www.guest-articles.com Open in urlscan Pro
2606:4700:3035::ac43:8e67  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Show response www.guest-articles.com/news/	22 KB 7 KB	221ms 189ms	Document text/html	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.11 Resource Hash 35e382a07e559edf3cd4cfad6cdd9ba90103c118fed7ef92639526c51387de5b Request headers :method GET :authority www.guest-articles.com :scheme https :path /news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.4.11 set-cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668; path=/; secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 0aac99d7c000004ed3ae087000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uohFlqUGHmJeeoHr86esVtnGRqX32X25g%2FtdKai%2FgFi2lm735a97689SF8QmLQMkgQwwzHR0y68zQjRkSbiMX80PTtF9Z6PUlP%2FhWMCW5Vxn2QlJa7t98ReFOpOxJE0TVlKOEwkcTNyPIz6V2JTZOA%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 65f45f3939ec4ed3-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	bootstrap.min.css www.guest-articles.com/admin/css/	156 KB 21 KB	53ms 41ms	Stylesheet text/css	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guest-articles.com/admin/css/bootstrap.min.css Requested by Host: www.guest-articles.com URL: https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6 Request headers :path /admin/css/bootstrap.min.css pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1935270 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0aac99d89300002b899f343000000001 last-modified Wed, 22 Apr 2020 15:09:45 GMT server cloudflare etag W/"26f1b-5ea05e39-9654748b9919a61a;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=adaScA9jWgjReqOD%2Bz%2F19w4eAvxD%2FdKqLhAEpcD6zdL2QDuJCSVc5pQN%2F3Wi75DY6xkTPfoMR%2BclKp6JONuij490S6wX5cKp8Wuuj52s1aPg3WvckG%2BhShlR5wEPMuEFHYqi1ZWxRfmU4P4hix8v1g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=2592000 x-turbo-charged-by LiteSpeed cf-ray 65f45f3a8ed32b89-FRA expires Tue, 22 Jun 2021 05:16:06 GMT
GET H3-29	200	logo2.png www.guest-articles.com/	4 KB 5 KB	63ms 51ms	Image image/png	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.guest-articles.com/logo2.png Requested by Host: www.guest-articles.com URL: https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7 Request headers :path /logo2.png pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 4527377 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 4363 cf-request-id 0aac99d89200002b8945b54000000001 last-modified Thu, 26 Dec 2019 10:06:17 GMT server cloudflare etag "110b-5e048619-7fa20e768bf2fb9c;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=D3gd6kT6CaubLpWKIyDucdgdvzPGntAoIrU9p%2FRAyw3QF7I6Zg9bqWBmxsr0o%2BCGbaRAoj3RDI5QzdIu9fI60IOKqw0H%2BwpskY6XnxSwq9wJurjya7%2B4%2BhcZQI8DrOkyr5gUXMRbyIoKYWHYzRDPsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 65f45f3a8ed12b89-FRA expires Sat, 23 Apr 2022 05:14:19 GMT
GET H3-29	404	344110oiyu.JPG www.guest-articles.com/images/	3 KB 3 KB	71ms 60ms	Image text/html	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.guest-articles.com/images/344110oiyu.JPG Requested by Host: www.guest-articles.com URL: https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7aac1d06fe95805dc35e891e10dcf6e30b7ecbe67b2b9eb75513b26a182d151 Request headers :path /images/344110oiyu.JPG pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br cf-cache-status MISS last-modified Tue, 25 Jun 2019 07:01:31 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sDVAYvttjUhhX2%2FlSQZA%2F%2FT5bun8jzPaW5Jrpm4t%2FT5FKL9rl8ivQnyD5G4qA8o%2FZtRWuiVpbSz5rSszE%2B2P8FdLPEshVbh7eYMI3VWxnxpEKyuBtmdDN3eWqdgTEVn1yDtsqVUZGnNM37KtVfkeIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=86400 nel {"report_to":"cf-nel","max_age":604800} x-turbo-charged-by LiteSpeed cf-ray 65f45f3a8ecf2b89-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0aac99d89200002b89bc817000000001
GET H2	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 5 KB	25ms 10ms	Script application/javascript	2606:4700::6810:a823 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: www.guest-articles.com URL: https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"cf-nel","max_age":604800} vary Accept-Encoding cf-request-id 0aac99d89d00004e2553a9a000000001 last-modified Tue, 08 Jun 2021 15:58:01 GMT server cloudflare x-frame-options DENY etag W/"60bf9389-302c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=huhuFEggFj5cgzTkmdl3mZfhkaYV5%2FyqsqT9Ed53VjrglCmlk%2Fi4N480IjSEdvGy92krdJO7FhF1kzblRHxJzHlHJPtTtodGuxRXbvr6vcmXV420EHzVRZ5whX6iccg205hk2gMeZzufHXwK"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800, public cf-ray 65f45f3a9abd4e25-FRA expires Wed, 16 Jun 2021 14:50:36 GMT
GET H2	200	beacon.min.js Show response static.cloudflareinsights.com/	13 KB 5 KB	43ms 22ms	Script text/javascript	2606:4700::6810:5f41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js Requested by Host: www.guest-articles.com URL: https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding gzip last-modified Fri, 28 May 2021 17:24:20 GMT server cloudflare etag W/"5753bdd2-d310-49fa-bd2b-065a8e512116" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 65f45f3a9e8d97fc-FRA cf-request-id 0aac99d8a4000097fc3b2a4000000001
