urlscan.io logo urlscan.io
SecurityTrails logo

talktowendys.onl Open in urlscan Pro
2606:4700:3032::6815:119d  Public Scan

Go To Rescan Add Verdict Report
URL: https://talktowendys.onl/www-guestobsessed-com/
Submission: On January 27 via api from IE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3032::6815:119d, located in United States and belongs to CLOUDFLARENET, US. The main domain is talktowendys.onl.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.
This is the only time talktowendys.onl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2606:4700:303... 13335 (CLOUDFLAR...)
4 192.0.76.3 2635 (AUTOMATTIC)
2 192.0.77.37 2635 (AUTOMATTIC)
14 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
66 8
21    2606:4700:3032::6815:119d (United States)

ASN13335 (CLOUDFLARENET, US)
talktowendys.onl
4    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
14    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
8    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
6    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 talktowendys.onl
talktowendys.onl
283 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
553 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
10 KB
6 wp.com
stats.wp.com — Cisco Umbrella Rank: 2723
c0.wp.com — Cisco Umbrella Rank: 8666
pixel.wp.com — Cisco Umbrella Rank: 2679
65 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
66 5
Domain Requested by
21 talktowendys.onl talktowendys.onl
14 pagead2.googlesyndication.com talktowendys.onl
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
6 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com tpc.googlesyndication.com
2 pixel.wp.com
2 c0.wp.com talktowendys.onl
2 stats.wp.com talktowendys.onl
66 8

This site contains links to these domains. Also see Links.

Domain
www.guestobsessed.com
checkers.com
rallys.com
Subject Issuer Validity Valid
talktowendys.onl
GTS CA 1P5		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://talktowendys.onl/www-guestobsessed-com/
Frame ID: 98784C98656A9AFC2D52202A32E9CF63
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 8E68005C5A69494C5A641767F7613AD6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=2177831738&adk=2974736368&adf=263956295&pi=t.ma~as.2177831738&w=789&fwrn=4&fwrnh=100&lmt=1706313686&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685842&bpp=2&bdt=397&idt=226&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&correlator=8689160151960&frm=20&pv=2&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Frame ID: C7025DA7A76FE05D813ED4ACEF7B324B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&adk=3105533540&adf=2621220088&lmt=1706313686&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685844&bpp=1&bdt=399&idt=247&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&nras=1&correlator=8689160151960&frm=20&pv=1&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Frame ID: CFDCFE18202B4AB82D6B7CD1417FF55A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=9397103287&adk=792462115&adf=578430110&pi=t.ma~as.9397103287&w=789&fwrn=4&fwrnh=100&lmt=1706313686&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685960&bpp=1&bdt=515&idt=136&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C0x0&nras=1&correlator=8689160151960&frm=20&pv=1&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=138
Frame ID: 20BCFCF0C92BD8D535D6E6824EAB49FC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 26DD02671417A9AEB3AF4DE1A3F0AB70
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6547839FFCFE11503304953FED6B35F8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 502FD9D9B5F3D80ABFCD22E5F394A4A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=2177831738&adk=2974736368&adf=263956295&pi=t.ma~as.2177831738&w=789&fwrn=4&fwrnh=100&lmt=1706313688&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687802&bpp=2&bdt=196&idt=233&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&correlator=1556766127384&frm=20&pv=2&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240
Frame ID: 968C1D547D51D53C67145CAF1C4AF5B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&adk=3105533540&adf=2621220088&lmt=1706313688&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687804&bpp=1&bdt=198&idt=253&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&prev_fmts=789x280&nras=1&correlator=1556766127384&frm=20&pv=1&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=261
Frame ID: EB9A65EA8CDBE6B09E31C81B3CE7E2A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=9397103287&adk=792462115&adf=578430110&pi=t.ma~as.9397103287&w=789&fwrn=4&fwrnh=100&lmt=1706313688&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687979&bpp=1&bdt=372&idt=88&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&prev_fmts=789x280%2C0x0&nras=1&correlator=1556766127384&frm=20&pv=1&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=93
Frame ID: 814DF3394D92F5754E453C070883C995
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF6D933ACDBEC5E38E9A06251D0455A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 039A4B8B3D9873A216149DE5B29C699F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Www.GuestObsessed.Com - Checkers and Rally’s Survey 2022

Page URL History Show full URLs

  1. https://talktowendys.onl/www-guestobsessed-com/ Page URL
  2. https://talktowendys.onl/www-guestobsessed-com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

86 %
HTTPS

71 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

913 kB
Transfer

2749 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://talktowendys.onl/www-guestobsessed-com/ Page URL
  2. https://talktowendys.onl/www-guestobsessed-com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
talktowendys.onl/www-guestobsessed-com/ 		75 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/www-guestobsessed-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79d2267069b1c431ecec6869dcf07bf77b4fba487096f187dae006d034267028

