rufyzyuua.gq Open in urlscan Pro
2606:4700:3030::6815:1e6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://rufyzyuua.gq/
Submission Tags: krdprod
Submission: On October 29 via api (October 29th 2021, 9:43:51 am UTC) from US — Scanned from JP

Summary HTTP 135 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 46 IPs in 8 countries across 33 domains to perform 135 HTTP transactions. The main IP is 2606:4700:3030::6815:1e6, located in United States and belongs to CLOUDFLARENET, US. The main domain is rufyzyuua.gq.
TLS certificate: Issued by R3 on October 22nd 2021. Valid for: 3 months.

This is the only time rufyzyuua.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:303... 2606:4700:3030::6815:1e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.51.209.187 23.51.209.187	16625 (AKAMAI-AS) (AKAMAI-AS)
3	23.51.210.213 23.51.210.213	16625 (AKAMAI-AS) (AKAMAI-AS)
6	13.225.159.93 13.225.159.93	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:822::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81f::200a	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:818::2008	15169 (GOOGLE) (GOOGLE)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:21d... 2600:9000:21d2:c00:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2 4	2600:9000:206... 2600:9000:2066:4200:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	52.64.60.86 52.64.60.86	16509 (AMAZON-02) (AMAZON-02)
1	52.95.134.39 52.95.134.39	16509 (AMAZON-02) (AMAZON-02)
2	2600:140b:1:4... 2600:140b:1:492::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	104.16.90.50 104.16.90.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	152.67.117.181 152.67.117.181	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2404:6800:400... 2404:6800:4008:c04::9d	15169 (GOOGLE) (GOOGLE)
1	18.139.31.36 18.139.31.36	16509 (AMAZON-02) (AMAZON-02)
1	52.74.123.238 52.74.123.238	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.120.155.137 34.120.155.137	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:813::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.120.117.212 34.120.117.212	15169 (GOOGLE) (GOOGLE)
7	142.251.42.162 142.251.42.162	15169 (GOOGLE) (GOOGLE)
2	52.77.151.98 52.77.151.98	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:2066:5a00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6	13.250.192.86 13.250.192.86	16509 (AMAZON-02) (AMAZON-02)
1	23.10.8.7 23.10.8.7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	103.43.90.179 103.43.90.179	29990 (ASN-APPNEX) (ASN-APPNEX)
4	13.213.101.30 13.213.101.30	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.220.112.148 52.220.112.148	16509 (AMAZON-02) (AMAZON-02)
1	103.231.99.77 103.231.99.77	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:820::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:81d::2001	15169 (GOOGLE) (GOOGLE)
8	2404:6800:400... 2404:6800:4004:80c::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:820::2001	15169 (GOOGLE) (GOOGLE)
135	46

22 2606:4700:3030::6815:1e6 (United States)

ASN13335 (CLOUDFLARENET, US)

rufyzyuua.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.209.187 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-209-187.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.51.210.213 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-210-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.225.159.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-159-93.nrt12.r.cloudfront.net

www.newideafood.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81f::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:21d2:c00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2066:4200:1e:a43d:b640:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.64.60.86 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-60-86.ap-southeast-2.compute.amazonaws.com

pixel.roymorgan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.95.134.39 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-2.amazonaws.com

s3-ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1:492::1931 (United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.90.50 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.67.117.181 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

pacmags.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c04::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.139.31.36 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-31-36.ap-southeast-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.123.238 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-123-238.ap-southeast-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.155.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:813::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f10f:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.117.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.117.120.34.bc.googleusercontent.com

ls.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.77.151.98 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-151-98.ap-southeast-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2066:5a00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.250.192.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.10.8.7 (United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-8-7.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.90.179 (Australia)

ASN29990 (ASN-APPNEX, US)
PTR: 592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.213.101.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-101-30.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c006:158::65 (None, )

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.112.148 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-112-148.ap-southeast-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.77 (Japan)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)

98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2404:6800:4004:80c::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	rufyzyuua.gq rufyzyuua.gq	382 KB
13	imrworldwide.com 2 redirects cdn-gl.imrworldwide.com secure-gl.imrworldwide.com secure-dcr.imrworldwide.com oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com	85 KB
10	googlesyndication.com 98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	154 KB
9	skimresources.com s.skimresources.com t.skimresources.com p.skimresources.com r.skimresources.com ls.skimresources.com	22 KB
7	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	157 KB
6	yahoo.com c2shb.ssp.yahoo.com	2 KB
6	newideafood.com.au www.newideafood.com.au	141 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	google.com www.google.com adservice.google.com	1021 B
5	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	179 KB
4	rubiconproject.com fastlane.rubiconproject.com	5 KB
4	3lift.com tlx.3lift.com	1 KB
4	roymorgan.com pixel.roymorgan.com	2 KB
4	google-analytics.com www.google-analytics.com	20 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	795 B
2	facebook.com www.facebook.com	532 B
2	google.co.jp www.google.co.jp adservice.google.co.jp	963 B
2	pinimg.com s.pinimg.com	19 KB
2	sail-personalize.com api.sail-personalize.com	475 B
2	facebook.net connect.facebook.net	113 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagservices.com www.googletagservices.com	64 KB
1	playground.xyz ads.playground.xyz	447 B
1	pubmatic.com hbopenbid.pubmatic.com	115 B
1	emxdgt.com hb.emxdgt.com	158 B
1	adnxs.com ib.adnxs.com	1 KB
1	rlcdn.com api.rlcdn.com	246 B
1	adsrvr.org match.adsrvr.org	544 B
1	gscontxt.net pacmags.gscontxt.net	103 B
1	embedly.com cdn.embedly.com	21 KB
1	amazonaws.com s3-ap-southeast-2.amazonaws.com	392 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	indexww.com js-sec.indexww.com	42 KB
135	33

	Domain	Requested by
22	rufyzyuua.gq	rufyzyuua.gq
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net rufyzyuua.gq
6	c2shb.ssp.yahoo.com	js-sec.indexww.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net rufyzyuua.gq
6	cdn-gl.imrworldwide.com	rufyzyuua.gq cdn-gl.imrworldwide.com
6	www.newideafood.com.au	rufyzyuua.gq
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	fastlane.rubiconproject.com	js-sec.indexww.com
4	tlx.3lift.com	js-sec.indexww.com
4	www.google.com	rufyzyuua.gq securepubads.g.doubleclick.net
4	pixel.roymorgan.com	rufyzyuua.gq
4	secure-gl.imrworldwide.com	2 redirects secure-gl.imrworldwide.com rufyzyuua.gq
4	www.google-analytics.com	rufyzyuua.gq www.google-analytics.com
3	t.skimresources.com	rufyzyuua.gq s.skimresources.com
2	secure-dcr.imrworldwide.com	rufyzyuua.gq
2	ls.skimresources.com	s.skimresources.com
2	www.facebook.com	rufyzyuua.gq
2	p.skimresources.com	rufyzyuua.gq
2	s.pinimg.com	rufyzyuua.gq s.pinimg.com
2	api.sail-personalize.com	rufyzyuua.gq
2	connect.facebook.net	rufyzyuua.gq connect.facebook.net
2	fonts.googleapis.com	rufyzyuua.gq securepubads.g.doubleclick.net
2	www.googletagservices.com	rufyzyuua.gq securepubads.g.doubleclick.net
2	z.moatads.com	rufyzyuua.gq securepubads.g.doubleclick.net
1	px.moatads.com	rufyzyuua.gq
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.jp	securepubads.g.doubleclick.net
1	ads.playground.xyz	js-sec.indexww.com
1	hbopenbid.pubmatic.com	js-sec.indexww.com
1	hb.emxdgt.com	js-sec.indexww.com
1	ib.adnxs.com	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com	rufyzyuua.gq
1	r.skimresources.com	s.skimresources.com
1	www.google.co.jp	rufyzyuua.gq
1	api.rlcdn.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	geo.moatads.com	z.moatads.com
1	mb.moatads.com	z.moatads.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	pacmags.gscontxt.net	rufyzyuua.gq
1	cdn.embedly.com	rufyzyuua.gq
1	s.skimresources.com	rufyzyuua.gq
1	s3-ap-southeast-2.amazonaws.com	rufyzyuua.gq
1	www.googletagmanager.com	rufyzyuua.gq
1	js-sec.indexww.com	rufyzyuua.gq
135	49

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.rufyzyuua.gq R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
newideafood.com.au Amazon	`2021-05-07` - `2022-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
api.sail-personalize.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
pixel.roymorgan.com Go Daddy Secure Certificate Authority - G2	`2021-09-29` - `2022-10-31`	a year	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-10-10`	a year	crt.sh
*.gscontxt.net DigiCert SHA2 Secure Server CA	`2020-01-22` - `2022-01-21`	2 years	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
ads.playground.xyz GTS CA 1D4	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://rufyzyuua.gq/
Frame ID: 3DD9B7790611D59F5AF4F9BE7475A368
Requests: 130 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: C1A32FE3F354B42B8D4FCBC6F8026052
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.415818271670261
Frame ID: 9B9103D885CD0C3DEC28C41166B56318
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 47AD289BB3DA46FD71448BB8CF8F646A
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BC4F88127B8C1401D9F13978A00C5B6C
Requests: 1 HTTP requests in this frame

Frame: https://98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E82ECA1ECBAA253213F9544AD6049F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

135
Requests

94 %
HTTPS

42 %
IPv6

33
Domains

49
Subdomains

46
IPs

8
Countries

1560 kB
Transfer

4719 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjstBlCNWXrTng5vVmkw4jDR5t-u3U-WUuscISpK-CDrIEB17EQTAy22mxsLc2Yx0XqAHrmLWUr0WV1DBBI7GNMcbN1DwtO-5yiu6JLCA2IVxpHpVwieWHZ6F0o4T04ba6oR-63I7igw6YcfHDAkjmL7zuKmNKDbfq8dKOKOscS9e4zR6CtPx1DGvzbjJphshuzc6cvE-_BvPBk4nvv0R28gMkyqtKP0vhI5pYHtIPz_UyOea9KBlXuj9tlC66ELa2pIyB91aO_2zVqHxKqshrtzuTUWpjWQ0pI9yuLy3AP-7flTZzgOapdv0otx8Pt7fCw&sai=AMfl-YQts5DJbwq_pRX6WoClP7SjwqD7hJi-sYvS-BUlayjxaCQ_cX1E5bq6tmR2o77ZrU_1KyS7uch-K6TuOQ-LYrj8dPv4cGfjM13xVVYQf7cXfBWBT2mSJ1bVNTPa3cY&sig=Cg0ArKJSzBkrY07pxDAl&fbs_aeid=[gw_fbsaeid]&adurl=http://www.magshop.com.au/salemass21%3Futm_source%3DRON%26utm_medium%3Ddisplay%26utm_campaign%3Dawmbhgmitigation