GET H2	200	js Show response www.googletagmanager.com/gtag/	91 KB 37 KB	53ms 30ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-66414585-12 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d53328c8694444c728d3858a9a4e37aff14936e6c06e428cf2ea96ce5a05897b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37009 x-xss-protection 0 expires Mon, 14 Jun 2021 14:50:36 GMT
GET H3-29	200	bootstrap.min.js Show response www.guest-articles.com/admin/js/	59 KB 15 KB	21ms 21ms	Script application/x-javascript	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guest-articles.com/admin/js/bootstrap.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Request headers :path /admin/js/bootstrap.min.js pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 258842 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0aac99d8b400002b8999a74000000001 last-modified Wed, 22 Apr 2020 15:09:45 GMT server cloudflare etag W/"ea6a-5ea05e39-8519513de6195075;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PnckYOl10VAfnfg%2BXV4GvUkYICrJcc8RKmV2FHCi%2FCYZyqpsBhaU332NuSqPKvYPO7rSO1L%2FjinWY7FCIqPB5O5GxSphqMflAA9UOpUjzGmhGlIUf9XoTTtjgBKtj7I1EWq%2B4LMuMqQxce4r3BeO7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 65f45f3abf652b89-FRA expires Fri, 18 Jun 2021 14:56:34 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	27ms 12ms	Script application/javascript	2001:4de0:ac18::1:a:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Origin https://www.guest-articles.com Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1623682236.dop018.fr8.t,1623682236.cds236.fr8.hc,1623682236.cds142.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	software-akutansi-570x320.png blog.payrollbozz.com/wp-content/uploads/sites/28/2021/02/	176 KB 177 KB	754ms 634ms	Image image/png	104.21.42.45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://blog.payrollbozz.com/wp-content/uploads/sites/28/2021/02/software-akutansi-570x320.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.42.45 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b523d0b2002feb046f0cd96fd8bbbe1fba18df48e535fd8624ebf0009d059a4 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:37 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 180194 cf-request-id 0aac99d9bc00000d4e898ec000000001 last-modified Mon, 01 Feb 2021 23:07:28 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qmv55Qfu72H0PI5L0pLPdFzhmI9TLe04Rqp%2BjXoChQPeWDM4yHLJKFKff3DUbKjrQ5OAoVRhFugCgnzt%2BSVfjf2iB0EolMnCsGBamcy0yC7qAXEF7UdQDgYUFi6WsdvaVsI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 65f45f3c5e3f0d4e-ARN expires Tue, 12 Oct 2021 14:50:37 GMT
GET H3-29	404	6478e292a2da10f54833a33f2c1e16b90b5f.jpeg www.guest-articles.com/images/	3 KB 3 KB	51ms 51ms	Image text/html	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.guest-articles.com/images/6478e292a2da10f54833a33f2c1e16b90b5f.jpeg Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d4eddbda2b2d4fede94d26d6b48e15a1ca1cc0904c5296604964ee4c978154 Request headers :path /images/6478e292a2da10f54833a33f2c1e16b90b5f.jpeg pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br cf-cache-status MISS last-modified Tue, 25 Jun 2019 07:01:31 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=PFX5NJ8vlYt8DhsqAjp8fF3sAerVcKfFEwyAaTY4%2BlQR4Qd8o%2Fl8GLlyco0ZNLRjUv8oS3agW2YPZhXbO2tr2pQ1RfgAgXFgKDNa9KOXZuGYd3%2FTTNU4Z4yKsWTooa8PSdHI8WNnsrDGhqMLCwcNbQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=86400 nel {"report_to":"cf-nel","max_age":604800} x-turbo-charged-by LiteSpeed cf-ray 65f45f3b79632b89-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0aac99d93100002b89a6b71000000001
GET H3-29	404	6074dr_anthony_fauci_1286586809.jpg www.guest-articles.com/images/	3 KB 3 KB	43ms 43ms	Image text/html	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.guest-articles.com/images/6074dr_anthony_fauci_1286586809.jpg Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4de7d741f5000aad410dcdc33e200c3739ac25776199c157a517cfad6e2047ef Request headers :path /images/6074dr_anthony_fauci_1286586809.jpg pragma no-cache cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method GET Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br cf-cache-status MISS last-modified Tue, 25 Jun 2019 07:01:31 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=WKr9ZVS5O6232UIth3JRX8Xt8BVmt1t1dNWH2omqdcdPxO0iJXJ10ArPxn8VTwOX%2FKmplmt%2FJ6TEPaW1gBoheF1QA%2FZoSiI3ickXOWPwdrU4INX59Hd3LK7odm4dFnq868ynj4tl7uUfHJ1XUWQzyA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=86400 nel {"report_to":"cf-nel","max_age":604800} x-turbo-charged-by LiteSpeed cf-ray 65f45f3b796f2b89-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-request-id 0aac99d92c00002b8937bbd000000001
GET H2	404	1631Attack-on-Titan-Season-4-Release-Date-Trailer-News.jpg.webp img.guest-articles.com/02-02-2021/	0 0	57ms 41ms	Image text/html	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img.guest-articles.com/02-02-2021/1631Attack-on-Titan-Season-4-Release-Date-Trailer-News.jpg.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