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bcb893d8940a5c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 00:01:25 GMT
link
<https://talktowendys.onl/wp-json/>; rel="https://api.w.org/" <https://talktowendys.onl/wp-json/wp/v2/posts/130>; rel="alternate"; type="application/json" <https://wp.me/paWwEB-26>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOa33Qg86%2FrYNtvtp9bbI936ZYd9YKsWc11ddRUjHJE9FOOAMu%2FpAZvODxMiEJusnVblnagAu71BHy0LTvajCUjN0B%2F076PGFzsiO1gkXG1ALouHhtN1HOnI79vEP0RYiMoz%2BqusViiTJKcmSqsE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
hit
x-pingback
https://talktowendys.onl/xmlrpc.php
rocket-loader.min.js
talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Jan 2024 10:32:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b38a27-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BoETE8cHM%2FZitLecgdQWWl36%2FXzKPnWimmWsAzcsrwTgO%2BN72jPM80FQzB5XUoCaHhKYmm7KfdL8D2LDkjuoDODvN7rsuNLmDSt%2BkihAQvBaWNOv6vdfQqVKiCmZ4Pq9KBh%2FAhmESsHPB82j%2BKvo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84bcb8961a8e0a5c-AMS
expires
Mon, 29 Jan 2024 00:01:25 GMT
adbd10c820cf40729d1ccc724a32eb73.css
talktowendys.onl/wp-content/litespeed/css/ 		301 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/css/adbd10c820cf40729d1ccc724a32eb73.css?ver=6cf82
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11452a964d6eda50b22f0883986974dd56751ff7933ba3357039d2e8aaf9fd85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2024 05:24:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4b2e4-65924c9a-c0cdd;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aMaaGN%2FPt9FagHZf2%2BLV3S2QMzLWZT7XU%2FeESMaMLUHvLBRRFrcMy6os9ZVAtppQ0GscHwuWcKMq7z1z1jVQD6cNOWkuZ1k0pwWbwLrRifTndgsOrJV1x9DAvBb9TsJyoZ6kDdDcRclvQJXbvwn"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
84bcb8961a8f0a5c-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 08 Jan 2024 05:24:44 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
e-202404.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202404.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Jan 2025 16:23:53 GMT
3262a8eb4e2cabd55b8ab3854edbf10d.js
talktowendys.onl/wp-content/litespeed/js/ 		0
0
truncated
/ 		35 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
dc6b73e6c1ec0f9f3ce670915f2c2051.js
talktowendys.onl/wp-content/litespeed/js/ 		0
0
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
7b4ca943b826c6af3968eab888c3afff.js
talktowendys.onl/wp-content/litespeed/js/ 		0
0
truncated
/ 		134 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3085ce07aa30af36a6afdcce6ddac2b0feca9a24f8ff374562c539bb0a3bf4f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
b91a60b02822bf1760bf6fe4946411d4.js
talktowendys.onl/wp-content/litespeed/js/ 		0
0
truncated
/ 		98 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30fa59171af189238cef9a95a3ea0b272462fed21e514b40d2fa06bfa2f4c2f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		45 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
truncated
/ 		326 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82ca482b1ffe70a55eb1739f2fbf9206136055c7462bd27b1e1cf4a30609e8b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
074f79eaabf8f6d47482682d691e3ab7.js
talktowendys.onl/wp-content/litespeed/js/ 		0
0
jquery.min.js
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Sun, 26 Jan 2025 00:01:25 GMT
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6849835bc534a8e08cd1dc16dfcaa6f1267719fff94085bd555e652453cbade0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
guest.vary.php
talktowendys.onl/wp-content/plugins/litespeed-cache/ 		16 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/plugins/litespeed-cache/guest.vary.php
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTrHG5AwS1FxfRwca%2FO0A%2BskG12ef1%2F%2B6%2FFCIeznnOQ697xrrHh9OJg2xdQv0ByBe%2BB%2FvRJ0m5N0968%2BEI4Pki5oqUTqRfqANCxKvoUu34ALvoRoB0qHdOJYT4NxBGljWOHw72ts7B2QNEW6k7kl"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
x-litespeed-cache-control
no-cache
x-robots-tag
noindex
alt-svc
h3=":443"; ma=86400
cf-ray
84bcb896d8231c89-AMS
074f79eaabf8f6d47482682d691e3ab7.js
talktowendys.onl/wp-content/litespeed/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/074f79eaabf8f6d47482682d691e3ab7.js?ver=e3ab7
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 23:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"350a-65b1a39c-bd87b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJdnHTIyn4RH41Vna%2FrJcCqkvfHOfTNZivxXr%2BTM12V9MCzuf0LgF%2Ft%2BP7Z7JMhH7ARHwcZaC3DYYVmurSrHfRyts8k80mkj9Ccf4rVghqLJ9T7pku7JTOLctpozR1W1vRXHQBv%2Fe3J2ArBsyRON"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb896d8271c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 23:59:14 GMT
768a1c1a-a6ab-4afc-9a41-0966bda30205
https://talktowendys.onl/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://talktowendys.onl/768a1c1a-a6ab-4afc-9a41-0966bda30205
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d395ebdb5394584652ba7299986d1746be5372423ff95f5b25c46f941427665f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51226
x-xss-protection
0
server
cafe
etag
7809226980488517620
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 00:01:25 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 8E68 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1248
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140837
x-xss-protection
0
server
cafe
etag
18266022834067136427
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51116
x-xss-protection
0
server
cafe
etag
13957296714102856731
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 00:01:25 GMT
Primary Request /
talktowendys.onl/www-guestobsessed-com/ 		75 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/www-guestobsessed-com/
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e01efe13893b649fcde2cf6e312553b7ef5cd230bdaa1f6ba6772ebbecb2eb6a