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAOqW1tbW3RydWVdLFtudWxsLCJodHRwczovL2dvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvaW50ZXJhY3Rpb24vP2FpPUJNWkJfVThKN1liYmVEbzdJMlFUbTU2VG9DcGJ4eElaR0FBQUFFQUVnLXF2RUp6Z0JXT3EyeDdlREJHQ0o4OFdFOUJPeUFReHlkV1o1ZW5sMWRXRXVaM0c2QVFsblpuQmZhVzFoWjJYSUFRUGFBUlZvZEhSd2N6b3ZMM0oxWm5sNmVYVjFZUzVuY1MtcEFoVlMwRzNLVDZrLXdBSUM0QUlBNmdJbEx6RXpOVE0wTXpBMkwxQkJReTlHYjI5a2FXWjFiQzl3WVc1allXdGxYM0psWTJsd1pmZ0NnZElla0FQc0NaZ0Q1QXFvQXdISUE1a0UwQVNRVHVBRUFkSUZCaEM3cUxYQUZaQUdBYUFHRktnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0hnQnhfU0NBY0lpR0VRQVJnZDJBZ0NnQW9GbUFzQjBCVUJnQmNCXHUwMDI2c2lnaD05N2hMd1dXUzFLOFx1MDAyNmNpZD1DQVFTUGdDTklyTE1BUW1FTThVSk1LNWVUaHVUVVVON0QxbUVRV3NVU0ZYSnFfM0ExVm13TkIxU1NnNGpHOWc2N3ZDUmEwbTh0LUx0Q05NLWR5aEc3eG8wIixbbnVsbCxudWxsLG51bGwsImh0dHBzOi8vZGlzcGxheWFkcy1mb3JtYXRzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hZHMvcHJldmlldy9jb250ZW50LmpzP2NsaWVudD13dGFcdTAwMjZvYmZ1c2NhdGVkQ3VzdG9tZXJJZD0xMDAwMDAwMDAwXHUwMDI2Y3JlYXRpdmVJZD0xMzgzNjA3NzM0ODJcdTAwMjZ2ZXJzaW9uSWQ9MFx1MDAyNmFkR3JvdXBDcmVhdGl2ZUlkPTBcdTAwMjZodG1sUGFyZW50SWQ9cHJldi0wXHUwMDI2c2lnPUFDaVZCX3hEYzg2V2h2RjBHVThQOUhnV3M4dnJlcWpsdlEiXSxudWxsLG51bGwsMSwiUjM4V2JuOUpWdVVJQUJDZDhMZmxDaGdBSWdCQ0YyTmhMWEIxWWkwMU9UUTVNalExTURRMU5UYzNPVGczU0FKWUZIQUJ1QUhxdHNlM2d3USIsIjI4OTcwODIzOTciXV1dLFsxLDEsMSwxXV07PukPSmA3kqmlNnoZHqeiF2dl1JAvslqigm2V-OXUff86Vu-3PpFpjQ27coXx50d2vPgR-eAUhva3gl6g-0Fp1NfBOl282mgCryh4KZFq0G_lb2NeJqQz0xxOP2O9MRF3MJPqiRQ8vWL86typRKZ64TFMb7NDYoa5CHdDsTGjv5S5eWggor1QnVebPF0x7v_eg_uvRs8B4to7WmA3BBGiTX0ukwI7C2B9Q1vLB4Zv9ax9rV8L8G83_XCxLfMFJ75zSU4aBGcWvnPqyvr3NLxSouTx7yjTtYQr6vBdm6P04d5iJMpJ9BIHv0yYaEIJIvVA5dKSZCUf0e_b4EGhaz19,RSYz5ZRUcE6hvGJW5mn4hw&source=display

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 69

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=PACMAGS_PREBID_HEADER1&hp=1&wf=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=690624655490&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=1&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A0%3A1973&fs=194999&na=192320397&cs=0&callback=MoatDataJsonpRequest_25205258&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Frufyzyuua.gq%2F&sr=1600x1200&id=lstrg-21a3cb7d21655508639f28aec9a6af70 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=PACMAGS_PREBID_HEADER1&hp=1&wf=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=690624655490&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=1&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A0%3A1973&fs=194999&na=192320397&cs=0&callback=MoatDataJsonpRequest_25205258&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Frufyzyuua.gq%2F&sr=1600x1200&id=lstrg-21a3cb7d21655508639f28aec9a6af70&ja=1

135 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
rufyzyuua.gq/ 90 KB
14 KB 737ms
590ms Document
text/html 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b297b30ac57eee2acc6421a07e53fa7fe0e1e4aee0194fee7b937f70999dd7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Fri, 29 Oct 2021 09:43:43 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYsa9PAzIwA43fNNosnZa%2FqUakQKVLp55wSCTMEax0%2FyvaUIjyDXHKMiuNQucAwWd28l1HZjSFBgVFxrASfMsOdZnQaCGnXK7yvxuS7HK8Pj5N%2BYFSDMuW7Z5tjlUVz7F74870foLMO3xYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a5b760fe91cf8e7-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK 187830-144469699220734.js Show response
js-sec.indexww.com/ht/p/ 155 KB
42 KB 1302ms
1251ms Script
text/javascript 23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.187 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c21956945f2c5a905a191609c858d9bd2706f13532d19e2f14af43975eac666b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Oct 2021 09:41:48 GMT
Server: Apache
ETag: "da09c8-26b2a-5cf7aa2d2fbef"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 29 Oct 2021 10:43:44 GMT

GET
H2 200 yi.js Show response
z.moatads.com/pacmagsprebidheader289589025347/ 215 KB
75 KB 62ms
19ms Script
application/x-javascript 23.51.210.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pacmagsprebidheader289589025347/yi.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.210.213 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-210-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 33cf27d659550644c3c862cd3517060fd1d0009efa15b375fb4b015368b9a918

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 15:27:14 GMT
server: AmazonS3
x-amz-request-id: H3AQ8JWJA4S6FD44
etag: "1ef19b57bd672d2b06bc7b7c6a0737bc"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19589
accept-ranges: bytes
content-length: 76723
x-amz-id-2: muhYrRcvJQhgqXfor4H5XBylHlOZklQUEVxDEm+IughVMRATG0GU8i2KcizcZ77WzUENOAYllW0=

GET
H2 200 brand.d7fd28b10ba75fc40a3b.css
www.newideafood.com.au/Branding/NewIdeaFood/ 317 KB
54 KB 85ms
33ms Stylesheet
text/css 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Branding/NewIdeaFood/brand.d7fd28b10ba75fc40a3b.css
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: 99e815f63e63f3547ccf41876d7b8657684dc00ea30e8680653b80ba72cbd948

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 09:06:38 GMT
content-encoding: gzip
age: 1211826
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 14:06:08 GMT
etag: W/"0887a67193d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: text/css
via: 1.1 ccbc34c31d1270b000318b6f37ee028f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
x-amz-cf-id: KxACyosRpBpA45o_UiuhOZXUh960ojJB97bUBO8At7Xu32_2K6GUKA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 159ms
54ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5d569e3565423b4e329da9b7b9475544096d6372b07e2f5d0cdb440cbb7766e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1027 / 925 of 1000 / last-modified: 1635462361"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27311
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Oct 2021 09:43:44 GMT

GET
H2 200 runtime.bfbbe49a475aa79e721d.js Show response
www.newideafood.com.au/Branding/NewIdeaFood/js/ 1 KB
1 KB 76ms
24ms Script
application/javascript 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Branding/NewIdeaFood/js/runtime.bfbbe49a475aa79e721d.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: 40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 23:28:55 GMT
content-encoding: gzip
age: 1678489
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 14:06:30 GMT
etag: W/"07797137193d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/javascript
via: 1.1 ccbc34c31d1270b000318b6f37ee028f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
x-amz-cf-id: 6AM3Sy7sOkEjApWQ2yGW64dtLWW24TukVI6n4DCiBlUydksADi1Fxg==

GET
H2 200 vendor.cdbc7dca8c9c72701d47.js Show response
www.newideafood.com.au/Branding/NewIdeaFood/js/ 126 KB
41 KB 115ms
63ms Script
application/javascript 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Branding/NewIdeaFood/js/vendor.cdbc7dca8c9c72701d47.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: dbf28eff1ff1ebe28a7761d77b7d6ab0b47ee8dcc7db974544ee9c9e87b8486c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 23:28:46 GMT
content-encoding: gzip
age: 123297
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 14:06:30 GMT
etag: W/"07797137193d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/javascript
via: 1.1 ccbc34c31d1270b000318b6f37ee028f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
x-amz-cf-id: o20dbK605N2ht50TSvNRp68b9Bydywk8PL7nhBtyQoyied3Dyyzg5g==

GET
H2 200 ads.9600713d1f27caba027e.js Show response
www.newideafood.com.au/Branding/NewIdeaFood/js/ 29 KB
8 KB 105ms
53ms Script
application/javascript 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Branding/NewIdeaFood/js/ads.9600713d1f27caba027e.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: d79a06ce53ae434a01cbcb984b67f2401dcb479df877847f4ec378708cfa82d4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 01:57:45 GMT
content-encoding: gzip
age: 6162359
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 15:06:30 GMT
etag: W/"0df5b757993d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/javascript
via: 1.1 ccbc34c31d1270b000318b6f37ee028f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
x-amz-cf-id: qgsH7v2UNFPOZIIVopZYY3fOFc5XxcNBLmk6po9VqLenoXcXEsLtyA==

GET
H2 200 main.279d05effc545250597a.js Show response
www.newideafood.com.au/Branding/NewIdeaFood/js/ 151 KB
36 KB 107ms
56ms Script
application/javascript 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Branding/NewIdeaFood/js/main.279d05effc545250597a.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: c010d7538256567a8bb435706cecee0e6d79e21f45b98d33546bc60ea05b3948

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 14:07:51 GMT
content-encoding: gzip
age: 1366553
x-cache: Hit from cloudfront
arr-disable-session-affinity: true
access-control-allow-origin: *
last-modified: Tue, 17 Aug 2021 14:06:30 GMT
etag: W/"07797137193d71:0"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/javascript
via: 1.1 ccbc34c31d1270b000318b6f37ee028f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
x-amz-cf-id: yUjg4hnf1gpKTjVGK26-N3O7hn-JXxDVGu-vuGYL6Tf1hdN3BCGsaQ==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 121ms
51ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mukta+Mahee:400,600,700|Noto+Sans:400,400i,700,700i

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e175ff67d1b831460fe566d6f595539e5c666241c2d614c8918c95a71300d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 09:43:44 GMT
server: ESF
date: Fri, 29 Oct 2021 09:43:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 09:43:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 90ms
16ms Script
text/javascript 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 1406
date: Fri, 29 Oct 2021 09:20:18 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19747
expires: Fri, 29 Oct 2021 11:20:18 GMT

GET
H2 200 brand.d7fd28b10ba75fc40a3b.css
rufyzyuua.gq/css/ 317 KB
55 KB 997ms
995ms Stylesheet
text/css 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/css/brand.d7fd28b10ba75fc40a3b.css
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7877f927239cec9b42ab2c871d665330e4ef4376a4e6757f806bb5ddaeec9d69

