weirdorconfusing.com Open in urlscan Pro
35.198.80.163 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://weirdorconfusing.com/
Submission: On July 02 via api (July 2nd 2023, 11:22:57 am UTC) from DE — Scanned from DE

Summary HTTP 72 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 72 HTTP transactions. The main IP is 35.198.80.163, located in Frankfurt am Main, Germany and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is weirdorconfusing.com.
TLS certificate: Issued by R3 on May 24th 2023. Valid for: 3 months.

This is the only time weirdorconfusing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.198.80.163 35.198.80.163	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2600:9000:225... 2600:9000:2250:a00:12:4abd:d340:93a1	() ()
16	13.32.11.121 13.32.11.121	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:2c00:14:2602:6e80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:c239	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.32.185.123 23.32.185.123	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	18.133.210.159 18.133.210.159	16509 (AMAZON-02) (AMAZON-02)
72	20

1 35.198.80.163 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 163.80.198.35.bc.googleusercontent.com

weirdorconfusing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2250:a00:12:4abd:d340:93a1 (United States)

ASN- ()

cdn.intergient.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.32.11.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-121.vie50.r.cloudfront.net

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

eocampaign1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:2c00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.intergi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c239 (United States)

ASN13335 (CLOUDFLARENET, US)

gallery.eo.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.185.123 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-123.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.210.159 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-210-159.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	gstatic.com fonts.gstatic.com www.gstatic.com	895 KB
16	cloudfront.net d33wubrfki0l68.cloudfront.net	773 KB
9	google.com www.google.com — Cisco Umbrella Rank: 10 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670	254 KB
8	intergient.com cdn.intergient.com — Cisco Umbrella Rank: 10395	245 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 ad.doubleclick.net — Cisco Umbrella Rank: 184	152 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	5 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1168	1 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 639 mb.moatads.com — Cisco Umbrella Rank: 832	43 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1077 api.btloader.com — Cisco Umbrella Rank: 1148	13 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1623	311 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	159 KB
1	eo.page gallery.eo.page — Cisco Umbrella Rank: 345700	2 KB
1	intergi.com cdn.intergi.com — Cisco Umbrella Rank: 11237	147 KB
1	eocampaign1.com eocampaign1.com — Cisco Umbrella Rank: 261689	30 KB
1	weirdorconfusing.com weirdorconfusing.com	8 KB
72	15

	Domain	Requested by
16	d33wubrfki0l68.cloudfront.net	weirdorconfusing.com d33wubrfki0l68.cloudfront.net
10	fonts.gstatic.com	fonts.googleapis.com www.google.com
9	www.gstatic.com	www.google.com www.gstatic.com
8	cdn.intergient.com	weirdorconfusing.com cdn.intergient.com
6	www.google.com	eocampaign1.com www.gstatic.com www.google.com
3	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
3	fonts.googleapis.com	weirdorconfusing.com client
2	ad-delivery.net	weirdorconfusing.com
2	region1.google-analytics.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	cdn.intergient.com securepubads.g.doubleclick.net
2	www.googletagmanager.com	weirdorconfusing.com www.googletagmanager.com
1	mb.moatads.com	z.moatads.com
1	ad.doubleclick.net	weirdorconfusing.com
1	api.btloader.com	btloader.com
1	z.moatads.com	cdn.intergient.com
1	btloader.com	cdn.intergient.com
1	gallery.eo.page	weirdorconfusing.com
1	cdn.intergi.com	cdn.intergient.com
1	eocampaign1.com	weirdorconfusing.com
1	weirdorconfusing.com
72	20

This site contains links to these domains. Also see Links.

Domain
docs.google.com
tholman.com
www.amazon.com
emailoctopus.com

Subject Issuer	Validity	Valid
*.weirdorconfusing.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
cdn.intergient.com Amazon RSA 2048 M02	`2023-02-17` - `2024-01-02`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
eocampaign1.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.intergi.com Amazon RSA 2048 M01	`2023-02-17` - `2024-01-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-16` - `2023-09-16`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-06-13` - `2023-09-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://weirdorconfusing.com/
Frame ID: DEFB57B375A42F48C19A2506CE862F80
Requests: 54 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=khH7Ei3klcvfRI74FvDcfuOo&theme=light&size=invisible&cb=gkwglrldf4cj
Frame ID: CCA08F280D21FB840382FBC83DFE8BB5
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Frame ID: 9C4F5CCE41C7AF7FEA0127A81AB58DA1
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weird or Confusing

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

72
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

2729 kB
Transfer

6607 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.google.com/forms/d/e/1FAIpQLSf_jX02kXi2CoR1-LijkZod3Rm_c_YQluKcTR2jZ_qkD_Ix0w/viewform
Title: Suggest

Search URL Search Domain Scan URL

URL: https://tholman.com/
Title: Me

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B09RQCB3J6/?tag=oddthings-20
Title: Chicken Nugget Keychain on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B07QX3YJLH?tag=oddthings-20
Title: Tortilla Blanket on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/1539486125?tag=oddthings-20
Title: Farting Animal Coloring Book on Amazon

Search URL Search Domain Scan URL

URL: https://emailoctopus.com/?utm_source=powered_by_form&utm_medium=user_referral
Title: EmailOctopus

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B004A2LW6A?tag=oddthings-20
Title: Instant Underpants on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B00KAH704W?tag=oddthings-20
Title: Lie Down Glasses on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B07GTJ3WK4?tag=oddthings-20
Title: Nicolas Cage Sequin Pillow on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B076J8R7YK?tag=oddthings-20
Title: Stomach Fanny Pack on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B015LYSQJ6?tag=oddthings-20
Title: Bacon Bandages on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B073C95WTN?tag=oddthings-20
Title: Chia Bob Ross on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B072L38SGT?tag=oddthings-20
Title: Dehydrated Water on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B0090U47KA?tag=oddthings-20
Title: Grow a Boyfriend on Amazon

