT
Server: nginx
ETag: W/"403-5f91e56d9c240"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK custom.js Show response
gtauploads.rf.gd/assets/js/ 7 KB
2 KB 41ms
40ms Script
application/javascript 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/js/custom.js
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a62a19c3c7f665e1b161f32a911ab662f78021feacda4b13ebf9470dda360dec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Content-Encoding: br
Last-Modified: Wed, 12 Apr 2023 07:13:03 GMT
Server: nginx
ETag: W/"1b4f-5f91e56bb3dc0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
614 B 73ms
67ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/assets/css/template4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jun 2024 02:25:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jun 2024 01:53:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jun 2024 02:25:03 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
22 KB 408ms
282ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=97c7e13229
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/97c7e13229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
content-encoding: gzip
via: 1.1 532ff8019b690b232af4903307ca5eb4.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtGBpCIC%2FZJjh4Lw0j33pQCR3qtNLZW9NLj2cDY4tRIV18rDI1qSV%2B%2FF3z2R1qibWW3FZr2Ggrmu2WUKuXDQubCYzBVs41VLG7vtOt6xfEEZ8I1tlNvdd8nvWUyxJ3hzn9AJlBMAtQTR2AFtPMsTsryYYA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89b276c09c2a06d5-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: F3B9KSQvWRE18M1vTBB2VuPDNAnKtahYu7npiXr71B0Dkyvfgw7q8Q==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 418ms
293ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=97c7e13229
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/97c7e13229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
content-encoding: gzip
via: 1.1 04bd924a346a4c275fc7e49401769a76.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMbv6tD9Yia%2F1eyolhSDKg3zQL%2FQQoHroIMAAtWh%2Bj2VjX7BBuX4hVu1Da2fsNtQCtWNRp5zJTspryvdKESWwMjlDk%2BxnuWJUs2lXq%2Bo%2B7bc6h8UCyOtNtC%2FYE8fqbctehNXjzVqgjoAGvmFkqP%2BVyZIBg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89b276c09c2806d5-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: syl_5zz50QfeH2KPRFrbCmXz925I8NrlwOeoU1sl6H5d7yU144_Fdg==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
720 B 419ms
294ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=97c7e13229
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/97c7e13229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
via: 1.1 b25a88361ae631ab0435a1c107ccf948.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIyxZIKpFfZfBtrGXTFogEP893OgrkWadkSwsrTsGdy7uHtJrir3okPTShT51wHgVI%2Bpokr64vgq2clKEze5udYFMdbm%2BOWGYC%2Fs9a2l7odCKTbObq6HcKYUIfbyBHGmfMJIdaWHI8bHn4yaikA%2FsEPOVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89b276c09c2906d5-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: LIfvlTo2OAPSWnRwWd9YUv4kkECvZn6z6qiRLcJmqTCr0AHOqLXb6g==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 406ms
281ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=97c7e13229
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/97c7e13229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
content-encoding: gzip
via: 1.1 e796c5445fd556ff95d7706e2218b4bc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YsC4ZuR7ywXkM8VSQ5khwojXHlN%2FbPRlCevhvioOzbjHJqZO%2Fnd5XczmVxuVq1WFD1eVqvIwyg9zUNsaVErwD5V3ZnKToPwftCgT8%2FuJXL40lnGaTGYqQJLmRHRy7x%2BuGDYmMxds7LS8HBAoUQ80NlTPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89b276c09c2606d5-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vn7tyjxeRnjxtonC1RIBWwCy7rxeJnAtqd3YRpLIQY8wV22YCk4LyA==

GET
H3 200 1gth7kpse Show response
embed.tawk.to/6431c95131ebfa0fe7f73b83/ 2 KB
1 KB 761ms
430ms Script
application/x-javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3c1e8ec0f84ccc517a48c5feaddfbceacb16b99c189cccb8bc154456a33b532

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"stable-v4-66790c3897f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FN%2BoiS2gee3keblXWbx61bKKtp0Ppot2LmE5jF2ckKM7KN3CJIMN6K1jBOFK7HJMY7Aw%2FRtRPocyEZ5PzMNtrOeXQh22guAId3XkNpN7zU4m8YVOKLpFP4VNFwkjb70t7hicLFIefgwglVuA"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 89b276c26b7b9485-LHR
alt-svc: h3=":443"; ma=86400