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"4f3a3-5cf1e8e5a8b17-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWn7MQ1F6o2q4dtDVreSms5vbt%2F%2BeS%2Bupk0h3ZVbV%2BICSfq4UUWWKZQTlmlSHyWI%2F3OERWC%2Bxdbk3yHJQ21T7bOCAkaqwT8oC4GW5Kl%2FkeQdPVo4iaB5gT0vNMB0pnb3l8KT38HWgFgacbc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d801f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css.css
rufyzyuua.gq/css/ 1 KB
572 B 497ms
496ms Stylesheet
text/css 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/css/css.css
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64dbf1e334d3fb268f5230a9a0552f8d867a5fa6dde9fe10d5ef037584ce3ed0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"462-5cf1e8e428e40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BThvem%2BBvO6MWg5gt7VK22KpYQmVQBojr%2BOSSpqidzMXXA5lw5es1aEiATMhN7VD%2B%2BGWW6AAoGE%2BFMOWbvCFcBP9ip%2B53Zo%2Bggdvzh%2Bh9uKCK5fw4jW80hF9xgAgoh7aJ0LGZO1vFgY4Sg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d802f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 runtime.bfbbe49a475aa79e721d.js Show response
rufyzyuua.gq/js/ 1 KB
1009 B 529ms
528ms Script
application/javascript 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/js/runtime.bfbbe49a475aa79e721d.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"5d4-5cf1e8e40b97c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auZvZaGlmbz2GT2dEHg4BZaSvRjjeewvus847h5AokSiTi0%2FpkAiJCb38UnB8ge03I3yhrpem%2FDxaK0psJnKSSXmmodYmtfdcWjFqUiNpNWcquuabLlOArGrJKrYGprLovcsBAvUGP6ffY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d804f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 vendor.cdbc7dca8c9c72701d47.js Show response
rufyzyuua.gq/js/ 126 KB
41 KB 708ms
707ms Script
application/javascript 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf28eff1ff1ebe28a7761d77b7d6ab0b47ee8dcc7db974544ee9c9e87b8486c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"1f7b5-5cf1e8e40c91c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1%2BEo4EwFhJnHwR0pNAYBcgR1VN7DOnxEjOktIe149dufPbPqWRFvqV6Xi5a9WiDeDQ4%2Bn6l5%2FMiy8uUET%2BiYogtsUN0gz8SGzYNXBhRiU8jP%2FaVLcPbeC5CiSTkneDpLcRujqz0tSo07TU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d805f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ads.9600713d1f27caba027e.js Show response
rufyzyuua.gq/js/ 29 KB
8 KB 505ms
504ms Script
application/javascript 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/js/ads.9600713d1f27caba027e.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d79a06ce53ae434a01cbcb984b67f2401dcb479df877847f4ec378708cfa82d4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"74b8-5cf1e8e40b97c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TARWnyhCTD4Pctae4QWvhm91ki9pXJ%2Fi7FjLWA0vHJroZQDG5DskuMaTCBgSD08vYbGPRxuWCnVSmaxL%2BzOAGLufwRaPqjgmyRNudCR4QP7WTF%2BB%2BEDfxaSBwguofuOQC9czc5bvztgnSnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d808f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 enhanced-header-logo-alt.svg
rufyzyuua.gq/fonts/ 9 KB
4 KB 539ms
538ms Image
image/svg+xml 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/fonts/enhanced-header-logo-alt.svg
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e928f0d75fe0416938c219a6b5f2cfad4ee6653809f0a80820e50ee193c92321

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"224a-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOMSGNg%2BbfR2XwVRM%2FJEedbKBt6bdvWsgg0oBV%2Bt5LuRDuLJyULvvCE5FVaecnfItdD1nTyKS%2BnLZAqkeMZpVy3ZV7wWhiVNsDCJaDlFO1ub80EDmWx%2FbK%2Fvwuvfx5Gby4mFkU5DI5IYvSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d80df8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 enhanced-header-logo.svg
rufyzyuua.gq/fonts/ 7 KB
3 KB 530ms
529ms Image
image/svg+xml 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/fonts/enhanced-header-logo.svg
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff1303b15acfcab3dcbb8165076b69fcfc3dbbd81280b5b027e477c129354f3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"1ca7-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8fw4%2FEQUG7RLifha%2BLGkrSzfatQUZBYHLp6ZBmE%2Bhy9L%2Focyz545xNd0raH1eTQUOFUuQmUiteOnAcYVOptwakpvGN78QiKdbp6ZJcGc6kQomm1ojoDJca56SvMFXFyZw5V0%2FX9Vxg9DQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d80ef8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 woolworths-logotype.png
rufyzyuua.gq/images/ 24 KB
25 KB 721ms
721ms Image
image/png 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/images/woolworths-logotype.png
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c748e95e1974d3f8238c5522e45c023f5f1fbae889fb8a33684a72b81dc5ee86

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: "6196-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlEconr%2FgpBx6OMIKWMWK5IRm5q6YqvEWAICLM1OZdWqGMH5fJqKD%2FkKKvaor5gmk8N8cEBAso6TRzJWyZri7ki3fW%2BOMIMHwYoi1%2B%2FkZxhpCCSrUgfThVNrTbKTvQKrxKs7MYkkAm4vGGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a5b7613d810f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24982

GET
H2 200 printable-icon.svg
rufyzyuua.gq/fonts/ 2 KB
960 B 521ms
520ms Image
image/svg+xml 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/fonts/printable-icon.svg
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ae54e468057e77c6182379768c04048915e5c24593937774502dd66097a496

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"6a9-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQL%2F3uetjtf2jjy5xpq3lecgXlgSCgjqfpoRL8sdlIDIZBbVtybIGyn6Y%2BFsZLR2JzjV907gtXiMJuih%2F7t7E2xceSszDzf25RYl9QAI5qNkNIFFUyFs2DIGIBwXgo8%2FKF8tf0l2Ow9ta4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d812f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 brand-logo-footer-new.svg
rufyzyuua.gq/fonts/ 7 KB
3 KB 489ms
489ms Image
image/svg+xml 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/fonts/brand-logo-footer-new.svg
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fff1303b15acfcab3dcbb8165076b69fcfc3dbbd81280b5b027e477c129354f3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"1ca7-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtwUmUeNRNdXUc3HaCQPyt46zZFpKLaSS5zqMQKqt8Q1MJss%2BbSFxQxMFWZmcRawyeOE0w0xA43N1I1Dz1LKhCdt%2FE2dZ74qaXkruQ6bcaPNuGuFnZe4O3JkRKMqSYqxzmtxxmsjWT18Vvg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d814f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ni2123-edm-cover.jpg
rufyzyuua.gq/images/ 22 KB
23 KB 723ms
722ms Image
image/jpeg 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/images/ni2123-edm-cover.jpg
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65ed4b54d953753f3c35af84865a8f536a9abb0cd2b0a01dbd7b5f99e6e71139

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: "59c9-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gcs24tCe3P9qUMv4w0ayk4%2BENo1oAwsHSWSaKR6DlombY%2Fo7qWK3b%2BIQhuryPCzWbAtzgJ8V0DlUbLMzcLSuZMyxESGXc7rreLccUg1UdOn6kitXwgEdBqRyE7zvfWXpFI4ZxiGi4rO6Rn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a5b7613d815f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22985

GET
H2 200 main.279d05effc545250597a.js Show response
rufyzyuua.gq/js/ 151 KB
36 KB 731ms
731ms Script
application/javascript 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/js/main.279d05effc545250597a.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c010d7538256567a8bb435706cecee0e6d79e21f45b98d33546bc60ea05b3948

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"25d56-5cf1e8e40c91c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pj9Z58uBQ%2B%2FlkfcZVSZq9BfUFleiD0CxTCR%2FiU1%2FHnDMJda1MFKKwLlo95UKJslE%2BNEA2lCpG1mmSVoepdwhL7WEZzFqBKtCF242Ia9trT1l48m3btvGGwylEsIsEMgNxtsuqh0LsWuSCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d818f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 spm.v1.min.js Show response
rufyzyuua.gq/js/ 121 KB
43 KB 964ms
964ms Script
application/javascript 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/js/spm.v1.min.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: W/"1e41b-5cf1e8e40c91c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWs7mn39FgS2TIl3YGvMu7BHyurNpIKzYeucQzcCZvih9NX8qvXZTm8WY%2FVesp6eMpjipXQ32ZoO1MtzAxHMGzqs3KQplDo0ugVeIH38nIPIHGYrhc8BmNZ%2BhUeuHNDr80Y6Gn6nAeDv8nY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b7613d81af8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i
rufyzyuua.gq/ 43 B
399 B 276ms
275ms Image
image/gif 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/i
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:44 GMT
cf-cache-status: DYNAMIC
last-modified: Sun, 24 Oct 2021 19:50:26 GMT
server: cloudflare
etag: "2b-5cf1e8e40b97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W5a%2FmBIyHwtRjj9SHhg9yZv9OqkjBI%2B194izt1NOu0alwivJ5q3BjKn94UcQfgyQwwnuRBqraDDJjlRfbQ%2FSxR0EXEXCJExC6J09%2BEq66L%2BRGWl55mesPlyB%2F8Bbb3jF4m%2BqRu%2F%2BPNAAPQw%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6a5b7613d81bf8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 64ms
19ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: qSxyLgPSKs0yfxjc32/SFoj2JRAscUyqevUNGmJkYgrR2Fxsa3yQ8kMdIbv4Jg1nwowjJvKb1lka9tStYCO7oA==
x-fb-trip-id: 382461245
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 29 Oct 2021 09:43:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 145ms
66ms Script
application/javascript 2404:6800:4004:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PJBXV7N

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ade892e32b37ebf3a6faaf9d9ae891d1419e94cfc29e0c2f6eb3029d1974f2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30164
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 29 Oct 2021 09:43:45 GMT

GET
H2 200 XRXN3IOIi0hcP8iVU67hA9MVdSoALHM.ttf
rufyzyuua.gq/fonts/ 52 KB
28 KB 948ms
947ms Font
font/ttf 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/fonts/XRXN3IOIi0hcP8iVU67hA9MVdSoALHM.ttf
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383110dfd0d23652d690d8bccbe5167d22c46a25a7af1c3ba2f55ea490c908e4

Request headers

Referer: https://rufyzyuua.gq/css/css.css
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"d0c8-5cf1e8e5bf27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKiHtvzQYpxIWFYcx5k2lNrRxntky2%2F5inNeyUWdsy9ZBB7rJtq%2FCoYbjKsFFPcrk%2B0pkCk6iB7OJ0jslNHZaqeo%2B8Uiv7TSN%2FGJEr%2FsKqXhZHGz1BlOuGlEUx18k2gMm%2BmPJAjjqsz1eIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b761aac86f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 XRXN3IOIi0hcP8iVU67hA9NxdCoALHM.ttf
rufyzyuua.gq/fonts/ 54 KB
28 KB 919ms
918ms Font
font/ttf 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/fonts/XRXN3IOIi0hcP8iVU67hA9NxdCoALHM.ttf
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a795bc5038032105f62420ba9a60d1413a0f50031ed7bd33acdf434b373173

Request headers

Referer: https://rufyzyuua.gq/css/css.css
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"d680-5cf1e8e5bf27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5Y4MSbfnAzAfJh1gFCPlpAcnVqBkkK6vC3NQ7LeLBpXAYlc9PH7pW7nTaZUiBepUgkpEqEH7AFetY5eoko0KlUMZDapQzUX7gKBEADZhQrF9kk2WHe1ri0zqAGv8%2BuItazHCdJxqnHHTLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b761aac9ef8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRF.ttf
rufyzyuua.gq/fonts/ 30 KB
20 KB 739ms
738ms Font
font/ttf 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/fonts/o-0IIpQlx3QUlC5A4PNr5TRF.ttf
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2761ab9db801a318abc6fe3ee3c8d20ef9a6162e15e0367dc42b83430b7038e

Request headers

Referer: https://rufyzyuua.gq/css/css.css
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"76a8-5cf1e8e5bf27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjKB0r4xLGu1jVy1vSkk%2BagaGVOIcN5OmcxhCAaHZYWlqg49goyGCm0S3go0%2FxqDyhhr%2BD3XT5QZc4XkqiqXnRxJnccsMfeoLMEiCAN3YDdFeAxtkzwv0adYeyDFlQBy4hkaZhlvxFj0Ok4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b761aaca0f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ff3b63d0fa4df3bd11cceb2be375cfcb444c617cb3f82aee6c07ba23a559ea5

Request headers

Referer
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyE.ttf
rufyzyuua.gq/fonts/ 30 KB
21 KB 717ms
717ms Font
font/ttf 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/fonts/o-0NIpQlx3QUlC5A4PNjXhFVZNyE.ttf
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d660d0243a84278e891c290a323e65383f7e05297e512cd49bc59870061a790b

Request headers

Referer: https://rufyzyuua.gq/css/css.css
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"7844-5cf1e8e5bf27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j4SB%2F3DPk3grzsHTxC1tQbXCn8KQ0ovFsARbveVjOFpeWZr6gM1b9Z%2BtVB1dinxD5lHi2UAixPsZaWGzq5J%2FGqwSqjhZMmXof9NhnPV%2Bj1kjIh5V3MuAb0YGvNHQo2qhN0%2FIU07kENriDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b761aaca2f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 XRXQ3IOIi0hcP8iVU67hA9vKUTo.ttf
rufyzyuua.gq/fonts/ 53 KB
27 KB 912ms
912ms Font
font/ttf 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rufyzyuua.gq/fonts/XRXQ3IOIi0hcP8iVU67hA9vKUTo.ttf
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/css/css.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2808140ccff23ef73c447a371b3275bb91514c87897d5eb4926701166394a028