Request headers

Referer
https://talktowendys.onl/www-guestobsessed-com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84bcb89909e41c89-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 27 Jan 2024 00:01:27 GMT
link
<https://talktowendys.onl/wp-json/>; rel="https://api.w.org/" <https://talktowendys.onl/wp-json/wp/v2/posts/130>; rel="alternate"; type="application/json" <https://wp.me/paWwEB-26>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bm%2BZmmijyMyDO%2BXf14%2F1ooPXD7LAFeR9gOZ%2FaYmXPYRT9ZopThPIhJL1d5CqcF%2BBXNK4TSgCoSKSufn0dkprAQ3T5z8Xb7HtVeG6P7eNlBsNxlO%2FWkVtpTFJrHnpRQZ6sOcSmuRI0jFjqZSjmCO%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
fc6_HTTP.200,fc6_post,fc6_URL.43aaa4ba763c070b602040ab8edbfc3c,fc6_Po.130,fc6_,fc6_MIN.adbd10c820cf40729d1ccc724a32eb73.css
x-pingback
https://talktowendys.onl/xmlrpc.php
b91a60b02822bf1760bf6fe4946411d4.js
talktowendys.onl/wp-content/litespeed/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/b91a60b02822bf1760bf6fe4946411d4.js?ver=411d4
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Jan 2024 12:00:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1811-65abb5f7-bd87c;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtAMAZd38vXX1EepKCsEIMe2jNyszyR5IxJRGZb0UXFn4Bv7XMX%2BoOuT%2BdbMS3RK3v1SnetKQmEoGvkooTdoOQHvBchZPtgvqv6WDHX4uKBNo47IPeeOSVYmhqHEkQFhu48EOF%2BHoKdIT4iTlagR"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8995a111c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 12:03:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C702 		728 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=2177831738&adk=2974736368&adf=263956295&pi=t.ma~as.2177831738&w=789&fwrn=4&fwrnh=100&lmt=1706313686&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685842&bpp=2&bdt=397&idt=226&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&correlator=8689160151960&frm=20&pv=2&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
362
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:26 GMT
expires
Sat, 27 Jan 2024 00:01:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CFDC 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&adk=3105533540&adf=2621220088&lmt=1706313686&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685844&bpp=1&bdt=399&idt=247&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280&nras=1&correlator=8689160151960&frm=20&pv=1&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:26 GMT
expires
Sat, 27 Jan 2024 00:01:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 20BC 		728 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=9397103287&adk=792462115&adf=578430110&pi=t.ma~as.9397103287&w=789&fwrn=4&fwrnh=100&lmt=1706313686&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313685960&bpp=1&bdt=515&idt=136&shv=r20240122&mjsv=m202401240101&ptt=9&saldr=aa&abxe=1&prev_fmts=789x280%2C0x0&nras=1&correlator=8689160151960&frm=20&pv=1&ga_vid=1036640968.1706313686&ga_sid=1706313686&ga_hid=453700285&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&oid=2&pvsid=372585748311796&tmod=174318748&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=138
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
363
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:26 GMT
expires
Sat, 27 Jan 2024 00:01:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
7b4ca943b826c6af3968eab888c3afff.js
talktowendys.onl/wp-content/litespeed/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/7b4ca943b826c6af3968eab888c3afff.js?ver=3afff
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 21:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1bf4-65b17f0a-bd880;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeALLD5L%2FME1cjA7qIEKMAaETJWlFG0fEXMScZYD7Tw43%2Fuyzmknx6C3KJHHCodHdvPnlIc1E7q0mODD6FrWK2s7Le7y0L3GQ%2B8X7Ezm%2FlAuDPxqAOiXW%2BaUhCsYZhPv0I62L19gZPx2sGIQ6ija"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb89a3aed1c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 21:51:00 GMT
dc6b73e6c1ec0f9f3ce670915f2c2051.js
talktowendys.onl/wp-content/litespeed/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/dc6b73e6c1ec0f9f3ce670915f2c2051.js?ver=c2051
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jan 2024 14:31:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ba7-65b270a9-c0cdf;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j48YpnAnfrS0cmnCK%2BBmoI4F3HxnaXYBb2liMpq3PdyJ0%2BasbtIH%2FYxBAlG%2FBzAvY8ZK5XJEctApa76HQoyYRKGWcpGKGJaEnLDaPItHxtVR9q7FZOrm5PHyvvhzGxyZPyhE60kyDDSv5wi0KBCb"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb89b5c021c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 15:03:03 GMT
3262a8eb4e2cabd55b8ab3854edbf10d.js
talktowendys.onl/wp-content/litespeed/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/3262a8eb4e2cabd55b8ab3854edbf10d.js?ver=bf10d
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 02:55:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4de-65b07c25-bd882;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnFIVGiqKmkNUic58hHlelIR%2FzDv07BEfCvhIiX6YK4HnvqMs3S8AzMcUPpPPi4jdq5%2F1KULlUz4dZb1mSbAvTR9T2Dovhax0iJ5i52MW%2BNM9RNFn7hdDIsMDoKBueHGmiMYyCWEHMKC19tm3Dp4"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb89c1cac1c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 03:07:56 GMT
g.gif
pixel.wp.com/ 		50 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=161711909&post=130&tz=0&srv=talktowendys.onl&j=1%3A12.9.3&host=talktowendys.onl&ref=&fcp=451&rand=0.32199445051763753
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 00:01:26 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12226
x-xss-protection
0
wp-emoji-release.min.js
talktowendys.onl/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Apr 2023 05:43:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4904-644cae68-bec85;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oEhliXG16Hj5rYXQVSllSKLdqS%2Fsu5APR8ZKvW1ponck%2FiQd%2B5h7DTXImYFANFZbIeoOehX3Nvf%2BDjeDkF5K2iKQZd1PzWofF%2FrqA9wV24w%2FG%2BF5jadbgQJBlqp8KO7KcsYPoLXNxb1kr8JEOdUH"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb89cddb71c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 11:42:31 GMT
rallys-restaurant-outlook-768x428.jpg.webp