GET
H2 200 glwh6LaQ2sY
www.youtube.com/embed/ Frame A5C6 0
0 402ms
253ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/glwh6LaQ2sY

Requested by

Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://gtauploads.rf.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jun 2024 02:25:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK banner.jpg
gtauploads.rf.gd/assets/images/ 969 KB
970 KB 77ms
48ms Image
image/jpeg 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtauploads.rf.gd/assets/images/banner.jpg
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/assets/css/template4.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 20d7799bac10e3c8256d7b56a1dfc91a74f907e7d98244dc02e9c27ff6178661

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/assets/css/template4.css
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Last-Modified: Wed, 12 Apr 2023 07:36:17 GMT
Server: nginx
ETag: "f25c0-5f91ea9d1fe40"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 992704
Expires: Mon, 29 Jul 2024 02:25:03 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
gtauploads.rf.gd/assets/webfonts/ 122 KB
122 KB 105ms
77ms Font
application/octet-stream 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/webfonts/fa-solid-900.woff2
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/assets/css/fontawesome.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/assets/css/fontawesome.css
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:03 GMT
Last-Modified: Wed, 12 Apr 2023 07:13:13 GMT
Server: nginx
ETag: "1e888-5f91e5753d440"
Cache-Control: max-age=0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 125064
Expires: Sat, 29 Jun 2024 02:25:03 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 443ms
55ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 16:21:03 GMT
x-content-type-options: nosniff
age: 122641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 16:21:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 445ms
58ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 18:57:16 GMT
x-content-type-options: nosniff
age: 113268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 18:57:16 GMT

GET
H2 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 443ms
56ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 14:48:51 GMT
x-content-type-options: nosniff
age: 300973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7840
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 14:48:51 GMT

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 153 KB
154 KB 42ms
41ms Font
font/woff2 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
Requested by: Host: gtauploads.rf.gd
URL: https://gtauploads.rf.gd/?i=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:04 GMT
via: 1.1 6699805b9870134f60ff76c262d76a02.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: LHR5-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "ae015e3286ef56a0daf8e83838a32a88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGhxpOYHQhpbtshHY8hXN%2B4yovx6tNFzPHSdPPzwM5yw3W2fnWIBbWnhsD3bCwaryNhjdmIzZJSQh8fLZc%2FWFHaU3TULN71tpBuHA3Av2RYpXC3LxwhwOIfxT1bTs0mtM2FsSqLf22luyB6RS2mQqBoblw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 89b276c28a22950b-LHR
access-control-allow-headers: fa-kit-token
x-amz-cf-id: RBPQ4lJ5TdAPUIY4o5acllQoZYXD4Wnoc0gjFV1qLK8lNamOyagItQ==

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 121 B
624 B 139ms
138ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jPDQRZcnW9%2FUxE1cD6ooMyGUj4oEw3BoSkOPY9hfWqBSpN364II5rn0KUp4%2Buhxb1S3FjGgAK56uqqpBY7tmWa3Ylh9Jfj%2F48lTcIgs49UjyzosVd%2BAszRHwIEbiOANElnAycmPHppWjYswL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df2c9485-LHR

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 81 KB
32 KB 392ms
392ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOyXMSFD73Cyjfb9p8OcnAvoRC%2Fb2XuFVykglaxLHfjfPZmjRWA9WVEEFuS%2BXFxqbe%2FhH0mWfLHDqOjqsD3FQDstqw1G4UO3Xxs9NO4kpojP%2FN6xTfVEOfMY1c8HIO0cvYS4mi%2BNRVMVfC9d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df2d9485-LHR

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 212 KB
72 KB 422ms
421ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"77a40166698f808a0942865537165b0f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hYTzFuCPVJ%2FPacshPQ%2FIghPhi0Lfsl5USyWmDrFai67MuGPVUXcRi2qeI9qjko2hN6fBS3XKUzWiNxHsPfDbGfe8gXdIvJ64jyJvWRDbWI170LdUAFt79j4%2FaHPO6DZSH80TytnpFRjmgxMt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df2e9485-LHR

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 222 KB
62 KB 422ms
422ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52c76e747bc14d7df230fc3da2056540505edf34b46a1f53bff00a84c5ca010