Request headers

Referer: https://rufyzyuua.gq/css/css.css
Origin: https://rufyzyuua.gq
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 24 Oct 2021 19:50:27 GMT
server: cloudflare
etag: W/"d40c-5cf1e8e5bf27a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pM0Xsxv2HlDlngfiX5g6hpg%2B90GXZVRikyUl1xsUXCFEy1EdM3%2Ba%2BAiHd7pv82EA7lAAXTxvxp4P1pbTkeUYhI6Cvg3J6CkvksACfNoKP57Cfos2nwhVlHFYxrrMp86lbQP69yjzfn8C2mw%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a5b761aaca6f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 54ms
53ms XHR
text/plain 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=77653217&t=pageview&_s=1&dl=https%3A%2F%2Frufyzyuua.gq%2F&ul=en-us&de=UTF-8&dt=American%20Pancakes%20Recipe%20%7C%20New%20Idea%20Food&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2029775730&gjid=684460713&cid=894526825.1635500625&tid=UA-2988970-29&_gid=1100937060.1635500625&_r=1&_slc=1&z=781830542

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 480ms
156ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Origin: https://rufyzyuua.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow: HEAD,GET,OPTIONS

GET
H2 200 ggcmb510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 12 KB
5 KB 85ms
24ms Script
application/javascript 2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6XrFclzZrCpK6VsHWnjUPjBmJYkrcnf.
content-encoding: gzip
etag: W/"afa0d379b1e6e0a61fad577d0043ff26"
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
server: AmazonS3
age: 1375
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 29 Oct 2021 09:20:51 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: oK-g08jV83ED6Wm7POSP94RbypRFwB1DvFd8FWfME1Z5Fa0UcjYWKw==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

14ms
14ms

Script
application/javascript

2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 74071
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 28 Oct 2021 13:09:15 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: Oqr6oGb-OCpDCbrCaClK9cGu2KyQ4tRv0dZNqGqEl9oFhdXcq_PJhw==

Redirect headers

date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: NRT12-C5
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: hCpvlYXSX_zcly4FVmqXKbywtCgZKEpDYPyAKiKe0t3foB44g_Tpug==

GET
H/1.1 200
OK Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
513 B 554ms
116ms Script
text/javascript 52.64.60.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=m8frgflsxh&ca=20003958&a=d4txuwip&cb=1635500625137

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.60.86 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-60-86.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: none
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from pixel.roymorgan.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Content-Length: 0

GET
H/1.1 200
OK Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
513 B 558ms
120ms Script
text/javascript 52.64.60.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=m8frgflsxh&ca=20001092&a=jmtr1l0t&cb=1635500625137

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.60.86 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-60-86.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: none
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from pixel.roymorgan.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Content-Length: 0

GET
H/1.1 200
OK Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
513 B 554ms
116ms Script
text/javascript 52.64.60.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=m8frgflsxh&ca=20003995&a=d4txuwip&cb=1635500625137

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.60.86 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-60-86.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: none
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from pixel.roymorgan.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Content-Length: 0

GET
H/1.1 200
OK Tress.php Show response
pixel.roymorgan.com/stats_v2/ 0
513 B 556ms
117ms Script
text/javascript 52.64.60.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.roymorgan.com/stats_v2/Tress.php?u=m8frgflsxh&ca=20004000&a=d4txuwip&cb=1635500625137

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.64.60.86 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-64-60-86.ap-southeast-2.compute.amazonaws.com

Software

Apache / PHP/7.1.33

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: none
X-Content-Type-Options: nosniff
Server: Apache
X-Powered-By: PHP/7.1.33
X-Cache: MISS from pixel.roymorgan.com
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store
Content-Length: 0

GET
H/1.1 200
OK -468x80-ads.js Show response
s3-ap-southeast-2.amazonaws.com/pd-public/scripts/_adview_/ 24 B
392 B 564ms
128ms Script
application/javascript 52.95.134.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-ap-southeast-2.amazonaws.com/pd-public/scripts/_adview_/-468x80-ads.js?pid=Ads
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.134.39 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5031b7f1ee6ca6fbb260d67518ba48265142fc13e0853e7be6d91ce098980ba7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:46 GMT
Last-Modified: Fri, 03 Mar 2017 05:46:56 GMT
Server: AmazonS3
x-amz-request-id: QBGBWX5VGG8GVHV0
ETag: "57aecc1189c245b1655413d234c5251e"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 24
x-amz-id-2: 1zQA9ZzbHIT4hsisGl3nxXEUkwu2FkVqgixBcVO26wlXTHvvbdnjgPTKwARqPpos2p/zgoSyNRk=

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
830 B 256ms
192ms Script
application/javascript 2600:140b:1:492::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1:492::1931 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 4e282b-23.15.14.116
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 105419X1625173.skimlinks.js Show response
s.skimresources.com/js/ 55 KB
20 KB 276ms
81ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/105419X1625173.skimlinks.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c562aa4bee1857c86aecc2752f49632ed218b46dc0837e1ee89fc3f13c62f4d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 09:39:12 GMT
server: AmazonS3
x-amz-request-id: TRSGN4D5EW7T7ZA2
etag: "58a057fff2a122574bb8b892c6e4990f"
x-hw: 1635500625.cds026.si2.hn,1635500625.cds235.si2.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 20606
x-amz-id-2: SSA9NeFotOz3hvUQOoeapebf55zriOe2KutlVAzCfWC9yBD423Gswg0JvdlkSatc/vx6s6X25co=

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
475 B 162ms
161ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: d4f276d6e8ecc70b94034c4add18c782ce370d1699173e4da0cf2ae29a798147

Request headers

x-lib-version: v1.0.1
Accept-Language: jp-JP,jp;q=0.9
authorization: Bearer 5c9c024d9e2e2e90f958e3c2e0b67297
content-type: application/json
accept: application/json
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
x-referring-url: https://rufyzyuua.gq/

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 174
allowedmethods: GET,OPTIONS
expires: -1

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 17ms
17ms Image
image/gif 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=77653217&t=event&ni=1&_s=2&dl=https%3A%2F%2Frufyzyuua.gq%2F&ul=en-us&de=UTF-8&dt=American%20Pancakes%20Recipe%20%7C%20New%20Idea%20Food&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=InfiniteScroll&ea=PageView&el=Page%20-%201&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=894526825.1635500625&tid=UA-2988970-29&_gid=1100937060.1635500625&cd1=Amy%20Sinclair&cd2=American%2Cpancakes%2Cmayple%20syrup%2Csweet%20breakfast%2Cstreaky%20bacon&cd9=1&cd3=Recipe&cd4=New%20Idea%20Food&cd5=14%20Mar%202019&cd6=21%3A46%3A11&cd7=Thursday&cd8=pancake%20recipe&cd10=&z=697734037

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:17:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73604
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GetCampaignContentIdsByCategory Show response
www.newideafood.com.au/Umbraco/Api/Content/ 0
386 B 80ms
30ms XHR
application/json 13.225.159.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.newideafood.com.au/Umbraco/Api/Content/GetCampaignContentIdsByCategory?activeCategoryId=1008923
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.159.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-159-93.nrt12.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 04:41:20 GMT
via: 1.1 3f51d1d2797ea1f0c9e6fe6c5804e982.cloudfront.net (CloudFront)
cache-control: no-cache
age: 18145
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD
content-type: application/json
access-control-allow-origin: *
arr-disable-session-affinity: true
x-cache: Hit from cloudfront
x-amz-cf-pop: NRT12-C4
access-control-allow-headers: *
content-length: 0
x-amz-cf-id: gF_3fCC4vIA5MfEnLGdwm-LJ0uDuO2esSfx58sG0VeNSwPj2Or60Ew==
expires: -1

GET
H/1.1 200
OK platform.js Show response
cdn.embedly.com/widgets/ 69 KB
21 KB 102ms
33ms Script
application/javascript 104.16.90.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/platform.js
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.90.50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 29 Oct 2021 09:43:45 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
x-amz-request-id: ESK57QTEVD5YYN5P
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: vrT/wpvm/acy0nqJrTkwR1wC6ra6n6BFwxmlRZH5iCoZz+BbLMiUcXCRrDQ75XkS4lOCHD6FBuk=
CF-RAY: 6a5b761c0b791eab-NRT
Last-Modified: Wed, 02 Jun 2021 21:18:28 GMT
Server: cloudflare
ETag: W/"1515208cf0f82e612ecf50bd9e1c1a3e"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
x-amz-version-id: kp_mKzjWqdPYjEdl.9aSC0zrgqj54UQa
Cache-Control: public, max-age=300
Content-Type: application/javascript
Expires: Fri, 29 Oct 2021 09:48:45 GMT

GET
H/1.1 200
OK channels.cgi Show response
pacmags.gscontxt.net/main/ 26 B
103 B 748ms
164ms Script
application/javascript 152.67.117.181
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://pacmags.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Frufyzyuua.gq%2F
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/js/vendor.cdbc7dca8c9c72701d47.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 152.67.117.181 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 26
Content-Type: application/javascript

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
444 B 191ms
56ms XHR
text/plain 2404:6800:4008:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2988970-29&cid=894526825.1635500625&jid=2029775730&gjid=684460713&_gid=1100937060.1635500625&_u=IEBAAEAAAAAAAC~&z=355754890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c04::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 29 Oct 2021 09:43:45 GMT
content-type: text/plain
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 225 B
401 B 401ms
122ms Script
text/html 18.139.31.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&callback=MoatNadoAllJsonpRequest_25205258
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pacmagsprebidheader289589025347/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.31.36 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-31-36.ap-southeast-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: 18d361ba7e0b61f3461ff194d43757a329dcbfaf187223328fdb602d845d0f9f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "ac5693464fb20d1c9ef546f4dcd7a3d9b49c3e7b"
content-length: 225
content-type: text/html; charset=UTF-8

GET
H2 200 n.js Show response
geo.moatads.com/ 86 B
260 B 323ms
76ms Script
text/html 52.74.123.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=PACMAGS_PREBID_HEADER1&hp=1&wf=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=690624655490&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=1&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A0%3A1973&fs=194999&na=192320397&cs=0&callback=MoatDataJsonpRequest_25205258
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pacmagsprebidheader289589025347/yi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.123.238 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-123-238.ap-southeast-1.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: b248dca1fe86d7e4c48e9b6c56a74b1714889c47b79c5f2db8a14625d673db38

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "dbf8e8f0670a42d5f59cc3ea129439d1d1a3e341"
content-length: 86
content-type: text/html; charset=UTF-8

GET
H2 200 909511526185289 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 205ms
204ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/909511526185289?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a691acc4b04930a20d758bf4fe156188583816610dd4432dfca01a3f9edd4377

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: boWdymmCY212xxDYO0Rt3uNkP6fPqXi+zGEmOfDfBYBKXIfFmrJEqN3oEBY4/X3TNsgHSFF02oZ8opz8K2tvUQ==
x-fb-trip-id: 382461245
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 29 Oct 2021 09:43:45 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 glcfg510.js Show response
cdn-gl.imrworldwide.com/novms/js/2/configs/ 2 KB
1 KB 22ms
22ms Script
application/javascript 2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: rxZRGfY8p2Qvf1YiHTHcR.G6ODou5et9
content-encoding: gzip
etag: W/"931051f801612c3a0e2782961ac3d56c"
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
server: AmazonS3
age: 1362
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 29 Oct 2021 09:21:04 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: s1C94hw4v2nWnaWiSoI6Gz5Vb4z9xzRpTTUQsBoxzz6EIVV6y6Op1A==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
544 B 67ms
16ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187830
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: c8d2007512491e683fc36a9493df808ab6d45deec5acccf062c662e71cfc7d71