talktowendys.onl/wp-content/uploads/2019/04/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://talktowendys.onl/wp-content/uploads/2019/04/rallys-restaurant-outlook-768x428.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Apr 2023 18:54:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"acf8-644d67e8-bd831;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFP5FIWkuLKoIxnYiWYdMEITKmAI8wir4HKsCqIrOM%2BjNYvEhLnemWkBQeydAV1b4N7kJD4ulxLehx5L9xtnDOMFsd87m61TeRrbQkYaYiFRmNiHZJov7r0K2gtz8ze2uD6KGASUGXQJz6j4YXeH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84bcb89cddc01c89-AMS
alt-svc
h3=":443"; ma=86400
content-length
44280
expires
Sat, 03 Feb 2024 00:01:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080663
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 00:01:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 26DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
10383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 21:08:23 GMT
expires
Sat, 25 Jan 2025 21:08:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6547 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4KKpl7Fryoz4NEwslS62BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-4KKpl7Fryoz4NEwslS62BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:26 GMT
expires
Sat, 27 Jan 2024 00:01:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 26DD 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
11221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 20:54:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6547 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=372585748311796&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 26DD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ipNRFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=372585748311796&bg=!n5ylnNPNAAa8BdJLnAU7ADQBe5WfOJgKU4NOYyW_yeGLjDeBKMxyWzLNFKSefgIiyjGNwqC4A51lfZhCpbhj7Qu7VRL8AgAAADRSAAAAAmgBB5kCtGE4mMAoK3L5qu4dyRpFHGva26U2rbbxMgUl_4JRRPbQw_F19XOJlbSlel0U9tL4SkdQu5TidkxsXJ7C9m8KFP8ZkxmLdfGnS-KX_rlCZOXdYr7Qv_6T2nw4Yfm6vyjgl7yhl4vQ-ypeSHrofhiCuukSwJFM4nIMaUDWG3D3TH5p-1RXJ1yebGTKICs9cXN-cyzs4JG6uPCFzopnnE2c2XmZES1FZ7hPtDRpxMRcBLt7Mdtlyqs37NPVwiHU6Ed85IINl4DhZF0OvmxxKytYKAz89Pesn8PX1CnEXtzIMvPFiupmCKPHSncRFUbCbVrZD0UEniH4TPa25vmPqyqhVZnX377lqnSHQm77YfB14W5n_1R64FN71l-__cSRzJR4dFBK5PRQu-aSy1LJ0am7NjQzatF6agA5xrOlFX4yK3sGGzNZoezLq51gMBt-hluRJ0n4lP3HkJ_JBqKdA-X9VIv2VF8VCiUyZKDm9tYYJ9n730abNjWT7Vp92W2F28P8dXbQ-boFyb-3s99qyIRB0PU21SPfCB_DRK8WsOwcryi-yXHmLjAZzLt8xZgsl2UEjCkGl6vBHsnBMU4T8LZ2_EKvORKKlGaA6exIa-DIjtPzwVpbL45fSLXzde7_szznpf5_WO3vu3WkKQnniE9BgILagXCxnc0LiW4irYfcbakogC2XJtO831hFO6LhWqRHrFsYuqReyd9vqGjPE08__3hBxqNVBHrsv3qODYs_Ltzt-kepuADHsR_W4-K3ZpwBeR89ZIL8it8pCGynlV_IQDgsaNF_QQb8DZh5M9n_ifyj8NIcRx6JpUh7pqjYYOkcGmof_VVV2uWFAcyCM7UP4ctmtIfHkAyYQseulCEb0Ar2K-zVAq02940UJYLbTzBwLcABQBaFEyoOjgYLUHNsdMzWoAyd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0
rocket-loader.min.js
talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Jan 2024 10:32:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b38a27-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8DnANBfHD%2FIspX9LwSUFDRvJWf0p76z0sP6VBxcm8ob5XmGxXtXG8UcTgtUm37MQ6uDpni7pl5I3tAt%2FOawpHv3iedT1kyqaGj2rJv1EwoMqdKZY6LZMgXjyHXWU8O%2FQXN1ILe2C6NOr1eTnVE5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84bcb8a39bb31c89-AMS
expires
Mon, 29 Jan 2024 00:01:27 GMT
adbd10c820cf40729d1ccc724a32eb73.css
talktowendys.onl/wp-content/litespeed/css/ 		301 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/css/adbd10c820cf40729d1ccc724a32eb73.css?ver=6cf82
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11452a964d6eda50b22f0883986974dd56751ff7933ba3357039d2e8aaf9fd85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Jan 2024 05:24:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
etag
W/"4b2e4-65924c9a-c0cdd;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eo12qYgvRHg%2BLMNiiVabykOZvhrLs6Gm7StJ%2B%2FTZSEjgL0yl%2BYmwtVlSEBdLT%2BHJCZopVgzNKSnaem5jfWYKSRGHqJv32hSUFU78VS9Fe74h4MpdpZQbWKy%2F2Fk7yT06OujMaubOOlFQnUNckHqH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
84bcb8a3abb51c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Mon, 08 Jan 2024 05:24:44 GMT
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/gif
e-202404.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202404.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-minify-cache
hit
x-nc
HIT ams
date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402358485.9985
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Mon, 20 Jan 2025 16:23:53 GMT
3262a8eb4e2cabd55b8ab3854edbf10d.js
talktowendys.onl/wp-content/litespeed/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/3262a8eb4e2cabd55b8ab3854edbf10d.js?ver=bf10d
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e790fbad5cc67f76ab47ac86ac16237dbc1702214f9c4f28ed30f3c137e02ccd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 02:55:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"4de-65b07c25-bd882;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPdiaLDHJdajwfLhONgAqXn4eKIZRlsIJgu5zcdujSKeErWbTsXb%2BTYLkjK6f%2BAR4dwHZKWzAZx85MGq8V8tZaeqVwQnr7MwELwypsyg%2BpNuMOVdtO%2FOQYqS%2B9OS%2FIBO6FdoPjOd4r7hEaJbH1Vk"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a3dbde1c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 03:07:56 GMT
truncated
/ 		35 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
dc6b73e6c1ec0f9f3ce670915f2c2051.js
talktowendys.onl/wp-content/litespeed/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/dc6b73e6c1ec0f9f3ce670915f2c2051.js?ver=c2051
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec7a72cb9662825e0ebdbee45de1684f93ee963661b6de0d5e4fe99c8fc5c25a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 25 Jan 2024 14:31:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"ba7-65b270a9-c0cdf;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDWSxZshdSxVMHJvStR%2BbqEseaZbzgQfMIqsbrE83kecLRgwEs9OSN%2BcmHC9EWL4C5yfKslGU%2FpjDgTleNg45vEAR6GTpU0B7rkGsY3EBTLe%2BEsO8ZIi6XqEbntToeLAndyIgIKQ4LDWKobFwDgr"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a3dbe01c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Feb 2024 15:03:03 GMT
truncated
/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
7b4ca943b826c6af3968eab888c3afff.js
talktowendys.onl/wp-content/litespeed/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/7b4ca943b826c6af3968eab888c3afff.js?ver=3afff
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770135fc83fa5bb997d6fa77fa9136cb85b3673603e74929d74f7ff09991f830