POST H3-29	200	rum Show response www.guest-articles.com/cdn-cgi/	0 171 B	14ms 14ms	XHR text/plain	2606:4700:3035::ac43:8e67 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.guest-articles.com/cdn-cgi/rum?req_id=65f45f3939ec4ed3 Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3035::ac43:8e67 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-fetch-mode cors origin https://www.guest-articles.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie PHPSESSID=007cc244af4d3e25b41d9c6a04670668 content-length 1545 :path /cdn-cgi/rum?req_id=65f45f3939ec4ed3 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json accept */* cache-control no-cache :authority www.guest-articles.com referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 :scheme https sec-fetch-site same-origin :method POST Referer https://www.guest-articles.com/news/lockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/json Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding gzip x-content-type-options nosniff server cloudflare x-frame-options DENY access-control-allow-methods POST,OPTIONS content-type text/plain access-control-allow-origin https://www.guest-articles.com access-control-max-age 86400 access-control-allow-credentials true cf-ray 65f45f3c3b7f2b89-FRA vary Origin
GET H3-29	200	js Show response www.googletagmanager.com/gtag/	119 KB 46 KB	34ms 33ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7be39057af741335fbf4f5f79221732a076bd3e06230e7752457b93024b51cb6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 14 Jun 2021 14:50:36 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46898 x-xss-protection 0 expires Mon, 14 Jun 2021 14:50:36 GMT
POST H2	204	collect www.google-analytics.com/g/	0 79 B	13ms 13ms	Ping text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3ZP9LWFNVK&gtm=2oe690&_p=1241756684&sr=1600x1200&ul=en-us&cid=1192315128.1623682237&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2Flockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020&dt=Lockdowns%20could%20be%20avoided%20if%20everyone%20followed%20health%20measures%20such%20as%20wearing%20masks%20%7C%20Guest%20Articles&sid=1623682236&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3ZP9LWFNVK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 14 Jun 2021 14:50:36 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guest-articles.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	11ms 6ms	Script text/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-66414585-12 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 6719 date Mon, 14 Jun 2021 12:58:37 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Mon, 14 Jun 2021 14:58:37 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	1 B 21 B	29ms 14ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1241756684&t=pageview&_s=1&dl=https%3A%2F%2Fwww.guest-articles.com%2Fnews%2Flockdowns-could-be-avoided-if-everyone-followed-health-measures-such-as-wearing-masks-19-11-2020&ul=en-us&de=UTF-8&dt=Lockdowns%20could%20be%20avoided%20if%20everyone%20followed%20health%20measures%20such%20as%20wearing%20masks%20%7C%20Guest%20Articles&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2081880995&gjid=672455008&cid=1192315128.1623682237&tid=UA-66414585-12&_gid=1857696843.1623682237&_r=1&gtm=2ou690&z=2136606900 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.guest-articles.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 14 Jun 2021 14:50:36 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.guest-articles.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| __cfQR object| __cfBeacon function| load_disqus function| $ function| jQuery object| bootstrap function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaData

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.guest-articles.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 007cc244af4d3e25b41d9c6a04670668

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
blog.payrollbozz.com
code.jquery.com
img.guest-articles.com
static.cloudflareinsights.com
www.google-analytics.com
www.googletagmanager.com
www.guest-articles.com
104.21.42.45
2001:4de0:ac18::1:a:3a
2606:4700:3035::ac43:8e67
2606:4700::6810:5f41
2606:4700::6810:a823
2a00:1450:4001:803::2008
2a00:1450:4001:829::200e
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
35e382a07e559edf3cd4cfad6cdd9ba90103c118fed7ef92639526c51387de5b
4de7d741f5000aad410dcdc33e200c3739ac25776199c157a517cfad6e2047ef
54d4eddbda2b2d4fede94d26d6b48e15a1ca1cc0904c5296604964ee4c978154
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
5efb0fac9c1b8228cefdcb4ac500cabd7d95507bb50e4acfe16e510303561db7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7be39057af741335fbf4f5f79221732a076bd3e06230e7752457b93024b51cb6
9b523d0b2002feb046f0cd96fd8bbbe1fba18df48e535fd8624ebf0009d059a4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d53328c8694444c728d3858a9a4e37aff14936e6c06e428cf2ea96ce5a05897b
d7aac1d06fe95805dc35e891e10dcf6e30b7ecbe67b2b9eb75513b26a182d151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d