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sun, 28 Nov 2021 09:43:45 GMT

GET
H2 204 identity Show response
api.rlcdn.com/api/ 0
246 B 188ms
139ms XHR
text/plain 34.120.155.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.155.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.155.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear

GET
H2 200 P0992DE93-61C1-455C-AB44-9E40B670BD75.js Show response
cdn-gl.imrworldwide.com/conf/ 29 KB
7 KB 624ms
624ms Script
application/javascript 2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P0992DE93-61C1-455C-AB44-9E40B670BD75.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f6444328400be38f3236ca72099db38459b7c750ba52c7ed370fdb0788c4325

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: r93XN0TeRewFTPaOIWPTPjCYryW5boLZ
content-encoding: gzip
etag: W/"99e5807c2503085383f3bead2e9a5b63"
last-modified: Fri, 29 Oct 2021 05:15:13 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Fri, 29 Oct 2021 09:43:46 GMT
x-amz-cf-id: H9L4CMye9KJwIvssQocwjmgDIP3pfPimCWWSmagG9LN6NLQ1jkersw==

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame C1A3 11 KB
4 KB 155ms
155ms Document
text/html 2600:9000:2066:4200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: secure-gl.imrworldwide.com
URL: https://secure-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:4200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/

Response headers

content-type: text/html
vary: Accept-Encoding
date: Fri, 29 Oct 2021 09:43:45 GMT
server: nginx
last-modified: Fri, 15 Oct 2021 16:25:29 GMT
etag: W/"6169ab79-2b27"
access-control-allow-origin: *
access-control-allow-methods: POST, OPTIONS
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C5
x-amz-cf-id: QQ-UUUVDXnwJ9rU2FlIxlfOdAadmIPx2GzsjDUBH0Qnxn3hcj3K2gQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 110ms
45ms Image
image/gif 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2988970-29&cid=894526825.1635500625&jid=2029775730&_u=IEBAAEAAAAAAAC~&z=131669108

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 96ms
52ms Image
image/gif 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-2988970-29&cid=894526825.1635500625&jid=2029775730&_u=IEBAAEAAAAAAAC~&z=131669108

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 199ms
199ms Script
application/javascript 2600:140b:1:492::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:1:492::1931 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 4e2845-23.15.14.116
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 9B91 0
102 B 188ms
82ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.415818271670261
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 168ms
75ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=8.284431553226264
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 92ms
92ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=8.284431553226264
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

POST
H2 200 / Show response
r.skimresources.com/api/ 204 B
364 B 118ms
96ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105419X1625173.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

44a9e011ba4543e0a4da81cf97603128eee3980629d930ff4fd22505cd7f3cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://rufyzyuua.gq
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 20ms
7ms Image
image/gif 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=909511526185289&ev=PageView&dl=https%3A%2F%2Frufyzyuua.gq%2F&rl=&if=false&ts=1635500625506&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635500625505.1817242476&it=1635500625269&coo=false&rqm=GET

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 29 Oct 2021 09:43:45 GMT

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 135ms
92ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105419X1625173.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

POST
H2 200 api Show response
ls.skimresources.com/ 2 B
345 B 289ms
275ms XHR
application/json 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ls.skimresources.com/api

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105419X1625173.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.117.212 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

212.117.120.34.bc.googleusercontent.com

Software

Python/3.8 aiohttp/3.6.3 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/json

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.8 aiohttp/3.6.3
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 126ms
85ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/105419X1625173.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 , Ascension Island, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

OPTIONS
H2 206 api
ls.skimresources.com/ Frame 0
0 121ms
80ms Preflight
text/plain 34.120.117.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.skimresources.com/api
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.117.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.117.120.34.bc.googleusercontent.com
Software: Python/3.8 aiohttp/3.6.3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://rufyzyuua.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-credentials: true
access-control-max-age: 1728000
content-type: text/plain charset=UTF-8
content-length: 0
date: Fri, 29 Oct 2021 09:43:45 GMT
server: Python/3.8 aiohttp/3.6.3
via: 1.1 google
alt-svc: clear

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%...

44 B
524 B

148ms
147ms

Image
image/gif

2600:9000:2066:4200:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=PACMAGS_PREBID_HEADER1&hp=1&wf=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=690624655490&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=1&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A0%3A1973&fs=194999&na=192320397&cs=0&callback=MoatDataJsonpRequest_25205258&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Frufyzyuua.gq%2F&sr=1600x1200&id=lstrg-21a3cb7d21655508639f28aec9a6af70&ja=1
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Server: 2600:9000:2066:4200:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C5
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: mVmo6qAdNeduUd2H9nNEVXbRuhx1QBpSLOapR2iDOQvq-aM7kCXVfw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:45 GMT
via: 1.1 89a79abdcd1ed6464a36bc9e0c9decdc.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C5
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1635500625623&ci=au-pacmags&js=1&cg=0&ts=n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B*EjrG%3DH%3CA.a%24%7D9H%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-UDQ31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-JvYb5sLyVy50og%3D%3D&sc=1&os=1-ig%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Frufyzyuua.gq%2F&pcode=pacmagsprebidheader289589025347&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=PACMAGS_PREBID_HEADER1&hp=1&wf=1&pxm=6&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=690624655490&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=1&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=undefined&bd=undefined&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A0%3A1973&fs=194999&na=192320397&cs=0&callback=MoatDataJsonpRequest_25205258&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Frufyzyuua.gq%2F&sr=1600x1200&id=lstrg-21a3cb7d21655508639f28aec9a6af70&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: lMgq7NtJEdHZuMhp_P-pPRVItgx_EiTVv0ONXizBUQvB4nNlMX8vWw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 15ms
15ms Image
image/gif 2404:6800:4004:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=77653217&t=event&ni=1&_s=3&dl=https%3A%2F%2Frufyzyuua.gq%2F&ul=en-us&de=UTF-8&dt=American%20Pancakes%20Recipe%20%7C%20New%20Idea%20Food&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Blocker&ea=Disabled&el=Desktop&_u=aEBAAEABAAAAAC~&jid=&gjid=&cid=894526825.1635500625&tid=UA-2988970-29&_gid=1100937060.1635500625&cd1=Amy%20Sinclair&cd2=American%2Cpancakes%2Cmayple%20syrup%2Csweet%20breakfast%2Cstreaky%20bacon&cd9=1&cd3=Recipe&cd4=New%20Idea%20Food&cd5=14%20Mar%202019&cd6=21%3A46%3A11&cd7=Thursday&cd8=pancake%20recipe&cd10=&z=203118539

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Oct 2021 13:17:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73604
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 192 KB
54 KB 10ms
9ms Script
application/javascript 2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P0992DE93-61C1-455C-AB44-9E40B670BD75.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: tnxqFQqGT1ELPIx0GRfinwCzm_ufX7R9
content-encoding: gzip
etag: W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
server: AmazonS3
age: 656
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 29 Oct 2021 09:32:50 GMT
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: vNhlXuQX6drQE3QQ6jz2uXPIzZ1Un64yAw2Iix4KLxUrOTpLK9lFBA==

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 47AD 12 KB
4 KB 9ms
8ms Document
text/html 2600:9000:21d2:c00:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21d2:c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/

Response headers

content-type: text/html
last-modified: Mon, 18 Oct 2021 14:09:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fWy1EzHp9Q0L9DPiegymkYQaHVC9sb1R
server: AmazonS3
content-encoding: gzip
date: Fri, 29 Oct 2021 09:09:44 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 757d2cc08c66ca4b861bd19d35883c42.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT12-C4
x-amz-cf-id: EuSOyBi-KZF-qs2LHBO8kss7Fi6XZZYgevnuxV4mawVfwZvvwuFNhg==
age: 2042

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 441ms
44ms Script
text/javascript 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 29 Oct 2021 09:43:46 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 31 B
654 B 433ms
38ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rufyzyuua.gq

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

317ef3d392fdff76a3dd03bb906b138a06c86cc3c6ff26048e8236bf131613bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47
x-xss-protection: 0
expires: Fri, 29 Oct 2021 09:43:46 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame BC4F 0
106 B 4ms
3ms Document
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://rufyzyuua.gq
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/

Response headers

content-type: text/plain
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Fri, 29 Oct 2021 09:43:46 GMT

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 47AD 44 B
369 B 435ms
74ms Image
image/gif 52.77.151.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P0992DE93-61C1-455C-AB44-9E40B670BD75&sessionId=oeibpegtdgotg6dn8irnnn9xjssc91635500625&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.151.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-151-98.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com/ Frame 47AD 35 B
351 B 364ms
4ms Image
image/gif 2600:9000:2066:5a00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com/
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2066:5a00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 23:14:33 GMT
via: 1.1 ec0f8a7531f2716a7da4d0d445da3deb.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 37754
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: NRT12-C5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: XexMEgV5L9bGAD9_bAfLyo530iTlXoXy1M7YpzoRZQqq3H3RI1MvXw==

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
368 B 491ms
338ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a9691c8017474d5c661d8ac1cb5021c&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: cea84d294d8acaa5a5ead95a89cc4b0efbc3bf5c932c31d5f6b42f770eabd7c3

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:47 GMT
server: ATS/9.1.0.33
age: 1
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
344 B 300ms
148ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a9691c8017474d5c661d8ac1817021b&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5ab4046c816a2515a869f290fdfe36e79f6b8cd490a51c16242f8e2bb4f319c4

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
343 B 287ms
135ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a969186017474e54cdbe76a8fe00090&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 751a2921267e28e43716b857cb581cd4a568c3261722f1dcf1562073d0a13d32

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
344 B 358ms
206ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a9691c8017474d5c661d8ac2a1e021f&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d527c1de63172dfe29de857fa0b3f991a029d58724bc32e4b84cd72202a09e2e

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
343 B 464ms
312ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a9691c8017474d5c661d8ac25b5021e&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 81cbada022cf3ae7e35c182f109f0ee63906ca80d9bec31090d0a3527822e2f0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
543 B 280ms
128ms XHR
application/json 13.250.192.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a9691c8017474d5c661d88ae76600c4&pos=8a969994017474e5558ee76a8b8a0084&secure=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 13.250.192.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-250-192-86.ap-southeast-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9275ce25d73d521dc74f1ed4d6e0ae1964d0931591e40f9891bf4401a03d9b4d

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-allow-credentials: true
content-length: 62

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 78 B
370 B 110ms
91ms XHR
text/javascript 23.10.8.7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=290723&fn=headertag.IndexExchangeHtb.adResponseCallback&sd=1&r=%7B%22id%22%3A%2223202377%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Frufyzyuua.gq%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22291862%22%7D%7D%5D%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22291851%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22291854%22%7D%7D%5D%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22291857%22%7D%7D%5D%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22291855%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22291858%22%7D%7D%5D%7D%2C%22id%22%3A%224%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229e9a8168-b997-4df4-9c8d-f26826c1cb9c%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-10-29T09%3A43%3A45%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.10.8.7 , United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-10-8-7.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c0cd39b59eb05e0473016acc7f66291b1f27c281d8ba75c183eed17bafcfdb48

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
x-ak-initial-geo: CC:[JP], RC:[13], CN:[AS], CIP:[45.87.213.61], XFF:[]
server: Apache
content-type: text/javascript
access-control-allow-origin: https://rufyzyuua.gq
x-cs-client-geo: 14
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 78
x-ak-client-geo: 14
expires: Fri, 29 Oct 2021 09:43:46 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 491 B
1 KB 337ms
179ms XHR
application/json 103.43.90.179
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.179 , Australia, ASN29990 (ASN-APPNEX, US),

Reverse DNS

592.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a0839873267db8bee0f65fd082d1083b3e53e79ae0e4a1db748505b9280c3709