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B002Q0L6UK/?tag=oddthings-20
Title: Handerpants on Amazon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
weirdorconfusing.com/ 26 KB
8 KB 150ms
42ms Document
text/html 35.198.80.163
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.198.80.163 Frankfurt am Main, Germany, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

163.80.198.35.bc.googleusercontent.com

Software

Netlify /

Resource Hash

965a1b74d95d6fa808be10114f2ef0006b8cf5edbcacaae0d2a154c3b1d67f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 204987
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 8012
content-type: text/html; charset=UTF-8
date: Sun, 02 Jul 2023 11:22:50 GMT
etag: "43113cd0b2789675ec2bee829b172a3d-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01H4B5EPK1E39GVCFRDQSY5FDX

GET
H2 200 ramp_config.js Show response
cdn.intergient.com/1024872/74069/ 22 KB
4 KB 506ms
44ms Script
application/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: d37d330957959c3452512b29c0dfb54083e063754a60a97325d12baabb3833c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 09:13:36 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
age: 7755
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600, public, must-revalidate
x-amz-cf-id: Xq-maHwewgafixhZhhdQqsg1OCyNwCcwbRdD7w5Urpd3ozEjZMH18A==

GET
H2 200 styles.css
d33wubrfki0l68.cloudfront.net/css/684b4e3547d17b2dcf4bbb23454e3622ac9d49d0/css/ 5 KB
2 KB 507ms
46ms Stylesheet
text/css 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/css/684b4e3547d17b2dcf4bbb23454e3622ac9d49d0/css/styles.css

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

6a89014a4321c374b22f15ab9bb9e75f69dcbbebfc442de9e820ee50b79dcf15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GYBTJS6Z3V99GW02KKZTZ7TJ
date: Wed, 19 Apr 2023 03:57:53 GMT
content-encoding: gzip
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: VIE50-C2
age: 6420299
x-cache: Hit from cloudfront
server: Netlify
etag: 44d23527d36704a5ac992c8c8d1909f3713d9caa-df
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
x-amz-cf-id: GnRm4092Ad6vwjn0s2-UcQifjUJTXaAr7IRB_jgXn9x_c0nlebJGGw==

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 139ms
52ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e010a2e17932ac6e0ed95753e13aa1d41b3c30203ebb99d91d047512095dc14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 11:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 11:22:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 11:22:50 GMT

GET
H2 200 long-drip.png
d33wubrfki0l68.cloudfront.net/5a1df0bcfbd142d5e930cf3ffc6e743b3603715a/1052b/assets/images/ 88 KB
88 KB 499ms
55ms Image
image/png 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/5a1df0bcfbd142d5e930cf3ffc6e743b3603715a/1052b/assets/images/long-drip.png
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: 98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GJKD8WP5FQP5DZDSXBHE3KQT
date: Wed, 23 Nov 2022 23:30:51 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 19050720
etag: edab4490f429c1c117eda420ca1f0e561388e1f8
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 89673
x-amz-cf-id: WQIovsa6xTP0rDHtudDuqnwYluGf0DdWYpk-WSZegNdnDagNMFDP4A==

GET
H2 200 bd191654-7be0-11ed-bbe5-392bd510cd34.js Show response
eocampaign1.com/form/ 207 KB
30 KB 644ms
200ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af6f223b5f7e15cd536c229db3c3a8d874e4aee022ac715fe4173669db1c8df

Security Headers

Name	Value
Content-Security-Policy	default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-AnrvS4MEWa+wlbP/0bSbNjkD2hY=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-security-policy: default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-AnrvS4MEWa+wlbP/0bSbNjkD2hY=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzG%2F753fSLOXlH1gz6Tu5gjvUE4Y61VUZ7AKv8Ogh%2FowWazIs2HGiD%2B76eEoSXUZXrMUeeqz6rHQKOooz9La3i0sbcE1go%2F2jaCknyQSxbaEZOg%2BHoam3cMoQHNvepAqHcGWqKIa0pk2xUI7GHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-ray: 7e068366ff331915-FRA
alt-svc: h3=":443"; ma=86400
reporting-endpoints: main-endpoint="http://eocampaign1.com/csp-report"

GET
H2 200 ramp_core.js Show response
cdn.intergient.com/ 590 KB
167 KB 658ms
231ms Script
application/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/ramp_core.js
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e2e0ca6c334b925d7fdcdd9bc7f6abf88e42ccab09c030240e850daddcd2974d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-lambda-function: us-east-1.pageos_production:205
cache-control: max-age=1800000, public, must-revalidate
x-amz-cf-id: 0dZxprRBpNvNWCzhhhNnG3k4Fk8QmaRhjWoCG7AixxROiWBp36hrGg==

GET
H2 200 index.js Show response
d33wubrfki0l68.cloudfront.net/js/adc83b19e793491b1c6ea0fd8b46cd9f32e592fc/js/ 1 B
446 B 473ms
46ms Script
application/javascript 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/js/adc83b19e793491b1c6ea0fd8b46cd9f32e592fc/js/index.js

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H0P2KVY9HPHSETH2AH6BMNKS
date: Thu, 18 May 2023 00:02:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 3928846
etag: 95ef9be24bef39e0c8fcab2af05b7ff5bb1b6172
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 1
x-amz-cf-id: jmys7wO5WzxNChVt-QMw01YCeUYbr_J4lPNFiDVjVlY_W0CLs59C5A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
85 KB 481ms
54ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35ccddc76afc3bc1155f507b79fe00977a6c33ec79c7b57e314a4325b85b3baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 11:22:51 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 218ms
109ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c9f0c19def391543ede5329b83427e623afd46d2449ca212456f24aaab16e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26203
x-xss-protection: 0
server: cafe
etag: 935 / 19540 / m202306270101 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Jul 2023 11:22:51 GMT