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"60317e95d4cbae0fed3d4cd032f5d3ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KZRx2K5e3ht42JzDo2WMJAGcgzqhyoXVPj0KIk0TdTa1jJTOwF5VrwGBQ4L0MHufdakNX4AnwCqOrxNuMHpNK9geuGjcYPt0wiifU1VLYXpKv453ntM3Km6mRUmtpVzUo7N6lkiYderd%2Fixz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df2f9485-LHR

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 2 KB
2 KB 145ms
144ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe226ca4f540d211739777a6a611418343ed128bd4099bd43f2f5d7dd430a0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"7d6ff61c2627902f3651287fda10cf22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nYbebmNabcovmPVxdkcHL9dr5qa1%2FQNe4ArqP3rBlwONZ2ppEXIcpHLE9p%2FZUT1zTiV5Ut0bo%2Foc2L3B7qTOTXvyEyJAeKU4yYCL3A1l5n7xj5Xltxl7y%2F51iFLE2fMRhHu9x6PTxiXTdJck"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df319485-LHR

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 151 B
647 B 139ms
138ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/6431c95131ebfa0fe7f73b83/1gth7kpse

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Origin: https://gtauploads.rf.gd
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:12 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z92x3HvtLSF%2Fq%2FXZlUtI7cZnM3seD0Z8R70K2vzxTHMPRuRnrO%2Bp0RhHnK2d5VPL8h%2Bw1iQ1rIc1gEQclsK3oTKDNwCdTrC5D12BQpW22pOvkPriLMb4IemXdxnlPylVDc3JTqb0dnRqI7KQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276c7df329485-LHR

GET
H/1.1 200
OK favicon.png
gtauploads.rf.gd/assets/images/ 108 KB
0 0ms
0ms Other
image/png 185.27.134.176
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: https://gtauploads.rf.gd/assets/images/favicon.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.27.134.176 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 0b75fe1985e13aee2e46fa1fd4d50ec67b98ec5803ce2d8d071bd1b96f20ff39

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/?i=1
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 29 Jun 2024 02:25:02 GMT
Last-Modified: Wed, 12 Apr 2023 07:12:51 GMT
Server: nginx
ETag: "1b187-5f91e560422c0"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Accept-Ranges: bytes
Content-Length: 110983
Expires: Mon, 29 Jul 2024 02:25:02 GMT

GET favicon.png
gtauploads.rf.gd/assets/images/ 0
0

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 154ms
144ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=6431c95131ebfa0fe7f73b83&widgetId=1gth7kpse&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae6c3f57de7100e460f00f40b38970ef32f8a7dad0af252742d5311dc7cbc576

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-7bjg.c.secret-cipher-301.internal
server: cloudflare
etag: W/"2-12-0"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnZKivTe7rLdQm42h6njWBCPdGbmxyvg4GIlqerwS3X53y97Lx%2BhfKV6DFXb%2B6qQS9zxN6MtVM2UU4XTGNj5FROOlycIFEUwSlG0XUNPJrvzV28BR4nA5sX0wBXc3ZP0rYSw8CUm6z8U"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=7200, s-maxage=1800
vary: Accept-Encoding
cf-ray: 89b276cb59ab9485-LHR
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 359ms
251ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab40dc7dbe3cfdae4d3edc43a1a903fb139cb5fed4fe9c145b606ede8a8a7896

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-6rdz.c.secret-cipher-301.internal
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://gtauploads.rf.gd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1pt7dKj35eufg2d5QYG2e4h5Vx4mcvowNckoG8GDGOAg%2BGC%2F1E283ZjreONgyLx%2FtRDSoB1HYmy3sjvncudNlFJvll%2F4gaSaWb3HQtAu6OPm%2Bv%2BGWhwv9C97E4c8WuMan5YzccQI8eC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 89b276cce9ae93f8-LHR
access-control-allow-headers: content-type,x-tawk-token

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 140ms
140ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gtauploads.rf.gd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gtauploads.rf.gd
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 89b276cb59ac9485-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jun 2024 02:25:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRB54gUFyzbhrEXbmdPR9k0OJ5b9oNE0WkAl4sh1PGsNybzDhzHFMI6NIiq3vF%2FEjImVELrAi8QIL7fhOqzyDqacMv730rj%2B1UwRTQrNlHixjTi1%2BC1NWFMTqLUQM2SuzzGKqnUAjYn3"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-gz8m.c.secret-cipher-301.internal