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 21:20:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"1bf4-65b17f0a-bd880;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RimEYOAEsiZg08wTSa3LGBwPk%2FXt1%2FNcEd6LlZ42c1gdnHaPqq3%2By9duA9rMUIdMTBbM7cRgltUNbK3jxcbliL9L99MHipxXbAhvrVy11Q5lAsfWi2Wfb09qG4wiLemDxmUGnLjPunKuQW%2BSjSF"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a3dbe21c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 21:51:00 GMT
truncated
/ 		134 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
abb7a567c05a0b68b8b02ce1c2a054a42f8c34e4c7cf16cdedc0e213a7c3f953

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
b91a60b02822bf1760bf6fe4946411d4.js
talktowendys.onl/wp-content/litespeed/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/b91a60b02822bf1760bf6fe4946411d4.js?ver=411d4
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d86472aa7577dd426f1f4f9a0bae7e4f829fec2adf2937c55435d54594730065

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Jan 2024 12:00:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"1811-65abb5f7-bd87c;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fq3Nnc1w9QIurh7aEYjpx6RLk6Olh4Vj2LNvNmOj0McWSCZrdybWRTGKIaJYjS7iCe6U0%2B6YioU5YAHJg4P47BSUac1yL0KhwROHKtxwHPLhY3LmWIB6wmeAEHZKzw%2BdTQl3DSPAl0ZCgun%2Fjlx1"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a3dbe31c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 27 Jan 2024 12:03:28 GMT
truncated
/ 		98 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30fa59171af189238cef9a95a3ea0b272462fed21e514b40d2fa06bfa2f4c2f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		45 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
truncated
/ 		326 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6208a4a45acee2f41040a0ce05c2cffe635112d845b9c6a08ac05fb9561b4130