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:46 GMT
X-Proxy-Origin: 45.87.213.61; 45.87.213.61; 592.bm-nginx-loadbalancer.mgmt.sin3; adnxs.com
AN-X-Request-Uuid: a87441f2-bb02-4c02-82f5-450270d034a2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://rufyzyuua.gq
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 491
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
278 B 219ms
69ms XHR
application/json 13.213.101.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=nif_728x90_desktop_3&lib=ix&size=728x90&referrer=https%3A%2F%2Frufyzyuua.gq%2F&v=2.1.2&tmax=1600

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.101.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-101-30.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
277 B 232ms
83ms XHR
application/json 13.213.101.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=pacmags_newideafood%20_300x250_300x600_desktop_btf_1&lib=ix&size=300x250%2C300x600&referrer=https%3A%2F%2Frufyzyuua.gq%2F&v=2.1.2&tmax=1600

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.101.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-101-30.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
277 B 220ms
70ms XHR
application/json 13.213.101.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=pacmags_newideafood%20_300x250_desktop_atf_1&lib=ix&size=300x250&referrer=https%3A%2F%2Frufyzyuua.gq%2F&v=2.1.2&tmax=1600

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.101.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-101-30.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
277 B 219ms
70ms XHR
application/json 13.213.101.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?inv_code=pacmags_newideafood_728x90_970x250_desktop_atf_1&lib=ix&size=728x90%2C970x250&referrer=https%3A%2F%2Frufyzyuua.gq%2F&v=2.1.2&tmax=1600

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.101.30 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-101-30.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:46 GMT
x-auction-status: 5
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 283 B
1 KB 370ms
76ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18464&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Frufyzyuua.gq%2F&p_screen_res=1600x1200&site_id=337194&zone_id=1776522&kw=rp.fastlane&tk_flint=index&rand=0.6023087702300862
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d317d19880c76f8315f1676c85ddab821783e7b73c275ad2093c3f295f72aa7c

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://rufyzyuua.gq
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 283
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
1 KB 401ms
98ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18464&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Frufyzyuua.gq%2F&p_screen_res=1600x1200&site_id=337194&zone_id=1776518&kw=rp.fastlane&tk_flint=index&rand=0.1264225230689333&alt_size_ids=10
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2bce037cfdd6e03f6fa0afd0afb1a1db3b16c7fbc7b8415ac9381126fd2df657

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://rufyzyuua.gq
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 304
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 284 B
1 KB 446ms
130ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18464&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Frufyzyuua.gq%2F&p_screen_res=1600x1200&site_id=337194&zone_id=1776528&kw=rp.fastlane&tk_flint=index&rand=0.4269269339451869
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c68886b75751de30d3ac0ea6c7bc0593250b5aa6d0a5c65029fbefd573fb2909

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://rufyzyuua.gq
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 284
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 303 B
1 KB 419ms
101ms XHR
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18464&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Frufyzyuua.gq%2F&p_screen_res=1600x1200&site_id=337194&zone_id=1776526&kw=rp.fastlane&tk_flint=index&rand=0.27702948220656487&alt_size_ids=57
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c006:158::65 -, , ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 61daf9ad5af08ab2ceef409655a9d146ff0cd5f82cbbaa3c9b018bc678b08518

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://rufyzyuua.gq
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 303
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 220ms
70ms XHR
text/plain 52.220.112.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1600&ts=1635500626575
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.220.112.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-220-112-148.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rufyzyuua.gq
date: Fri, 29 Oct 2021 09:43:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 88ms
72ms XHR
text/plain 103.231.99.77
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.77 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://rufyzyuua.gq
date: Fri, 29 Oct 2021 09:43:45 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ads.playground.xyz/host-config/ 14 B
447 B 584ms
571ms XHR
application/json 34.98.107.212
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.playground.xyz/host-config/prebid?cb=SIypzkFD
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.107.212 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.107.98.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: 3862b1107b677f83ee00ae73459aa88424b80d519dd50186b58f932beb5b0f74

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Oct 2021 09:43:47 GMT
via: 1.1 google
etag: W/"e-Qt/S19REVTq2ZVu3nahyAsNGswY"
server: Google Frontend
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://rufyzyuua.gq
x-cloud-trace-context: 72b5853213ffbbaf5c90afe87065996d
access-control-allow-credentials: true
alt-svc: clear
content-length: 14
x-request-id: 08593899-d07e-4cc3-bb28-029af305102a

GET
H2 404 ap.jpg
rufyzyuua.gq/media/14200/ 274 B
274 B 262ms
262ms Image
text/html 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/media/14200/ap.jpg?width=482&height=0&mode=crop&center=0.5,0.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d5e4215257814189fc6a5dcea583a8f72d7cff164e6689890fb9f8929e558f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxdFIFc1NBB1fmfY4qj1lyZQ%2B9nDamlGV4eRRqM7FkZyrb1DMiRWV1JX4VVOlDJ0xH%2FNAd3Cl1XDF2yzNKyyQxkLRdvZb95S8kQEOt2X%2F5VG1bRlp%2FAwMrA7uBHBkJZMjyMYxLkgKWWSgv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6a5b76242d65f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 404 ni2123-edm-cover.jpg
rufyzyuua.gq/media/22730/ 274 B
274 B 472ms
472ms Image
text/html 2606:4700:3030::6815:1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rufyzyuua.gq/media/22730/ni2123-edm-cover.jpg?width=224&height=294&mode=crop&center=0.5,0.5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d5e4215257814189fc6a5dcea583a8f72d7cff164e6689890fb9f8929e558f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3k79C7y%2FQXswLb%2BnKp53aYnZCPW3CR4w0zJWAqXY6nSAheCym61HQcrbztuxXikUe1T44OC4klzhu3NEsIGGURk%2BInVwyncsH1c%2B%2FSYx2D9Gqku%2FKPA6EP8GlHRceRhKd7nK9F05Pe2EUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 6a5b76242d67f8e7-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
462 B 160ms
37ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=rufyzyuua.gq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
520 B 79ms
37ms Script
application/javascript 2404:6800:4004:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rufyzyuua.gq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 232 KB
35 KB 382ms
381ms XHR
text/plain 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504962847182636&correlator=482206466715051&output=ldjh&impl=fifs&eid=31063281%2C31063282%2C31063313&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211029&iu_parts=13534306%2CPAC%2CFoodiful%2Cpancake_recipe%2CRelated%2CBottom_1%2CBottom_2%2CBottom_3&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2F5%2C%2F0%2F1%2F2%2F4%2F6%2C%2F0%2F1%2F2%2F4%2F7&prev_iu_szs=1x1%7C1x2%2C1x1%7C1x2%2C1x1%7C1x2%2C970x250%7C728x90%2C300x250%2C300x170%7C300x150%2C300x250%7C300x600%2C728x90%2C320x50%2C320x50%2C320x50&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight&prev_scp=position%3D1%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D2%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D3%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D1%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D1%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D1%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D2%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D3%26PageID%3D1024865%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D1%26pagenumber%3D1%26category%3Dpancake_recipe%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D2%26pagenumber%3D1%26category%3Dpancake_recipe%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%7Cposition%3D3%26pagenumber%3D1%26category%3Dpancake_recipe%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26PageID%3D1024865%26cat%3Dpancake_recipe%26type%3DRecipePage%26keyword%3D%26environment%3DProd%26search%3D%26width%3D1600%26height%3D1200%26Inskin%3D2%26channels%3Dgx_retry&cookie_enabled=1&bc=31&abxe=1&lmt=1635500627&dt=1635500627186&dlt=1635500623936&idt=2617&frm=20&biw=1600&bih=1200&oid=2&adxs=0%2C0%2C0%2C315%2C1074%2C1027%2C1074%2C436%2C-12245933%2C-12245933%2C-12245933&adys=45%2C45%2C45%2C60%2C283%2C470%2C470%2C2210%2C-12245933%2C-12245933%2C-12245933&adks=1309351415%2C1221354613%2C565471710%2C1318679577%2C1491471998%2C1293943339%2C1582514901%2C1561867198%2C633273851%2C2229861394%2C3408115144&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Frufyzyuua.gq%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C1600x0%7C1600x0%7C1600x31%7C394x0%7C394x0%7C300x0%7C1600x0%7C0x0%7C0x0%7C0x0&msz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C394x0%7C394x0%7C300x0%7C1600x0%7C0x0%7C0x0%7C0x0&ga_vid=894526825.1635500625&ga_sid=1635500627&ga_hid=77653217&ga_fc=true&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C132%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0%7C1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9546215459dd8843d4e28b0860cd29281405b506a48e1302bde72ce1ca899a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35489
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,5772235835,5772235835,-1,5772235835,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,138360772486,138360773482,-1,138360452199,-1,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://rufyzyuua.gq
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E82 6 KB
4 KB 151ms
38ms Document
text/html 2404:6800:4004:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 29 Oct 2021 09:43:47 GMT
expires: Sat, 29 Oct 2022 09:43:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
425 B 70ms
62ms XHR
text/plain 23.51.209.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=290723&u=https%3A%2F%2Frufyzyuua.gq%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187830-144469699220734.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.51.209.187 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-209-187.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 29 Oct 2021 09:43:47 GMT
X-AK-INITIAL-GEO: CC:[JP], RC:[13], CN:[AS], CIP:[45.87.213.61], XFF:[]
Server: Apache
Access-Control-Allow-Origin: https://rufyzyuua.gq
X-CS-CLIENT-GEO: 14
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-AK-CLIENT-GEO: 14
Expires: Fri, 29 Oct 2021 09:43:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 85ms
46ms XHR
application/json 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021102501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e322f3013d6ed7edb973704d7157134ce7f8b73756e2a37e8ad0c406fd7de767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 8554
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 38ms
38ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5m6WSlCDcqTQNu-ShU7-8wtVdolqjBqt12rIXLyxPXdhS99-n8on--DMWTyFN1YtFLX7jvCMytex6AKDTeVlM4qWin_OxtoLCImlQ7nx2_dK_ixev7Yos1Wgd06-DydotzR3Rmd8n_5tbXpQixgw_GFl75cpixh8HucUQtKdbobSw8Y0uPYIW7KrCy8SKSl8VXVxgSfMHiQtcqZ19PhjAV9c6pDPQVncjmwHj7-r-rLTRgCt0wE_FxmCLdgDrLmBO4en4RIWol6tHOiuCODRiFYujuHVS8csjVWAC92HB0nwlPSx4e16sxiD6tVduD4MSLw&sai=AMfl-YRyrfF10eHRqqWNSBBKi5OeI7ZQwiw4aipM4Fd2eFR9bx98Dwt_hBofdy12pRX5sIQtgqu2jGZv__bHildntKj9fjRLXM9oRS_iY0_s3EDskgnBpr-YxW86-5nIgiE&sig=Cg0ArKJSzGoL-9VF_aPHEAE&uach_m=[UACH]&adurl=

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 29 Oct 2021 09:43:47 GMT

GET abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ 0
0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ 3 KB
2 KB 85ms
6ms Script
text/javascript 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:43:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 09:43:25 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 371ms
70ms Script
text/javascript 2404:6800:4004:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Oct 2021 09:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Oct 2021 09:43:48 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pacmagsdfpdisplay411898783873/ 304 KB
103 KB 4ms
4ms Script
application/x-javascript 23.51.210.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.210.213 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-210-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a1031a3b03eb3d3cfee98016df03254fd9a5ce69e53ccdc6413a824520daff06

Request headers

Referer: https://rufyzyuua.gq/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 29 Oct 2021 09:43:47 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 15:26:18 GMT
server: AmazonS3
x-amz-request-id: C9F2GNHGKW57NRF3
etag: "d08afa8b535aca38c53c3b05c5ae2848"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=19937
accept-ranges: bytes
content-length: 105077
x-amz-id-2: uoafqCb5Qd9Uk679+6OUwBX+yScydhNdSJ47ucnl26IcU8Fwxow5Xibf/MLL0l6sIpj3U7OdPgo=