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/languages/ 17 KB
5 KB 161ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417986
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"2fea0481da1baa4eac07e95e0f9af8a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ih1rYhnYiUX1EN6clYHjsVucI6fqdhsl%2BajBveuGRaPt69QA6RNJxBYvHeaR0AXLnLfmOpP3W7m8cwUF32mxbqUOe%2Fruq%2FRthIA9HRiFaMYOjg82rm4qU5rtVaPF0JYfykJ2I%2F9Y9nSlF%2Fs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276cd0f43887a-LHR

GET
H3 200 twk-chunk-bf24a88e.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 10 KB
4 KB 39ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-bf24a88e.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417984
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"c96127c9a0429d69fecbeb73fd410443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3HMRwn0cOSkxKBm0EljBwfc0GhjZLlN6Zklfy3pYOb4qxxLppa%2FGKxaW7B8GJ72q9tgtVwseg74BBkFSsubRzGt4ScFQz4hOamk%2B6pn16%2Bg8s7wa%2Fwwm1U4DoO1lAI%2BU%2B5dgbXlWbuAH0KYN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88ce887a-LHR

GET
H3 200 twk-chunk-71978bb6.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 18 KB
6 KB 69ms
69ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-71978bb6.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f19042c05148f3d9d92dde129215d4d2bfd4d9e2c2ce1093864a02a3141544f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417984
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"f3f7b05e2fef932949d5d3200349662c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQjZnFakSD6sEZ2eJMAUb2pPXICe2Ph0NhDCk64lgWEgGtNoLyBNrLM15ih2emo5RapHwmXr5chesGzHnGYJkPYcHs%2FdQHzvaQyZRz607xyV5LxDIyAshGSzV0zQBp%2FOsLWvyDvXztQnVJ7C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88cf887a-LHR

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 11 KB
4 KB 69ms
69ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8449f2d02ea06b44063f5e048493873364985bce0f53f908cc7cbe64ff161ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417984
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"f8526209bd0230182244862900d06de5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcRPTkKVPx%2FfjY1WtUGKsGJS1Hw6AKYaSJBPr6xUETvYOnoUCrIP8R3sRVCcT7xi6ItkmmXdvdtbV3QHOXZW4V2ywVY5QZVqtUPJ0e4rdTRMOAAJjEVOZYre8b%2F2skZN5nHco62RTPTn6jwA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d0887a-LHR

GET
H3 200 twk-chunk-7c2f6ba4.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 5 KB
2 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-7c2f6ba4.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2fcfe44c380de589f9db8fda56e66210c41f70c7ed50b1517a1e18135dc6df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417984
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"ace4ed74ca13cd388ad0a07a7ba8f2f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qp%2BsIqc8Iv6bYuzwEuxfncgLS4Wx%2BQjMyZuElUFy52hJEl%2FYFjg81%2FQg36xxeok6nFEfxPCiLY3RjxUw%2BdUb7AMdDKA1gMhVzdV3zEGxV%2F6mb6yIomcXrkGK9kYuGYzKjfQzmFZe2E12Jd8P"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d2887a-LHR

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 19 KB
7 KB 39ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0df9aee9ba1b29e0e5dc11f0fe5e3b8583823d550bc2b26ae81ddd6d8c1ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417984
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"8372246357b315846277f115b7cb4b11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JuFHtq4wb7xHHgg9zKJEd2PodGWw8EC7PCgZYteiUbcBd82yzmjI%2BFGhS0PTWTvph1GwuzBuRySBfokQkJ1uwzTJpUf845qixn6l7TChUcmatFQ%2B6gKrJN0C%2BkZmR2I1%2FEqxsjFK%2FnLVpwuW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d4887a-LHR

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 906 B
942 B 70ms
70ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417983
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CLuIuO7Gb23Ad3KgQFbsp27f1AcaIjJnTZPnUQPvpUS%2BHJ59BKfCxYpFaVQQNrIhteoYRSUusAnjqUe%2BKCPi4OhLFGPh7gwpizqo4OKfPfDfEsMN7LXbQyiTU51pB%2FHMi1RlYNFEtnsKPNbb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d5887a-LHR