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
074f79eaabf8f6d47482682d691e3ab7.js
talktowendys.onl/wp-content/litespeed/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-content/litespeed/js/074f79eaabf8f6d47482682d691e3ab7.js?ver=e3ab7
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 23:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2
etag
W/"350a-65b1a39c-bd87b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIe1BniBOxajbrmyeP1ilHHLfTYtCx2B8xHjR%2FU3pkVKZ6UV4beCbrs2BqWhEyuDHzXb%2BwKursdG%2FZjk4CbbtLelUxdX7JO1DnQSXUiUmMlRDrACzqpjP%2Bgk6F3ee6BXL8%2FkFTjRgvWDK19aKTPf"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a3dbe41c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 31 Jan 2024 23:59:14 GMT
jquery.min.js
c0.wp.com/c/6.4.2/wp-includes/js/jquery/ 		86 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/6.4.2/wp-includes/js/jquery/jquery.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nc
HIT ams 2
date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
strict-transport-security
max-age=15552000
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3=":443"; ma=86400
expires
Sun, 26 Jan 2025 00:01:27 GMT
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6849835bc534a8e08cd1dc16dfcaa6f1267719fff94085bd555e652453cbade0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
truncated
/ 		1 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
text/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b4f13fec6611705f51c6a8def2e53f6fa69a234796f26d6358bef3c71b11cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51159
x-xss-protection
0
server
cafe
etag
1575234881924641138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 00:01:27 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 502F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1250
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 23:40:37 GMT
etag
3890843268177463596
expires
Fri, 09 Feb 2024 23:40:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 		405 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a007dbcc23f477bdf96fdf65463d2905a65f5b212e8fe43c0eb6557da29ff42e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140752
x-xss-protection
0
server
cafe
etag
5408834647936419424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 27 Jan 2024 00:01:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9281417e426fc4384a3a01df608fa4386969e7eb0f5935d844f46c0adccbdb82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51112
x-xss-protection
0
server
cafe
etag
17054805909193729521
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sat, 27 Jan 2024 00:01:27 GMT
g.gif
pixel.wp.com/ 		50 B
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=161711909&post=130&tz=0&srv=talktowendys.onl&j=1%3A12.9.3&host=talktowendys.onl&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fcp=1734&rand=0.02651545575732861
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 27 Jan 2024 00:01:27 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
wp-emoji-release.min.js
talktowendys.onl/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://talktowendys.onl/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: talktowendys.onl
URL: https://talktowendys.onl/www-guestobsessed-com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Apr 2023 05:43:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1
etag
W/"4904-644cae68-bec85;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8Kt%2B4VzXf5Dpc1wSwW6QAP917DzQpSpx4ZpA7vfBiXElDo8zwKJ6febdWZN%2FFVnejL0r4zx26vIoZSrA9KF4VIPoWjC6opgvPuLhDwo%2FBratfbGX93xKianTkVKNwBqmSUZ8fSgO%2BrPV%2FmM92fT"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
84bcb8a5fd811c89-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 11:42:31 GMT
rallys-restaurant-outlook-768x428.jpg.webp
talktowendys.onl/wp-content/uploads/2019/04/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://talktowendys.onl/wp-content/uploads/2019/04/rallys-restaurant-outlook-768x428.jpg.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:119d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076bc1dc72908700680a433f44c60e4ec5a88c824f7da490316ae98b98979fdd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/www-guestobsessed-com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
alt-svc
h3=":443"; ma=86400
content-length
44280
last-modified
Sat, 29 Apr 2023 18:54:32 GMT
server
cloudflare
etag
"acf8-644d67e8-bd831;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9HQ4ZZ9Z1j7ralDfYLyWHFdJL9FRyHQ6TFaRdfBjHDqT21fbnvw0JBHmi3E8bRtOaAVN3ZOh2HESh8cqvRPu13yRQK1An8LqEVT1ZuNzHuZbNc1W9IUZLqLi90RChbF51oKa8iYi3EiJY1zMoGf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
84bcb8a60d921c89-AMS
expires
Sat, 03 Feb 2024 00:01:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 968C 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=2177831738&adk=2974736368&adf=263956295&pi=t.ma~as.2177831738&w=789&fwrn=4&fwrnh=100&lmt=1706313688&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687802&bpp=2&bdt=196&idt=233&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&correlator=1556766127384&frm=20&pv=2&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=386&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=240
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db962784c7ce860e1e0d2d3e9d314573340d54a2436365f33b3c7fb1835145a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
211
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:28 GMT
expires
Sat, 27 Jan 2024 00:01:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b09d3d5bc3422afffe3c11cb02cd2238110a53a29b0d9d484ce115f9b29f995
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12395
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EB9A 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&adk=3105533540&adf=2621220088&lmt=1706313688&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687804&bpp=1&bdt=198&idt=253&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&prev_fmts=789x280&nras=1&correlator=1556766127384&frm=20&pv=1&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&fsapi=1&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:28 GMT
expires
Sat, 27 Jan 2024 00:01:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 814D 		580 B