GET
H2 200 15751571366751820514
tpc.googlesyndication.com/simgad/ 41 KB
41 KB 94ms
17ms Image
image/gif 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15751571366751820514

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b6440a57ab7d427abb0522987c171e75c3da8631842c6a3dbaa8d4cb88d9762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 05:31:35 GMT
x-content-type-options: nosniff
age: 101532
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42319
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 07:21:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 05:31:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 40ms
39ms Fetch
image/gif 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuUiLnPGrsf_yWd5OH3OzW3ldDNF2rJKvChr19YklNCobzEF5eBWCIE-8NOfAHRMwfYZeoo2hNA9cws9EG0OG6XKjK53C4m7RYpQMAr5iqb5Tkuw88iUZmTquzEoccsz-K73GfNS-vI-u0yrRl21H8D7MV0RdqLUycXRxu27mitzHWwzmGTnHGBcOFxAqsSh-9nDjfxliVA8mRM9j5T-Jj6KoAejBSWzMhECkpjAX1ejqg2z7Uic2PVAAJivPOUmBftvIEFOq8oklzDIZGEsVk5NTpuxClMBUVzIo-VCGTRmpsLrwYQuc3T5Dbnfu7nWKQtQg&sai=AMfl-YTXMn1QG-dHbxw95SliyvM8cnIGfIITcRyzReg3-FoGK3IT-2MrW_a7cW_nFk-5MSaiaGycNCPOGwc3vMCTTLAIxWjVj2Sdj678NgRbKG4vksB3TLehIAO-YAk1tc4&sig=Cg0ArKJSzBZ7gf4qv8__EAE&uach_m=[UACH]&adurl=

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Oct 2021 09:43:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 29 Oct 2021 09:43:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 339ms
38ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1fedMZAmeom4ougw13KFnd26049p1WqeSzGzvvjD2lLbPMpmm1NKC5un2yEOgQ-fSSSA5MVsPWZqSYYA7551IiukRoQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 17345597430877056172
tpc.googlesyndication.com/simgad/ 39 KB
39 KB 84ms
12ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17345597430877056172

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9739e4687527f7ef0ae3b385831ad1b13fdd505cbb5a760c6568b5822d75758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 12:39:52 GMT
x-content-type-options: nosniff
age: 594235
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40180
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 07:19:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Oct 2022 12:39:52 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ 190 KB
55 KB 117ms
2ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 116513
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55667
x-xss-protection: 0
server: sffe
date: Thu, 28 Oct 2021 01:21:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Oct 2022 01:21:54 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 13 KB
5 KB 119ms
5ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 73590
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4996
x-xss-protection: 0
server: sffe
date: Thu, 28 Oct 2021 13:17:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 28 Oct 2022 13:17:17 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 89 KB
28 KB 120ms
5ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 146077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28494
x-xss-protection: 0
server: sffe
date: Wed, 27 Oct 2021 17:09:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 17:09:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 4 KB
2 KB 121ms
7ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 9438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1635
x-xss-protection: 0
server: sffe
date: Fri, 29 Oct 2021 07:06:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 29 Oct 2022 07:06:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ 40 KB
13 KB 121ms
7ms Script
text/javascript 2404:6800:4004:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 130293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12816
x-xss-protection: 0
server: sffe
date: Wed, 27 Oct 2021 21:32:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 27 Oct 2022 21:32:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 578 B
489 B 340ms
39ms Stylesheet
text/css 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=i%E3%82%A7%E3%82%AF%E3%83%83%EF%BC%9E%E3%81%A7%EF%BC%9C%E3%83%ACu%E7%84%A1%E3%83%99%E3%83%ABtbH%E6%96%99%E3%83%81G

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ec9cd519c360eed8bec75d3c8294e85e6f206273ed16761a4760507829c6a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 09:43:48 GMT
server: ESF
date: Fri, 29 Oct 2021 09:43:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Fri, 29 Oct 2021 09:43:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/ata/ 3 KB
3 KB 84ms
19ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/ata/en.png

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69d7c0684e951d58f1564dad79423db77b3d823795bd53a3d33377212d5d638f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 13:42:01 GMT
x-content-type-options: nosniff
server: cafe
age: 72106
etag: 11468298308020998300
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2587
x-xss-protection: 0
expires: Fri, 29 Oct 2021 13:42:01 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ 344 B
778 B 70ms
6ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 28 Oct 2021 17:36:05 GMT
x-content-type-options: nosniff
server: cafe
age: 58062
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 29 Oct 2021 17:36:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 330ms
36ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpMwgzwb5zpHUa-Ypg1_mkYLkihE_rAPouZh3vYvpZtlMrGYNFzb7bzIz5fxbyOFaGIzVIIsaklyjY4brFXAoX800X-A
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 45ms
44ms Image
text/html 142.251.42.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChfMzU8J7Yc3XEI7I2QTm56ToCo3kkpBkqN6b7Z8OsJAfEAEgjs-4HmCJ88WE9BOgAfjVgZcDyAEJqQLroXHC6OVCPuACAKgDAcgDCqoE1gFP0M8Cd0IHhNgrHdZEn7KSCxbao3XMfnfDZ2k8NMkqJ3RZN7JK46oxqxUA-53IWkVzgFNnmhvTtUL_S1O652IX7JxX_gWgPCAeWA-BEY1Y-0X9AuhXTh2CGvPxexDfK-oDZd_Ae47gjPPH0qlmuicZFwW44QOoqREqVsLFkRpEn5s3xGLuFfQ8h6OtMpEbpg3iqiKUhsS4Y66luovfmoZoSmh8Qt887aL64T2am046SoM1tdmTeant8kM3aYd9YD_Ioj7SyX2dtS9b107YBFfTsd7k3-c2wAS5h_rrkgPgBAGSBQQIBBgBkgUECAUYBKAGLoAH8Kn-aKgH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDamwLSCAcIiGEQARgdgAoDyAsB2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTQwMjYwODA5ODk3OTg4MjEYkr8V&sigh=A6Dps26thfI&uach_m=[UACH]&template_id=484&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 6ms
2ms Image
image/gif 23.51.210.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PACMAGS_PREBID_HEADER1&hp=1&zMoatAdUnit1=PAC&zMoatAdUnit2=Foodiful&zMoatAdUnit3=pancake_recipe&wf=1&ra=3&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1635500625202&de=386452811078&rx=462528544317&m=0&ar=fb6a7277fce-clean&iw=26c41b6&q=2&cb=0&cu=1635500625202&ll=2&lm=0&ln=0&em=0&en=0&d=26044746%3A273937866%3A4585994779%3A138348466686&zGSRC=1&gu=https%3A%2F%2Frufyzyuua.gq%2F&id=1&ii=4&bo=PAC&bd=pancake_recipe&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=pacmagsprebidheader289589025347&fd=1&ac=1&it=500&pe=1%3A1934%3A1934%3A3391%3A1973&fs=194999&na=1757079601&cs=0
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.210.213 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-210-213.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:47 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 29 Oct 2021 09:43:47 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12324835834567882010/ 5 KB
5 KB 60ms
8ms Image
image/png 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12324835834567882010/downsize_200k_v1?w=100&h=100

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e13811aff2d531e586b1214304595843828c8a5da128407dd9ff2c17af255c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 18:04:27 GMT
x-content-type-options: nosniff
age: 142760
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5079
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 11:07:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Oct 2022 18:04:27 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11422134936605614555/ 7 KB
7 KB 62ms
9ms Image
image/jpeg 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11422134936605614555/downsize_200k_v1?w=195&h=102

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c29e12c25b55cd74825d1225f5da5b32df37792aae1b5fc9ee34ad52e17fec7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 00:17:53 GMT
x-content-type-options: nosniff
age: 120354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7143
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 12:57:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Oct 2022 00:17:53 GMT

GET
DATA 200
OK truncated
/ 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcad9023cb49fe77956731ea677e48bf7fb1b557bbd2b62edadbfc9d35d283c7

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/ 0
0

GET window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ 0
0

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ 0
0

GET moatad.js
z.moatads.com/pacmagsdfpdisplay411898783873/ 0
0

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3414f65219f85bfa26b1dc13587af1a5928c0298a92e48b6fa128e565e74540f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 10807566451078189309
tpc.googlesyndication.com/simgad/ 44 KB
44 KB 63ms
14ms Image
image/gif 2404:6800:4004:80c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10807566451078189309

Requested by

Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc473ad77b642878c37f4efd0282c2b71df71719f96622981f5c2b73ec55b041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 27 Oct 2021 20:38:57 GMT
x-content-type-options: nosniff
age: 133490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44738
x-xss-protection: 0
last-modified: Wed, 25 Aug 2021 07:27:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Oct 2022 20:38:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ 0
0 317ms
39ms Image
text/html 2404:6800:4004:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwj4D_7rhGH6VRPxoeiD_NOLpolnMz9erpFL1j9kxkgKVd8b9XutHYOAq4TFZ0qDcc5IY6r0c6vDx5o1Uk1rM0AIONZQ
Requested by: Host: rufyzyuua.gq
URL: https://rufyzyuua.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4004:813::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET sodar2.js
tpc.googlesyndication.com/sodar/ 0
0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
368 B 75ms
74ms Image
image/gif 52.77.151.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-507255&ch=au-507255_b39_NewIdeaFood%20-%20brand%20only_S&asn=NewIdeaFood%20-%20brand%20only&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=oeibpegtdgotg6dn8irnnn9xjssc91635500625&prv=1&c6=vc,b39&ca=NA&c13=asid,P0992DE93-61C1-455C-AB44-9E40B670BD75&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,NewIdeaFood&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,aic8yzsgis4l5amkcirl0kyxbbsfj1635500626&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16355006259786420&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1024865&c3=st,c&c64=starttm,1635500627&adid=1024865&c58=isLive,false&c59=sesid,&c61=createtm,1635500628&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Frufyzyuua.gq%2F&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1635500628&rnd=162383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.151.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-151-98.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://rufyzyuua.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Oct 2021 09:43:48 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: z.moatads.com
URL: https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rufyzyuua.gq/	1969-12-31 23:59:59	Name: PHPSESSID Value: 00ts83nvesathncqmlhc4og24a
.rufyzyuua.gq/	1970-01-19 22:19:47	Name: _subid Value: 3hqi5cdi804b
.rufyzyuua.gq/	1970-01-19 22:19:47	Name: f4c38 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0Njg1N1wiOjE2MzU1MDA2MjN9LFwiY2FtcGFpZ25zXCI6e1wiNzMxNzRcIjoxNjM1NTAwNjIzfSxcInRpbWVcIjoxNjM1NTAwNjIzfSJ9.scyMAosFISMulz_xri-eR7zfvZ04WIOmZlty4ocWs3I
.rufyzyuua.gq/	1970-01-20 15:49:32	Name: _ga Value: GA1.2.894526825.1635500625
.rufyzyuua.gq/	1970-01-19 22:19:47	Name: _gid Value: GA1.2.1100937060.1635500625
.rufyzyuua.gq/	1970-01-19 22:18:20	Name: _gat Value: 1
rufyzyuua.gq/	1970-01-19 22:18:22	Name: sailthru_pageviews Value: 1
.adsrvr.org/	1970-01-20 07:03:56	Name: TDID Value: 9e9a8168-b997-4df4-9c8d-f26826c1cb9c
.rufyzyuua.gq/	1970-01-20 00:27:56	Name: _fbp Value: fb.1.1635500625505.1817242476
.facebook.com/	1970-01-20 00:27:56	Name: fr Value: 0b3iEZO6ww04UwG5H..Bhe8JR...1.0.Bhe8JR.
.imrworldwide.com/	1970-01-20 07:39:56	Name: SSCVER Value: v1
.imrworldwide.com/	1970-01-20 07:39:56	Name: IMRID Value: b5c03910-389c-11ec-9d72-5569d3c8d176
rufyzyuua.gq/	1970-01-20 07:03:56	Name: sailthru_visitor Value: f3cf90a2-24af-48f5-85ce-b4519218cf03
.adnxs.com/	1970-01-20 00:27:56	Name: icu Value: ChgIr65xEAoYASABKAEw0oTviwY4AUABSAEQ0oTviwYYAA..
.adnxs.com/	1970-01-20 00:27:56	Name: uuid2 Value: 902012184669318120
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxivyvY2IiKz5rIMc/fD0nVRTpP3PGB0r4SKPGrhQKqTCqCCieGkTxzCtT3GVSXGeUmnD2WgFA74oVwAuQBeukdzVZ6MHAIjpwWsYPsfY8X9JKE=
.rubiconproject.com/	1970-01-20 07:03:56	Name: khaos Value: KVC6UGBD-12-8RNN
.rubiconproject.com/	1970-01-20 07:03:56	Name: audit Value: 1\|WD0cx+9RTMIcPGFux+VkWlqbBgMWySGKid6DeFnocd8PB/QPa8MB+StERtTKdi5w7hqIR0pwVjue3lrsA6xgbDxnSiQwcOgoAizhfkn5jms=
.yahoo.com/	1970-01-20 07:04:18	Name: A3 Value: d=AQABBFLCe2ECEDqoHz1rxoZn8uoe7yLTx_MFEgEBAQETfWGFYQAAAAAA_eMAAA&S=AQAAAhCOlzT2tB_mrJnf_q1Xb2k
ads.playground.xyz/	1970-01-19 22:26:41	Name: connect.sid Value: s%3AzS52H2VakeFTsu4FT5t4Zzgh_AZIhEsh.esdshpZbRkEOwOgJl719ae5vKkeaPh4ZQDhymZY2Qhc
.rufyzyuua.gq/	1970-01-20 07:39:56	Name: __gads Value: ID=7933ed4a89c61264-2221039b74ce0022:T=1635500627:S=ALNI_MajDCAu6a_zAbqErGSZbLjN-jWNVA
.doubleclick.net/	1970-01-20 15:49:32	Name: IDE Value: AHWqTUnzemlR2GC0gSzX6OC85007NqKqzSaGcQBAuRHsUG4i_GTWJ4vmO34ksCB2uaw