GET
H2 200 prebid.js.br Show response
cdn.intergi.com/prebid/ 575 KB
147 KB 175ms
46ms Script
text/javascript 2600:9000:223d:2c00:14:2602:6e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergi.com/prebid/prebid.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2c00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23df4b95a6b30f70b8bca0726540badba53900209fa9675897e1ba798730bf80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 10:44:15 GMT
content-encoding: br
via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
x-amz-version-id: FcT49YKLtr3flvEBR1ouPo.mxrGQl2vy
last-modified: Wed, 07 Jun 2023 13:02:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 2317
etag: "827dc0df6e6b6901b2473786975114aa"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 150286
x-amz-cf-id: 9ewAMJAniEDC9MLfOj95TAkZFuSG4zic_2wCMw5XwyCvNMPWWL_sCg==

GET
H2 200 amz-logo.svg
d33wubrfki0l68.cloudfront.net/5b73814537e6f5437ced8bc29a4814082dbdca9e/b6346/assets/icons/ 3 KB
2 KB 67ms
67ms Image
image/svg+xml 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/5b73814537e6f5437ced8bc29a4814082dbdca9e/b6346/assets/icons/amz-logo.svg
Requested by: Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/css/684b4e3547d17b2dcf4bbb23454e3622ac9d49d0/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d33wubrfki0l68.cloudfront.net/css/684b4e3547d17b2dcf4bbb23454e3622ac9d49d0/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GQ7AYSF67GSNC4RDG5QH5Z8C
date: Fri, 20 Jan 2023 10:17:59 GMT
content-encoding: gzip
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 14087092
x-cache: Hit from cloudfront
content-length: 1378
server: Netlify
etag: d427e4631470901baff17550acceac9acca0acb2-df
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
x-amz-cf-id: -poG3rjsguusr-EoHa_NlTsJULjsb4RkGEqq0YbY13moSDh8oSd-cA==

GET
H2 200 neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v28/ 33 KB
33 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 04:13:27 GMT
x-content-type-options: nosniff
age: 25764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 01 Jul 2024 04:13:27 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 18 KB
18 KB 180ms
88ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 11:49:36 GMT
x-content-type-options: nosniff
age: 343995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18664
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 11:49:36 GMT

GET
H2 200 30-chicken-nugget-keychain-1.jpg
d33wubrfki0l68.cloudfront.net/b9e3a1d6082e89b427fae7f51570579792c560d6/371a8/assets/images/ 99 KB
100 KB 60ms
58ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/b9e3a1d6082e89b427fae7f51570579792c560d6/371a8/assets/images/30-chicken-nugget-keychain-1.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GNHZ9NDW8GZGDDRD3F72MTD5
date: Fri, 30 Dec 2022 16:54:28 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 15877703
etag: f0db757983a64b7d7a88332e9ed8ed21d8a62940
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 101411
x-amz-cf-id: 1nnbNDsJ4m6wR_08NscFCgRYD39QoLcb4xcg6Vb9YBAUsfpoxHzivg==

GET
H2 200 30-chicken-nugget-keychain-main.jpg
d33wubrfki0l68.cloudfront.net/d299684bf5e1f3de57239ad8ab0d96d0938ebfef/dd252/assets/images/ 30 KB
30 KB 60ms
57ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/d299684bf5e1f3de57239ad8ab0d96d0938ebfef/dd252/assets/images/30-chicken-nugget-keychain-main.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GPFNM5WSKFWACDK00BZZNGBY
date: Wed, 11 Jan 2023 05:42:39 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 14881212
etag: f3698bad9b342f7118df792e69e602e33779da8a
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 30318
x-amz-cf-id: uT-k_1eHTCS9raQ-F3ZFmSwf2ceKo25vqycGlSQlndwB7V70XidEEw==

GET
H2 200 30-chicken-nugget-keychain-2.jpg
d33wubrfki0l68.cloudfront.net/83137f1232deba3d020b3eecaecbe302e37e070d/25b9d/assets/images/ 64 KB
64 KB 60ms
58ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/83137f1232deba3d020b3eecaecbe302e37e070d/25b9d/assets/images/30-chicken-nugget-keychain-2.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GP4D2KQE1HMPX2Q9HE2VYKP9
date: Fri, 06 Jan 2023 20:41:36 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 15259275
etag: 26ba6a96c9f4a25e734e0d06e6c19677577dc955
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 65134
x-amz-cf-id: 0jeBZu7xNIb4l9sqp07Zon3vtes4IP5F7UfCmVaC7CKwUOmPdS7QDg==

GET
H2 200 29-tortilla-blanket-1.jpg
d33wubrfki0l68.cloudfront.net/b4bc75c7e6e6a95e658668abad602f9123b029b7/6fb48/assets/images/ 41 KB
41 KB 60ms
58ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33wubrfki0l68.cloudfront.net/b4bc75c7e6e6a95e658668abad602f9123b029b7/6fb48/assets/images/29-tortilla-blanket-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GVHENZ897ZXHA94WVPT4XAR6
date: Wed, 15 Mar 2023 01:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 9452675
etag: 6b2dde8c37d1d2b72aae08bd11c22ad23ae91477
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 41530
x-amz-cf-id: CbIiHvCEOhrC91ArG3UZjG7AXGC3cSYzjODsctSTN5QBtoYmJgf1fQ==