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 535 B
858 B 71ms
70ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417983
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k4Vm6TNj0yFX4AAdACZuaLivLHNSXpzsqLi%2BWsBe7%2FIu8%2FRzHkqJj02n7Mfr3ZbDUJccHrbJtDp1E%2B2yQVO5ibP36DOFHlVZCgdezS623yKI4ECp0f7bcAbvCPyzE1Lmz5WZsMaztOTv%2Bk73"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d6887a-LHR

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/66790c3897f/js/ 111 KB
30 KB 71ms
70ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dab66049c803c0eed4eae6ebfe090e3e60c5f2adad5dd4a907c8ec10ebb345a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=0; includeSubDomains; preload
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 417983
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Jun 2024 06:04:13 GMT
server: cloudflare
etag: W/"974bd4be5e9f5478f6a3e6828d6d31c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jTbnAjHwyHYb8ZYeCFwWACLzOV8Bu0zKYGvur4uE9uXNtNla5G8GVKoAfBDRzsc24m6UK6J6Z1%2BunDtV%2B9EinFE25isrDqCutlirx7UaY6BkNOuHD3o1Rh26uJypySIpzJMonsW1R6Mx%2FU1E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276ce88d7887a-LHR

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/66790c3897f/css/ Frame 99BE 24 KB
5 KB 144ms
144ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417983
cf-polished: origSize=24809
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jun 2024 06:04:12 GMT
server: cloudflare
etag: W/"2d7f176b563b25833791f4844819b5ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBDpY7pv5jE8y%2FqFPHbHZ8hdZVBUYyqAw%2FmT2wLwTzbVt%2BExFqOG3xVz8RG0Rr1tWNOCB8lKJY2HsC7h8V%2B2j2iSZZRfcrv0FRgwxo3WXiy8yujtVp9nTUIo40Sp3pkOvfxLAsvD9o%2FKcSRd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276cfb9ef887a-LHR

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/66790c3897f/css/ Frame 661B 13 KB
3 KB 63ms
62ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 359658
cf-polished: origSize=13594
x-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jun 2024 06:04:12 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sj9JluRU2DQy6nIJUICIlCzZ2IUJWEpaDEFLXJnnHQFYUtFZmingvb4rXu6tM6V9aPw8id8IqJSr0ukgLWIhoAVB%2FULiaS5ZhncCNAhsha68hTnKKeTJscOScpBYzYikVTf6RvgUqyOBhiM9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276cf295e887a-LHR

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/66790c3897f/css/ Frame 5AAC 41 KB
9 KB 54ms
54ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417983
cf-polished: origSize=42291
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jun 2024 06:04:12 GMT
server: cloudflare
etag: W/"471037caa670344edd2ca8e96bbc2125"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdHLNlR56iDwmUOGK1xCu5D3hMIeL0J3cPq%2BdLmDClszf9PZSvC4pvYVoigH%2BxkZe8xWaB4UdU%2BRgKljP0TPhZ8BP%2BGfOggK2bz3OPtGb%2B1kxdBWI70Y8LZdRn1%2FvaD8KIehR6KrbcqxfkuZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276cf3963887a-LHR

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 174ms
30ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 29 Jun 2024 02:25:06 GMT
age: 2599804
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-etou8220140-FRA, cache-lhr-egll1980053-LHR
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/66790c3897f/css/ Frame A6EE 78 KB
15 KB 48ms
47ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/66790c3897f/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 29 Jun 2024 02:25:06 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 417982
cf-polished: origSize=79618
x-cache-status: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jun 2024 06:04:12 GMT
server: cloudflare
etag: W/"723e419e84738507cad9c170c4f9051b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cj0MJxawMnNPBRCGK2tw5Jmz6%2FyEPYY7ywaWbYXvG89VeDWS710fYdXKTfh5fT%2BWN5YQEq%2BfBWYbxjWyb%2FQJ9zBBoyI2pmydxuXeLE0oCgPPtRlAPH4ZpTR90qQYlHUIjqLuLG2oBTNaLnI7"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 89b276cffa2c887a-LHR

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 141ms
140ms Preflight
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://gtauploads.rf.gd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gtauploads.rf.gd
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 89b276d92a9c9485-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jun 2024 02:25:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oj7ri%2FtAZ1z6zVk0SawMNfMPl2yHqCR7zNt0Yj%2Fe0pzw10ELUgSrXZ%2F3%2Bu2EyQ6lVVugGwGCBiX8HgiIQei%2FSEgTOJSZzUq5R9swviUy9x%2FSzEE%2BH1%2ByPNTgZCLPzCPGpxLz8dvAcrhg"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-c5jg.c.secret-cipher-301.internal