332 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5358567181092065&output=html&h=280&slotname=9397103287&adk=792462115&adf=578430110&pi=t.ma~as.9397103287&w=789&fwrn=4&fwrnh=100&lmt=1706313688&rafmt=1&format=789x280&url=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706313687979&bpp=1&bdt=372&idt=88&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da436d2d779b3d9b0%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ&gpic=UID%3D00000d4a89b8eb10%3AT%3D1706313686%3ART%3D1706313686%3AS%3DALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A&prev_fmts=789x280%2C0x0&nras=1&correlator=1556766127384&frm=20&pv=1&ga_vid=456329429.1706313688&ga_sid=1706313688&ga_hid=1060010104&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=406&ady=874&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080620%2C31080662%2C95321963%2C95320869%2C95320889%2C95321627%2C95322165%2C95323004&oid=2&pvsid=2822775417482683&tmod=218571790&uas=0&nvt=2&ref=https%3A%2F%2Ftalktowendys.onl%2Fwww-guestobsessed-com%2F&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22214034fc383e4856ee397a223e8c2e659873765dfdfa03ff770f7498f7916c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
307
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:28 GMT
expires
Sat, 27 Jan 2024 00:01:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5358567181092065&plah=talktowendys.onl&bust=31080662
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 00:01:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF6D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
age
10385
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 26 Jan 2024 21:08:23 GMT
expires
Sat, 25 Jan 2025 21:08:23 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 039A 		829 B
793 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f03b1484e8b02a86b00b1129deda66a3bef6902c0814a0842968eb40fc9fceba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RdoOaZOMz5kgv5bdQnBS0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://talktowendys.onl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RdoOaZOMz5kgv5bdQnBS0A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 27 Jan 2024 00:01:28 GMT
expires
Sat, 27 Jan 2024 00:01:28 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame DF6D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:54:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
11223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 25 Jan 2025 20:54:25 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 039A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=2822775417482683&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DF6D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Uqdkrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:01:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=2822775417482683&bg=!r6ylrOPNAAa8BdJLnAU7ADQBe5WfOGJgSqP4bZX9Xvn1d4WgP5GXboN1e_1hsk3ZLb4ov5dLDD2cWIHXfd9NI5z4MYNrAgAAACtSAAAAAmgBBwoACUgNRQfDBojai5kCx7P-vW2oidVAXWOZUupWZhiNtvNhgvQKz8yNNlfnAn-GjNNDiwaHuALYzg5MZYXx4aWBBT1OQW1IPUga2g0GYfsPK18JS60sDrWQP_IFUXsfCfrDNJDLMU7NxffrBgLMpVFS8KZ4cGiAYOW23IyLfxe6gMay-CsU0QsY77NbTUwqzjwsjq-ax_WboO51mzAH2krNqCadUIaVi-6Xc5PPIIX_lyyvtIF8Hl6qPA-jOVrWqaGE3R-yaUp8EI5zd7bp_wPT_ztqTU0IqSKLeZqP-V1tIfFbIXpVqXtwAKYyaFSmGu5_N2eeapcmpjw3kIyOPlxLlzy4zkMlIZNErqwa9P1vPhrr41HkfPRmxRJf4TzoBn51oy8LOGCKrQvuIJZ1x0G8wI1Uing-1EG2H65TH2_zxGw9c2RTPgkY7J8LdKUTwzwrs3H3rWsSzgVB3Do8Md6p0BtstPmKCrLVZNKX4ll27J8hOMrahr3UwODeEYTFVAKQKeyBMcBbfRLKcI-PWD52ev8lQJheGsTWKXdRySIH6FIW6rXokzFIGhL8L8UQPvAzmUP8qDQdPAKDqk4B6nyLqCrzlkozp9EBdA-VgSJwnhXIk5pks5fYPWr668evp_H-gcCT_Y9TBtnXkRr-kpFT2yS2vaSkacBgSOZdRFA68jMPuLvS_V1JT_24VeU2BnO7XZBsX93MqMQb1RLH59ikzgr49Cv-gTjlVXyhU_y8T_2Z4sZvyzTZQrT1Ph5v37uzxq1H9zFnaXcjUYInSRWHtRoFRCPOgUj8SmYbo5_bnjNIzbLONcGMKJExDc_wiurgHofEJfbPKTXd9vtjyYu_OFmHALnYbO-wiThASpU7uz7EWfX3FYo_v7CWAhjMdBEQIgx3dE-EjlHzisldek1oqblq6TnOS9TijccWHdU2Wqtlk_STmgaD3QoEsg6UKLfFMsaEpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://talktowendys.onl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
talktowendys.onl
URL
https://talktowendys.onl/wp-content/litespeed/js/3262a8eb4e2cabd55b8ab3854edbf10d.js?ver=bf10d
Domain
talktowendys.onl
URL
https://talktowendys.onl/wp-content/litespeed/js/dc6b73e6c1ec0f9f3ce670915f2c2051.js?ver=c2051
Domain
talktowendys.onl
URL
https://talktowendys.onl/wp-content/litespeed/js/7b4ca943b826c6af3968eab888c3afff.js?ver=3afff
Domain
talktowendys.onl
URL
https://talktowendys.onl/wp-content/litespeed/js/b91a60b02822bf1760bf6fe4946411d4.js?ver=411d4
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
talktowendys.onl
URL
https://talktowendys.onl/wp-content/litespeed/js/074f79eaabf8f6d47482682d691e3ab7.js?ver=e3ab7
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=plmetrics&cls=0.092&mls=0.063&nls=3&cas=0.000&nas=0&was=0.000&wls=0.092&tls=933.200&lcp=451&lcps=103488&cbt=0&mbt=0&nlt=0&nif=3&ifi=3&eid=44759876%2C44759927%2C44759837%2C31080663%2C95322184%2C95321627%2C95322164%2C21065725&top=1&pvsid=372585748311796
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| litespeed_docref object| __cfQR undefined| $ function| jQuery object| _stq function| LazyLoad boolean| __cfRLUnblockHandlers function| loadCSS object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| tocplus object| NeveProperties object| html string| theme object| variants function| setCurrentTheme object| observer function| toggleAriaClick object| addComment object| neveScrollOffset function| st_go function| linktracker_init object| wpcom object| HFG object| hash object| qs object| pathname object| hostname object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
talktowendys.onl/ Name: _lscache_vary
Value: 841ad7e4af9fb4be855f5cf7bd3fbd82
.talktowendys.onl/ Name: __gads
Value: ID=a436d2d779b3d9b0:T=1706313686:RT=1706313686:S=ALNI_MYe49gp_tHrmKqI07v6H6_9eJp_sQ
.talktowendys.onl/ Name: __gpi
Value: UID=00000d4a89b8eb10:T=1706313686:RT=1706313686:S=ALNI_MbjrIF4MXVHfWhFUazEcYAhFFN41A
.doubleclick.net/ Name: IDE
Value: AHWqTUk4xhoRaPlyZT5PP4sYPvLG80J9jjWKTA4MqaHfBarYMhurum997pUgr4FDlG8
.talktowendys.onl/ Name: __eoi
Value: ID=f5c4519c21c13113:T=1706313688:RT=1706313688:S=AA-AfjYsyKce5vyFB-gCZ2WTLaxz