GET
H2 200 29-tortilla-blanket-main.jpg
d33wubrfki0l68.cloudfront.net/c0000979ebefb536eeffc75d05ddc391e4c51e22/04322/assets/images/ 32 KB
32 KB 135ms
134ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33wubrfki0l68.cloudfront.net/c0000979ebefb536eeffc75d05ddc391e4c51e22/04322/assets/images/29-tortilla-blanket-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H22M36YC0CT58K6HWEYTWDBB
date: Sun, 04 Jun 2023 07:14:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 2434122
etag: 975efeaf1b55644e567e666f435266b848c35a3c
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 32584
x-amz-cf-id: U3ri56xi7XXPUNRMxT3PXSm6ca4YLumveGEJs_3bUNIAhOim-uUCiA==

GET
H2 200 29-tortilla-blanket-2.jpg
d33wubrfki0l68.cloudfront.net/07c9cabc566f52acba5458f28db69fac24bb1d14/d8afe/assets/images/ 62 KB
62 KB 60ms
58ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33wubrfki0l68.cloudfront.net/07c9cabc566f52acba5458f28db69fac24bb1d14/d8afe/assets/images/29-tortilla-blanket-2.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GVHENZKWPJBXD4TB34VTYCJ0
date: Wed, 15 Mar 2023 01:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 9452676
etag: dd1f69fc14e24eae092e1897ca41eca5f68dc899
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 63327
x-amz-cf-id: BXaSUuvcz5rUicPkpytx5IkiMUs3qaHQKqErIMA37XkxjwZmpkgrhA==

GET
H2 200 13-farting-animals-1.jpg
d33wubrfki0l68.cloudfront.net/bbca27e8a133705c453d10552616a3ae9b61ca17/2bc84/assets/images/ 45 KB
46 KB 60ms
58ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/bbca27e8a133705c453d10552616a3ae9b61ca17/2bc84/assets/images/13-farting-animals-1.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: 4202c60ac74b67ee581c5b75554e68c51bb01282363e7d8e58484270a51844c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GJKD91HC7PVBKYJK02BT1QDP
date: Wed, 23 Nov 2022 23:30:56 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 19050715
etag: aba3d423871a3113c6a8101839bd2a8966c42556
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 46395
x-amz-cf-id: Sz9kuSSMyBgTJk_6FacKXlA4f-b4fkqXK1j7wERe39IjQsLLs47EIA==

GET
H2 200 13-farting-animals-main.jpg
d33wubrfki0l68.cloudfront.net/78b11227109238734b54a8de4b7a9aeda07b3946/ee07a/assets/images/ 68 KB
69 KB 72ms
71ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/78b11227109238734b54a8de4b7a9aeda07b3946/ee07a/assets/images/13-farting-animals-main.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: d2ec796bd833a4c3c2718db3ca6225390be8e4d7b7173160222b28ca95a0307c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GRWEK7N6F70V9C3JNQQJ2W3P
date: Fri, 10 Feb 2023 01:21:20 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 12304891
etag: 1deb018bfbccf32f94e2550942c560f4728dfe3c
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 69894
x-amz-cf-id: ptlLZjQ15PrjejBZvU6LfKTxDcXw1sK8ExkjRXsRm977a1KnrQw_Pg==

GET
H2 200 13-farting-animals-2.jpg
d33wubrfki0l68.cloudfront.net/0c9b30ac05e9864a7616a22d3c14b1f5d5d3226e/621b4/assets/images/ 40 KB
41 KB 157ms
155ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/0c9b30ac05e9864a7616a22d3c14b1f5d5d3226e/621b4/assets/images/13-farting-animals-2.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: 4565d43253577ea193e68764f1dcccd171b7570dbf64b6fcc6a400c10c16a754

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GMBP573SQPTWKYVWNHNF0TXV
date: Thu, 15 Dec 2022 20:03:36 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 17162355
etag: bf9f04af2d4704c788a5cce290c94658e5381848
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 41469
x-amz-cf-id: lXE35vgoWk7dfKPRvotScl9M1lJDN5LEVJUce2FVzrsV8HFPhEnSmA==

GET
H2 200 21-instant-underpants-1.jpg
d33wubrfki0l68.cloudfront.net/f1a3fce528304335593488da9f036f43da857c4b/86794/assets/images/ 33 KB
34 KB 157ms
156ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33wubrfki0l68.cloudfront.net/f1a3fce528304335593488da9f036f43da857c4b/86794/assets/images/21-instant-underpants-1.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

524428f48539fefc8f2f47c546db1f45675a0ecdc798365c7ab9dae0385346d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GV5WWMSGMPMHHRFDYKTD8CKC
date: Fri, 10 Mar 2023 13:55:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 9840429
etag: ee432167a51ed7ce8ecd484dc112f68553c2c7d2
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 34158
x-amz-cf-id: HavmlQCs3Uaq5Cl58OryMrua8uhTlC0zctCocgtBe6zoiwNvOod9Rg==

GET
H2 200 21-instant-underpants-main.jpg
d33wubrfki0l68.cloudfront.net/8d399efc9c6b25f7e698052e1ffa824dcc3ef880/a3708/assets/images/ 89 KB
90 KB 157ms
156ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d33wubrfki0l68.cloudfront.net/8d399efc9c6b25f7e698052e1ffa824dcc3ef880/a3708/assets/images/21-instant-underpants-main.jpg

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.11.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-11-121.vie50.r.cloudfront.net

Software

Netlify /

Resource Hash

99e5dc98a3afdc1771cfa42e700d598b0d9c17290174fd03666664191b172035

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01H2A897QTPDP2QYT36V6YGJ86
date: Wed, 07 Jun 2023 06:21:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 2178072
etag: 399c23aa450799ebe4716d5e5aabf27949fd4d23
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 91190
x-amz-cf-id: e9nUwuqGVWruh8tSmRbF1FETBJuLEiCPiRaU-q92AcRBdwt-SKwXnw==