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
586 B 137ms
137ms Fetch
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/66790c3897f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://gtauploads.rf.gd/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 29 Jun 2024 02:25:08 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-t4fh.c.secret-cipher-301.internal
server: cloudflare
access-control-max-age: 3600
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://gtauploads.rf.gd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vphknbFY%2B8HF%2BzjLsxdOQRcM89RQ2FREpxVv%2FfZ2%2FEHvHf0w5NI9ZKzpYC%2BR14wh5IQe%2Bvmv7CtfAqdNCSEcapp9K%2BZmbEeFTrqWtUuI2gtrUdTEDku0dUp7zp4oDyy3teuxMnGEMsox"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 89b276da0b3b9485-LHR
access-control-allow-headers: content-type,x-tawk-token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gtauploads.rf.gd
URL: http://gtauploads.rf.gd/assets/images/favicon.png

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gtauploads.rf.gd/	1970-01-21 07:16:27	Name: __test Value: a8fde3394b85714ae3fe073070a78dd9
gtauploads.rf.gd/	1970-01-20 21:41:54	Name: PHPSESSID Value: ba78310c029386f2d2c3fec26fb566b4
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Kgq_VC7Y9CY
.youtube.com/	1970-01-21 01:59:39	Name: VISITOR_INFO1_LIVE Value: n7QtKVuZ-HQ
.youtube.com/	1970-01-21 01:59:39	Name: VISITOR_PRIVACY_METADATA Value: CgJHQhIEGgAgSg%3D%3D
gtauploads.rf.gd/	1969-12-31 23:59:59	Name: twk_idm_key Value: zW4BXQw-zFx7WN8X5vnUq
gtauploads.rf.gd/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.rf.gd/	1970-01-21 01:59:39	Name: twk_uuid_6431c95131ebfa0fe7f73b83 Value: %7B%22uuid%22%3A%221.5RCH3QE8Re3btpY16IhV4XhZumpGCWEyj8GzFaNoSXpcp39MZaDZtEUzFpYPP1H2h95SjJyqgeCMoCJ67JAPZeb4UirJDz61vN4iCAeu8Flp%22%2C%22version%22%3A3%2C%22domain%22%3A%22rf.gd%22%2C%22ts%22%3A1719627906309%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://gtauploads.rf.gd/?i=1(Line 126) Message: Unrecognized feature: 'web-share'.
security	error	URL: https://gtauploads.rf.gd/?i=1 Message: Mixed Content: The page at 'https://gtauploads.rf.gd/?i=1' was loaded over HTTPS, but requested an insecure favicon 'http://gtauploads.rf.gd/assets/images/favicon.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
gtauploads.rf.gd
ka-f.fontawesome.com
kit.fontawesome.com
prod.cloud.rockstargames.com
unpkg.com
va.tawk.to
www.youtube.com
gtauploads.rf.gd
185.27.134.176
23.212.200.80
2606:4700:3030::ac43:8b77
2606:4700:4400::6812:2844
2606:4700::6811:f7cb
2a00:1450:4001:802::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2003
2a04:4e42:400::485
2a06:98c1:3120::3
2a06:98c1:3121::3
0251a5af6eafb77818ce68b2be40039cc24297cc72611afae068cc3f824e1a17
0b75fe1985e13aee2e46fa1fd4d50ec67b98ec5803ce2d8d071bd1b96f20ff39
0c4b7ebd4b5943f84bef9cd446cd335823fdada228059aca3daf74bf5d1b94a0
0ce9de398de7e7ec63e836b70090643c7c5a3f29ea4a519a67defdd206c13ac1
0fe226ca4f540d211739777a6a611418343ed128bd4099bd43f2f5d7dd430a0d
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
142e1e954ebdaf3a3e1c1df4f049020fc3c967ffca1e795cedfe388699ac1e1d
1522ff2d1fe63764ed279743eafd491d3e6e143a1ea7c4a20ccb7cf5f3be4754
17cf96bdd57464d0d67f030c3acc0898f8921677f3d413ea03b3674d8ece3a17
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
20d7799bac10e3c8256d7b56a1dfc91a74f907e7d98244dc02e9c27ff6178661