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c0.wp.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.wp.com
stats.wp.com
talktowendys.onl
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
talktowendys.onl
192.0.76.3
192.0.77.37
2606:4700:3032::6815:119d
2a00:1450:4001:802::2001
2a00:1450:4001:809::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
041996b935232a6d291ea7928ab82b4c4ed37195baa13ac000a8fbcc0b36fb21
04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b
076bc1dc72908700680a433f44c60e4ec5a88c824f7da490316ae98b98979fdd
11452a964d6eda50b22f0883986974dd56751ff7933ba3357039d2e8aaf9fd85
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
22214034fc383e4856ee397a223e8c2e659873765dfdfa03ff770f7498f7916c
3085ce07aa30af36a6afdcce6ddac2b0feca9a24f8ff374562c539bb0a3bf4f1
30fa59171af189238cef9a95a3ea0b272462fed21e514b40d2fa06bfa2f4c2f1
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
49b4f13fec6611705f51c6a8def2e53f6fa69a234796f26d6358bef3c71b11cd
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6208a4a45acee2f41040a0ce05c2cffe635112d845b9c6a08ac05fb9561b4130
6849835bc534a8e08cd1dc16dfcaa6f1267719fff94085bd555e652453cbade0
6b09d3d5bc3422afffe3c11cb02cd2238110a53a29b0d9d484ce115f9b29f995
71f652d6e3c322295772c1f083ab62329a94464741c4167ea745b5da21123cc9
770135fc83fa5bb997d6fa77fa9136cb85b3673603e74929d74f7ff09991f830
79d2267069b1c431ecec6869dcf07bf77b4fba487096f187dae006d034267028
7f3a5aa4dcb3c0912452ca3c83baa8113278b60b4037bd1580338dca32d58d71
82ca482b1ffe70a55eb1739f2fbf9206136055c7462bd27b1e1cf4a30609e8b8
9281417e426fc4384a3a01df608fa4386969e7eb0f5935d844f46c0adccbdb82
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a007dbcc23f477bdf96fdf65463d2905a65f5b212e8fe43c0eb6557da29ff42e
abb7a567c05a0b68b8b02ce1c2a054a42f8c34e4c7cf16cdedc0e213a7c3f953
c4453228633bed808d8e9c207504149ffdea27dbb321334360a23154d8c7300c
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d395ebdb5394584652ba7299986d1746be5372423ff95f5b25c46f941427665f
d86472aa7577dd426f1f4f9a0bae7e4f829fec2adf2937c55435d54594730065
db962784c7ce860e1e0d2d3e9d314573340d54a2436365f33b3c7fb1835145a1
e01efe13893b649fcde2cf6e312553b7ef5cd230bdaa1f6ba6772ebbecb2eb6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e790fbad5cc67f76ab47ac86ac16237dbc1702214f9c4f28ed30f3c137e02ccd
ea64f589334f647f2254d595466c036000a3d9150ad078a69eba7f845c0c0713
ec7a72cb9662825e0ebdbee45de1684f93ee963661b6de0d5e4fe99c8fc5c25a
f03b1484e8b02a86b00b1129deda66a3bef6902c0814a0842968eb40fc9fceba
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1