GET
H2 200 21-instant-underpants-2.jpg
d33wubrfki0l68.cloudfront.net/baf29a62c956dcdb0242181c76d9d958f7309215/5ea03/assets/images/ 72 KB
72 KB 157ms
156ms Image
image/jpeg 13.32.11.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33wubrfki0l68.cloudfront.net/baf29a62c956dcdb0242181c76d9d958f7309215/5ea03/assets/images/21-instant-underpants-2.jpg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-121.vie50.r.cloudfront.net
Software: Netlify /
Resource Hash: c5a2731fe039aa470014f5cffdf36bde7bef0e2b83ecd7ed10a77bdcde798368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-nf-request-id: 01GJKFDBNXA0V4EN48Q1W2S24R
date: Thu, 24 Nov 2022 00:08:15 GMT
via: 1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: VIE50-C2
age: 19048476
etag: d81fbe251aaceac5220a2bffd6b2826d22b6b4d4
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 73728
x-amz-cf-id: Dfb2VYX-A25xxH-QyDhCj4DerJT_uL3PS2iBJw5trsk5GftyWBVKdQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
74 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2d4dfdecaa573bec0d1d4a704f7d9f34b269b5ecc3bd1d4d29cda9b57b5b34e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jul 2023 11:22:51 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 137ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LJX3N3MESX&gtm=45je36s0&_p=1854014208&cid=1008262757.1688296972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688296971&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 11:22:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weirdorconfusing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 761 B
478 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 11:03:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 11:22:51 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 943 B
925 B 145ms
50ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit

Requested by

Host: eocampaign1.com
URL: https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7e068e47482fc5b5fb2e70c00c5ae5ca35b4f3c9f8264d18b963e652603b4ca2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 11:22:51 GMT

GET
H2 200 otto.svg
gallery.eo.page/tentacles/icons/v1/powered-by/ 3 KB
2 KB 169ms
52ms Image
image/svg+xml 2606:4700:3037::ac43:c239
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gallery.eo.page/tentacles/icons/v1/powered-by/otto.svg
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:c239 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2964
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 04 Dec 2020 17:25:12 GMT
server: cloudflare
etag: W/"72cefcb1dfdc4a35d5899af8e6f9f06c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvhKEA3r0ALAPwQMJwZgiR66vCqNWp2olLmapS4oD1NallOIddkuz3cQGJZvJB4kqkHz1173406UZ8PvrDitIzWoya38DaEkvNj%2FiGF%2FJ4qeZlsOVI86jUWM1e7vntdgjpLATMRmoogLclmMlcI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7e0683695e316973-FRA
x-amz-cf-id: FXpQVGfqsebAoA9C8tjAF-9tYan9Dv2JVv0uDN669yPVkn-vFzcFEw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RF3445PVZM&gtm=45je36s0&_p=1854014208&cid=1008262757.1688296972&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688296971&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1688296970897
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jul 2023 11:22:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://weirdorconfusing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:06:44 GMT
x-content-type-options: nosniff
age: 126967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:06:44 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 392 KB
125 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 13:41:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78062
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127740
x-xss-protection: 0
server: cafe
etag: 1744020965594933375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 30 Jun 2024 13:41:49 GMT

GET
H2 200 videoCard.01fa78e7064a386f48fc.js Show response
cdn.intergient.com/pageos/1.10.4/ 554 B
904 B 41ms
41ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.4/videoCard.01fa78e7064a386f48fc.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:23:19 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 02:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14373
etag: "ce3cc474e63b7f656de18953fb710c43"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 554
x-amz-cf-id: zeCipB00UuWss0PrHja2uJEWZg3YnxFV-GRoyQSZGVcAHbKLELgzPA==

GET
H2 200 batchHandler.77ab1dc43eac56199813.js Show response
cdn.intergient.com/pageos/1.10.4/ 3 KB
2 KB 41ms
41ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.4/batchHandler.77ab1dc43eac56199813.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 743f0138a0425418260a773e375e698d20820a4a54c816e0819ba1efc38f09aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:22:02 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 02:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14450
etag: W/"4c0fd7be4ce9be47bd15a48c78fd791c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: booMDlJbozCU80ucDw84C2N4h_i_C6O03K8gjSQXUpwzbGb9Z-mojw==

GET
H2 200 88.da4099999895d5101ca6.js Show response
cdn.intergient.com/pageos/1.10.4/ 49 KB
11 KB 46ms
44ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.4/88.da4099999895d5101ca6.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14cd167420b962b3db2cc70fac2bfc7b49f23fdd0b93b9c73f6dc567f730643e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:22:03 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 02:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14449
etag: W/"390f1d013f98ebb10d7f0d50b5595896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: CH6sr1ZgOFaL1KfSRBCzX3o2zzOVyk_BOgyxtLAn81k5wTRWxZlfbg==

GET
H2 200 gdpr.97478d7d1159b1ddb8c3.js Show response
cdn.intergient.com/pageos/1.10.4/ 8 KB
3 KB 46ms
45ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.4/gdpr.97478d7d1159b1ddb8c3.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b06ce9dae1b2dc0759e5786c1a652ec2efed2784643c44c0ee35901c0f325043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:22:02 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 02:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14450
etag: W/"208df9428ac797ea6a45252340ff0d01"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: vGtGeDcH4lQ9FZe6UWyFPs3JVm5w31bSU4dCSHCcIMleD9UTFgz00Q==

GET
H2 200 tag Show response
btloader.com/ 48 KB
13 KB 163ms
54ms Script
application/javascript 2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57cffae4e00c21c6dd69ffb602c04f37ae986873988069085a908b99acd4a3c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 02 Jul 2023 10:26:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3213
etag: W/"9f4b7ee45d35c37a47dc246bee40d404"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV6ThYGNX5y5Gu400fyaXTwpmnDYs7ev1LyP0ONn36lGonjZ%2F10hdc6jSvKFB1Zy7yI%2BQ6ovHox1OhThvRcAowGTwNgSfH%2FCRQ1iRMqo6emTDsEClXbIkKqLe8Wwnj3KxCUUhlblVzXX%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7e06836a6ebf2c57-FRA