26e1b509ca17a756db87864840e31a1a7caa2ce9164aa2fff2c61284c582c0c2
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
4d9c7105169d516fbe56f54a58d4aa2578f74343c90d7a5f52f1b0853d5cd00d
4fd59111c56f423bac787333a53a6a0f36783ff249f8a2ac99f5c00696f21d43
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
59ba19245f5544fe70187d0d94f2ba148ede6bcd2f79c044f4e326a3dc7b44bb
5c7a91890742f274c1ce697003f39dc4bb66dd61c85581e204ab4ce699f537fc
5fb233914781fed5ad823ebc0bb5781fbc71375dc50fb0a2f7061974a539eb2b
609795016110cd4bcf69fae138e9d4548f26745cdce9e620b44eab056612fbf0
620ec7947095b6f875ce7694812120d60ef68ae4d44a9762a4b370a42b8d06ad
6c18fe8237a9f7d44a05f33c9dd5006d7e178b33a3cef7de25564397c702c968
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7dab66049c803c0eed4eae6ebfe090e3e60c5f2adad5dd4a907c8ec10ebb345a
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7e659afb9310e15297bac7e92de518d21cc693e7f769e233636275d909354dd2
805ba57045187003767ae2dd987fa0b9158bdfbee3a4c0a5b91e9c77d52b8255
86a5e9b830426daf5c5c29d0bccbfaacbd0e57b384f566dbb9524af92eeaad27
90fb1f042bb4212689921ca0c2fa2cf486e03aca4bc3bfba99729a2114ca1d9f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
95b7f1cb96824cadf8341a6e88ee8b69ce8cb4f531b4cb68993264a68e0cd970
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
99ec996166408bbe489b788777cded4aab1eee19fb67d088a4047dda77e28581
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a52c76e747bc14d7df230fc3da2056540505edf34b46a1f53bff00a84c5ca010
a62a19c3c7f665e1b161f32a911ab662f78021feacda4b13ebf9470dda360dec
a8449f2d02ea06b44063f5e048493873364985bce0f53f908cc7cbe64ff161ba
ab40dc7dbe3cfdae4d3edc43a1a903fb139cb5fed4fe9c145b606ede8a8a7896
ae6c3f57de7100e460f00f40b38970ef32f8a7dad0af252742d5311dc7cbc576
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
bd72e6b7ad63bac5af484333c93f4bf952b002e4264dc3a7157fe21bfa0a2072
c03fcb90888e96189ba51d978b1dd8a5066fb7b70a43ad75127d656d4c381cc1
c48789f1b49bf24638fab122ee8b340f7526e3194ceee9df00540e1f6e50a08b
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d3c1e8ec0f84ccc517a48c5feaddfbceacb16b99c189cccb8bc154456a33b532
d64367e22d26c2b42d8433c5fa933ec1246376b40362f737a2aaf5e55e72b074
dd0df9aee9ba1b29e0e5dc11f0fe5e3b8583823d550bc2b26ae81ddd6d8c1ea9
df786a80d1610bb44dd11f3ae5785e34fb4e97e721a4ddc24d1cd842978ab44e
dff3709ffb18287f1e0ce9adadc377d485eea2f48339369074f0f3bbd4fab683
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e2fcfe44c380de589f9db8fda56e66210c41f70c7ed50b1517a1e18135dc6df0
eaddaf75cec85cb889dafd8d08ca234dafc71766f3454b34f0dd6eb24c6219a3
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
f19042c05148f3d9d92dde129215d4d2bfd4d9e2c2ce1093864a02a3141544f5
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f73e718d1cc0097fb4a5bed2315846368490139ba66002758d60e77eec321ea8
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

gtauploads.rf.gd Open in urlscan Pro 185.27.134.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

97 %HTTPS

82 %IPv6

9 Domains

11 Subdomains

12 IPs

3 Countries

2715 kBTransfer

4780 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gtauploads.rf.gd Open in urlscan Pro
185.27.134.176 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

97 %
HTTPS

82 %
IPv6

9
Domains

11
Subdomains

12
IPs

3
Countries

2715 kB
Transfer

4780 kB
Size

8
Cookies

72 HTTP transactions
0 data transactions