GET
H2 200 nielsen.b850d86715bcafaea630.js Show response
cdn.intergient.com/pageos/1.10.4/ 2 KB
1 KB 44ms
44ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/1.10.4/nielsen.b850d86715bcafaea630.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:22:02 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 02:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14450
etag: W/"70341af160996aa15aad5fcd74fdda2a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: x8hQLSzQKGVzpXLVMVEoE7qCMfP4ejaREhTzzLdeMwfsQ3DYvSIaLQ==

GET
H2 200 moatheader.js Show response
z.moatads.com/playwireprebidheader597261727146/ 114 KB
43 KB 163ms
41ms Script
application/x-javascript 23.32.185.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-123.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: dda7f99a7bd69f50ccf17ee349594c93c94b92584949b173bd1f60e35fc65a98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:51 GMT
content-encoding: gzip
last-modified: Tue, 20 Jun 2023 16:52:42 GMT
server: AmazonS3
x-amz-request-id: 07XCE5TN4DPMQQBE
etag: "b94ed188504b3088482e3c4a6a59fb09"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41804
accept-ranges: bytes
content-length: 43591
x-amz-id-2: 1R0KQTX5v5zJz20gVn7j+65D/S4JcfXcE9hYG2tThK1/QS+il6LerbT6lQE7mGtTrkIYW0PHglw=

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ 431 KB
174 KB 141ms
42ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 09:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 09:50:24 GMT

GET
H2 200 aws-sdk-kinesis.min.js.br Show response
cdn.intergient.com/pageos/js/libs/ 227 KB
57 KB 45ms
45ms Script
text/javascript 2600:9000:2250:a00:12:4abd:d340:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by: Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.4/batchHandler.77ab1dc43eac56199813.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:a00:12:4abd:d340:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 07:33:51 GMT
content-encoding: br
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Tue, 15 Feb 2022 19:02:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 14175
etag: "575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 57858
x-amz-cf-id: -T5K_YUJw6CdH_meGa8BCnArL-V5UsPJ4H7aQGOfccpcb4c9o9TGZA==

GET
H2 200 154013155 Show response
fundingchoicesmessages.google.com/i/ 147 KB
49 KB 233ms
84ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/154013155?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6281d7d2b36499368409b0f630994f494cf2455976a7e0b8db1c2d6993c33845

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3fPQC6nTybZi3zX8CgwsmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-3fPQC6nTybZi3zX8CgwsmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 265ms
152ms Fetch 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 02 Jul 2023 11:22:52 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 160ms
47ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1184530
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYZvgzmLnCyU2juY82Xcyw8nd6u4CkcEWQdKoSEA%2FTCIOLdeSZ2SQfvx93hC%2B07wC8CkEwrFKDcVkb4U80gn8nIlyzccoMNw5VFZv%2FO0CGLf0z97Kl1INvXe7hrNtApEqbcAc%2BSiqJ8wCb%2FRzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e06836b88613a76-FRA
expires: Sun, 18 Jun 2023 19:00:36 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 155ms
41ms Image
image/x-icon 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 16:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 02 Jul 2023 16:38:00 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
863 B 159ms
46ms Image
image/gif 2606:4700:20::681a:346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6604029395543667
Requested by: Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1184530
x-guploader-uploadid: ADPycdv8qge5fWlwp9rZXF6LbyExXl2o9Iy5jHQbOEZ0qlQxv_isrzPT7gE5TvR4yPQIXKy-veOtsiFQ4Jd5X0X9m6yejQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5k2HOk0sJyamk8yEc6a7cTe8WR2UMsJ%2FejrAtgVwWKxVrJu57CgDU82zTEfvurM2Xi8XgorRZj9XsOPi0P2cF7a6GyJ7pEK%2B1kWVj6etB2rHM0hmWeee0NNBe4VSDVqwJopJ%2FH8xLfgizz8a%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7e06836b88633a76-FRA
expires: Sun, 18 Jun 2023 19:00:36 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 351 B
524 B 221ms
58ms Script
text/html 18.133.210.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BC%24%3D!!t%3C%2C%5Bh3MDg1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-KVqwwmhfMBXplwKreHhxgYYW%2Bup1U2MSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-XVXHxZ%2B61zA1OQ%3D%3D&sc=1&os=1-Jw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fweirdorconfusing.com%2F&pcode=playwireprebidheader597261727146&rx=711889196985&callback=MoatNadoAllJsonpRequest_94679748
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.210.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-210-159.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 635672e0263beedb15ed1ae2d44ad6aa97ede97d8663f19f627dc14e87dc4ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "222c48ce9365384f9ff29abce23a28cce3718021"
content-length: 351
content-type: text/html; charset=UTF-8

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame CCA0 51 KB
28 KB 63ms
62ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=khH7Ei3klcvfRI74FvDcfuOo&theme=light&size=invisible&cb=gkwglrldf4cj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d68a2c362d9793da582eca13d841e0c330d7efc12981a157fe76e6867befc316

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rHjhpkO-7A6Mh4o5-e25-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weirdorconfusing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 28533
content-security-policy: script-src 'report-sample' 'nonce-rHjhpkO-7A6Mh4o5-e25-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 11:22:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CCA0 55 KB
24 KB 121ms
40ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=khH7Ei3klcvfRI74FvDcfuOo&theme=light&size=invisible&cb=gkwglrldf4cj

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame CCA0 431 KB
173 KB 120ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 09:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 09:50:24 GMT

GET
H2 200 AGSKWxXZD8bSa2dbMzhal7Vdq-_HdRmfim-BOXr0XjGoMejNe6Ic163hdsR_q7-Mu1zJurwzQcX9svnWjTyzRbiiNhk= Show response
fundingchoicesmessages.google.com/f/ 954 KB
108 KB 241ms
240ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXZD8bSa2dbMzhal7Vdq-_HdRmfim-BOXr0XjGoMejNe6Ic163hdsR_q7-Mu1zJurwzQcX9svnWjTyzRbiiNhk=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg4Mjk2OTcyLDIzMjAwMDAwMF0sIjQ1QTIzQTQ1LUZDM0QtNDMyNS05NDlELUFBRTFFM0M2NjhCQiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd2VpcmRvcmNvbmZ1c2luZy5jb20vIixudWxsLFtbOCwic19RN0JJcjRrU0kiXSxbOSwiZGUiXSxbMTksIjEiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.s_Q7BIr4kSI.es5.O/d=1/rs=AJlcJMwX0nD7VFrDSO2JXGbSdZmU4e0a0g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82c890d614acecff7e8f9c558e601ca605439355564e3e548952aba1588c7697

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8jb6uRb_MVSRMw7J3zhAkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
content-security-policy: script-src 'report-sample' 'nonce-8jb6uRb_MVSRMw7J3zhAkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame CCA0 2 KB
2 KB 40ms
39ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 00:33:37 GMT
x-content-type-options: nosniff
age: 384555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 05 Jul 2023 00:33:37 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCA0 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 124074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:54:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CCA0 15 KB
15 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 399555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 20:23:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame CCA0 102 B
134 B 50ms
49ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=khH7Ei3klcvfRI74FvDcfuOo&theme=light&size=invisible&cb=gkwglrldf4cj
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 11:22:52 GMT

GET
H3 200 css
fonts.googleapis.com/ 63 KB
4 KB 56ms
56ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.s_Q7BIr4kSI.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwX0nD7VFrDSO2JXGbSdZmU4e0a0g/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad597bd5da1121fc44e3a2176d030b49872c8e3f19d47fdb217668bfd4785f78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://weirdorconfusing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Jul 2023 11:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 02 Jul 2023 11:22:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jul 2023 11:22:52 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 9C4F 7 KB
1 KB 54ms
53ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95a1d547aa307c9aeeea1bca384352e925bb5bbadd4103262db547ce58facd18

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TNrHNJYIA6g5y8NKGQNGow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://weirdorconfusing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1156
content-security-policy: script-src 'report-sample' 'nonce-TNrHNJYIA6g5y8NKGQNGow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jul 2023 11:22:52 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 9C4F 55 KB
24 KB 44ms
43ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 16:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jun 2024 16:07:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/ Frame 9C4F 431 KB
173 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 09:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177423
x-xss-protection: 0
last-modified: Sat, 24 Jun 2023 15:59:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jul 2024 09:50:24 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 106644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 05:45:28 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
125 KB 56ms
55ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://weirdorconfusing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:29:28 GMT
x-content-type-options: nosniff
age: 64404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 17:29:28 GMT

POST
H3 204 AGSKWxWGV1a3oNl4jrCyKznxdVADc49pApozd0P9h29DJ5BD63du_6_ip3WQmsV3bizXy08BszNnfBWwQt6iflo0Qdn2hlMfeI_pMM88nKn5uL3_cSzRU-XO_Tz2ObNIYccRAO6fhpdZYQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 136ms
53ms XHR
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWGV1a3oNl4jrCyKznxdVADc49pApozd0P9h29DJ5BD63du_6_ip3WQmsV3bizXy08BszNnfBWwQt6iflo0Qdn2hlMfeI_pMM88nKn5uL3_cSzRU-XO_Tz2ObNIYccRAO6fhpdZYQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-boWuQbqp_tnMh1mNAW_4Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://weirdorconfusing.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-boWuQbqp_tnMh1mNAW_4Ig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://weirdorconfusing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9C4F 40 KB
24 KB 81ms
80ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2ee255c79d4d1e67905e4672fde062b2bf59496753516070ddf7998699a6989

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Sun, 02 Jul 2023 11:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24921
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 11:22:52 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C4F 600 B
624 B 41ms
40ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 30 Jun 2023 03:01:22 GMT
x-content-type-options: nosniff
age: 202891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 07 Jul 2023 03:01:22 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C4F 530 B
554 B 41ms
40ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 18:31:39 GMT
x-content-type-options: nosniff
age: 60674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 08 Jul 2023 18:31:39 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C4F 665 B
689 B 41ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/khH7Ei3klcvfRI74FvDcfuOo/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 17:30:32 GMT
x-content-type-options: nosniff
age: 64341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 08 Jul 2023 17:30:32 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C4F 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:54:58 GMT
x-content-type-options: nosniff
age: 124075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:54:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C4F 15 KB
15 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 20:03:22 GMT
x-content-type-options: nosniff
age: 55171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 20:03:22 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C4F 15 KB
15 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 20:23:37 GMT
x-content-type-options: nosniff
age: 399556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Jun 2024 20:23:37 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 9C4F 43 KB
43 KB 51ms
50ms Image
image/jpeg 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AAYGu2T2KtFhH6xQepDpUpJtQvL5plF0cLwl0gCiokw8bLVrUJylIMXA8Tw_v1ETkcrl12LzLpS9kekXt-aHFl21elOWabSVqOW5kmh3dZaMr6NUgVZghf7ZHx9plWL-5JGPKGem6bye11viUjYa9vt3p63ltvp6RcCZIe_XlG7ayQ5qEEvMV0HeXld0roivfNQCPYKmUJqney6hPOOHk3urIr3_AWArFQ&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

490ba59d8d83a097acc3fc028c25a42dda8cb905cd5311c0fa0a783ad6023e62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=khH7Ei3klcvfRI74FvDcfuOo&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 11:22:53 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43801
x-xss-protection: 1; mode=block
expires: Sun, 02 Jul 2023 11:22:53 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 17:17:28	Name: _GRECAPTCHA Value: 09AKimY9mKMPyGFZCaiiUOwj4XjUf-YkomFmLpV8EPywZs67-K92HmJh-0aQaNCo84NXTX-2LBmlR_vsr0HKzYPgA
.weirdorconfusing.com/	1970-01-20 22:34:16	Name: _ga_LJX3N3MESX Value: GS1.1.1688296971.1.0.1688296971.0.0.0
.weirdorconfusing.com/	1970-01-20 22:34:16	Name: _ga Value: GA1.1.1008262757.1688296972
.weirdorconfusing.com/	1970-01-20 22:34:16	Name: _ga_RF3445PVZM Value: GS1.1.1688296971.1.0.1688296971.0.0.0
weirdorconfusing.com/	1970-01-20 22:19:52	Name: usprivacy Value: 1---

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.intergi.com
cdn.intergient.com
d33wubrfki0l68.cloudfront.net
eocampaign1.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gallery.eo.page
mb.moatads.com
region1.google-analytics.com
securepubads.g.doubleclick.net
weirdorconfusing.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
13.32.11.121
130.211.23.194
172.217.18.6
18.133.210.159
2001:4860:4802:34::36
23.32.185.123
2600:9000:223d:2c00:14:2602:6e80:93a1
2600:9000:2250:a00:12:4abd:d340:93a1
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:3037::ac43:c239
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a06:98c1:3121::3
35.198.80.163
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
07fbd8ba776748eb837dcac0214c515cc198737d8b6edded0039b38fca2c291d
0e010a2e17932ac6e0ed95753e13aa1d41b3c30203ebb99d91d047512095dc14
14cd167420b962b3db2cc70fac2bfc7b49f23fdd0b93b9c73f6dc567f730643e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5
23df4b95a6b30f70b8bca0726540badba53900209fa9675897e1ba798730bf80
2d4dfdecaa573bec0d1d4a704f7d9f34b269b5ecc3bd1d4d29cda9b57b5b34e8
35ccddc76afc3bc1155f507b79fe00977a6c33ec79c7b57e314a4325b85b3baa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4202c60ac74b67ee581c5b75554e68c51bb01282363e7d8e58484270a51844c7
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4565d43253577ea193e68764f1dcccd171b7570dbf64b6fcc6a400c10c16a754
490ba59d8d83a097acc3fc028c25a42dda8cb905cd5311c0fa0a783ad6023e62
49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e
524428f48539fefc8f2f47c546db1f45675a0ecdc798365c7ab9dae0385346d1
55542c02f59ac047bd7ef87d8a2981b541995a09de59a89e419292a91f241202
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57cffae4e00c21c6dd69ffb602c04f37ae986873988069085a908b99acd4a3c7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6281d7d2b36499368409b0f630994f494cf2455976a7e0b8db1c2d6993c33845
635672e0263beedb15ed1ae2d44ad6aa97ede97d8663f19f627dc14e87dc4ecb
6a89014a4321c374b22f15ab9bb9e75f69dcbbebfc442de9e820ee50b79dcf15
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
743f0138a0425418260a773e375e698d20820a4a54c816e0819ba1efc38f09aa
7af6f223b5f7e15cd536c229db3c3a8d874e4aee022ac715fe4173669db1c8df
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e068e47482fc5b5fb2e70c00c5ae5ca35b4f3c9f8264d18b963e652603b4ca2
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82c890d614acecff7e8f9c558e601ca605439355564e3e548952aba1588c7697
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8c9f0c19def391543ede5329b83427e623afd46d2449ca212456f24aaab16e70
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95a1d547aa307c9aeeea1bca384352e925bb5bbadd4103262db547ce58facd18
965a1b74d95d6fa808be10114f2ef0006b8cf5edbcacaae0d2a154c3b1d67f60
98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228
99e5dc98a3afdc1771cfa42e700d598b0d9c17290174fd03666664191b172035
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039
ad597bd5da1121fc44e3a2176d030b49872c8e3f19d47fdb217668bfd4785f78
b06ce9dae1b2dc0759e5786c1a652ec2efed2784643c44c0ee35901c0f325043
b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
c192b274ecde65bc4ebd78ba7c380f898cee74d10e872596d576231560d0f921
c5a2731fe039aa470014f5cffdf36bde7bef0e2b83ecd7ed10a77bdcde798368
c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e
d2ec796bd833a4c3c2718db3ca6225390be8e4d7b7173160222b28ca95a0307c
d37d330957959c3452512b29c0dfb54083e063754a60a97325d12baabb3833c5
d68a2c362d9793da582eca13d841e0c330d7efc12981a157fe76e6867befc316
d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dda7f99a7bd69f50ccf17ee349594c93c94b92584949b173bd1f60e35fc65a98
df49112f965565d7af2a8ac08e7000ab6c2731ced4340c2b6c89a8097e94c2ea
e2e0ca6c334b925d7fdcdd9bc7f6abf88e42ccab09c030240e850daddcd2974d
e2ee255c79d4d1e67905e4672fde062b2bf59496753516070ddf7998699a6989
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f88d7a194e7f67fdc5e4f2cedd32e1d040d9976e4814adcaf7e56330a0653d5c
fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351

weirdorconfusing.com Open in urlscan Pro 35.198.80.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

70 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

2729 kBTransfer

6607 kBSize

5 Cookies

15 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

weirdorconfusing.com Open in urlscan Pro
35.198.80.163 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

70 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

2729 kB
Transfer

6607 kB
Size

5
Cookies

72 HTTP transactions
0 data transactions