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rufyzyuua.gq/media/14200/ap.jpg?width=482&height=0&mode=crop&center=0.5,0.5 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://rufyzyuua.gq/media/22730/ni2123-edm-cover.jpg?width=224&height=294&mode=crop&center=0.5,0.5 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js#moatClientLevel1=24556746&moatClientLevel2=2897082397&moatClientLevel3=5772235835&moatClientLevel4=138360772486&moatClientSlicer1=12534426&moatClientSlicer2=21886644241&zMoatSZ=728x90&zMoatPT=RecipePage&zMoatCT=pancake_recipe&zMoatPS=1&zMoatPN=&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMSafety=safe&zMoatMData=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js#moatClientLevel1=24556746&moatClientLevel2=2897082397&moatClientLevel3=5772235835&moatClientLevel4=138360772486&moatClientSlicer1=12534426&moatClientSlicer2=21886644241&zMoatSZ=728x90&zMoatPT=RecipePage&zMoatCT=pancake_recipe&zMoatPS=1&zMoatPN=&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMSafety=safe&zMoatMData=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js#moatClientLevel1=24556746&moatClientLevel2=2897082397&moatClientLevel3=5772235835&moatClientLevel4=138360452199&moatClientSlicer1=12534426&moatClientSlicer2=21886644241&zMoatSZ=300x600&zMoatPT=RecipePage&zMoatCT=pancake_recipe&zMoatPS=2&zMoatPN=&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMSafety=safe&zMoatMData=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js#moatClientLevel1=24556746&moatClientLevel2=2897082397&moatClientLevel3=5772235835&moatClientLevel4=138360452199&moatClientSlicer1=12534426&moatClientSlicer2=21886644241&zMoatSZ=300x600&zMoatPT=RecipePage&zMoatCT=pancake_recipe&zMoatPS=2&zMoatPN=&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMSafety=safe&zMoatMData=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-YIYaHJlpsVYQ6e5l0+oTB9TSor22SGIFfBm+3Hii8P4='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-YzC6Q0a6BrjNk/Omnk5NvLfWazbRHrOUaPhzAJGNux8='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-sp3UwzRzBv6ZnTbKsE7Zqe+GPYhdEchuu7VxgC8l/1k='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-QsgDFGqCme5SwvwCjTojCjUk/212JSylDbqkPuFXqvk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-RLchh+H9qOqITy9tp7C1Cjwj/Y2K8KGPKO5T1xu/YOI='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-Ev4P/wiMMkEo5+0mCiAY58VTKNu3kmyHCnW6E7S5AI0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-hTxly48GSRsbMNehMcV7qSY+jf9OEstv4pZQg7ozNZ0='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-M/KPGJTpHl2HtKeyOP0A9P6gOhKbPc/zuHksKsf6Rdg='), or a nonce ('nonce-...') is required to enable inline execution.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite_fy2019.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-63eiG/7iRqplc/xvvIpvSqoKMBioQc8Ffc3t0gb00pk='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to load the script 'https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-XBMkZ0Vgz1plGBDB562WQ80kchRNQyt6YqdDoZ9vhsQ='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-JYz13hPHKEgk0oKXq2oaG33Z8DRBfwXDfnd6gfZxo3E='), or a nonce ('nonce-...') is required to enable inline execution.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js#moatClientLevel1=24556746&moatClientLevel2=2897082397&moatClientLevel3=5772235835&moatClientLevel4=138360773482&moatClientSlicer1=12534426&moatClientSlicer2=21886644241&zMoatSZ=300x250&zMoatPT=RecipePage&zMoatCT=pancake_recipe&zMoatPS=1&zMoatPN=&zMoatMGV=slotNoHistData&zMoatMMV=slotNoHistData&zMoatMSafety=safe&zMoatMData=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to load the script 'https://z.moatads.com/pacmagsdfpdisplay411898783873/moatad.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: Refused to load the script 'https://tpc.googlesyndication.com/sodar/sodar2.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://www.newideafood.com.au/Branding/NewIdeaFood/js/main.279d05effc545250597a.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://fonts.googleapis.com/css?family=Mukta+Mahee:400,600,700\|Noto+Sans:400,400i,700,700i was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://www.newideafood.com.au/Branding/NewIdeaFood/js/ads.9600713d1f27caba027e.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://www.newideafood.com.au/Branding/NewIdeaFood/brand.d7fd28b10ba75fc40a3b.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://www.newideafood.com.au/Branding/NewIdeaFood/js/runtime.bfbbe49a475aa79e721d.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://rufyzyuua.gq/ Message: The resource https://www.newideafood.com.au/Branding/NewIdeaFood/js/vendor.cdbc7dca8c9c72701d47.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

98bb46c40d68214eee5d70c62c9815d3.safeframe.googlesyndication.com
ads.playground.xyz
adservice.google.co.jp
adservice.google.com
api.rlcdn.com
api.sail-personalize.com
as-sec.casalemedia.com
c2shb.ssp.yahoo.com
cdn-gl.imrworldwide.com
cdn.ampproject.org
cdn.embedly.com
connect.facebook.net
fastlane.rubiconproject.com
fonts.googleapis.com
geo.moatads.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
ls.skimresources.com
match.adsrvr.org
mb.moatads.com
oeibpegtdgotg6dn8irnnn9xjssc91635500625.nuid.imrworldwide.com
p.skimresources.com
pacmags.gscontxt.net
pagead2.googlesyndication.com
pixel.roymorgan.com
px.moatads.com
r.skimresources.com
rufyzyuua.gq
s.pinimg.com
s.skimresources.com
s3-ap-southeast-2.amazonaws.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
t.skimresources.com
tlx.3lift.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.newideafood.com.au
z.moatads.com
tpc.googlesyndication.com
www.googletagservices.com
z.moatads.com
103.231.99.77
103.43.90.179
104.16.90.50
13.213.101.30
13.225.159.93
13.250.192.86
142.251.42.162
151.139.128.11
152.67.117.181
18.139.31.36
23.10.8.7
23.51.209.187
23.51.210.213
2404:6800:4004:80b::2003
2404:6800:4004:80c::2001
2404:6800:4004:813::2004
2404:6800:4004:818::2008
2404:6800:4004:81d::2001
2404:6800:4004:81f::200a
2404:6800:4004:81f::200e
2404:6800:4004:820::2001
2404:6800:4004:820::2002
2404:6800:4004:822::2002
2404:6800:4008:c04::9d
2600:140b:1:492::1931
2600:9000:2066:4200:1e:a43d:b640:93a1
2600:9000:2066:5a00:1d:667e:2a40:93a1
2600:9000:21d2:c00:2:42d9:3100:93a1
2602:803:c006:158::65
2606:4700:3030::6815:1e6
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
34.120.117.212
34.120.155.137
34.98.107.212
35.190.59.101
35.190.91.160
35.201.67.47
52.220.112.148
52.223.40.198
52.64.60.86
52.74.123.238
52.77.151.98
52.95.134.39
99.83.154.140
01594e833d67163c5d71c470fb205ab5dcea6c114cb3408c3aed83d139697c36
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
06def5f53a1116e6a7f4ecab814748f1b7d9a7fde199d96f80c233877f2c46a4
07ae54e468057e77c6182379768c04048915e5c24593937774502dd66097a496
0c562aa4bee1857c86aecc2752f49632ed218b46dc0837e1ee89fc3f13c62f4d
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18d361ba7e0b61f3461ff194d43757a329dcbfaf187223328fdb602d845d0f9f
1b6440a57ab7d427abb0522987c171e75c3da8631842c6a3dbaa8d4cb88d9762
2808140ccff23ef73c447a371b3275bb91514c87897d5eb4926701166394a028
2bce037cfdd6e03f6fa0afd0afb1a1db3b16c7fbc7b8415ac9381126fd2df657
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
317ef3d392fdff76a3dd03bb906b138a06c86cc3c6ff26048e8236bf131613bc
33cf27d659550644c3c862cd3517060fd1d0009efa15b375fb4b015368b9a918
3414f65219f85bfa26b1dc13587af1a5928c0298a92e48b6fa128e565e74540f
383110dfd0d23652d690d8bccbe5167d22c46a25a7af1c3ba2f55ea490c908e4
3862b1107b677f83ee00ae73459aa88424b80d519dd50186b58f932beb5b0f74
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3b297b30ac57eee2acc6421a07e53fa7fe0e1e4aee0194fee7b937f70999dd7d
3ec9cd519c360eed8bec75d3c8294e85e6f206273ed16761a4760507829c6a3e
40ab705b3347cd8471bb3412dc2a897f520c53b0ed6c5cebaf4759d41574ba23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a9e011ba4543e0a4da81cf97603128eee3980629d930ff4fd22505cd7f3cb3
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
5031b7f1ee6ca6fbb260d67518ba48265142fc13e0853e7be6d91ce098980ba7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c5ed98422e6540e595c4ab165b0bf25fa166bd8c588564101c84822d410492
5ab4046c816a2515a869f290fdfe36e79f6b8cd490a51c16242f8e2bb4f319c4
5e175ff67d1b831460fe566d6f595539e5c666241c2d614c8918c95a71300d21
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61daf9ad5af08ab2ceef409655a9d146ff0cd5f82cbbaa3c9b018bc678b08518
64dbf1e334d3fb268f5230a9a0552f8d867a5fa6dde9fe10d5ef037584ce3ed0
65ed4b54d953753f3c35af84865a8f536a9abb0cd2b0a01dbd7b5f99e6e71139
69d7c0684e951d58f1564dad79423db77b3d823795bd53a3d33377212d5d638f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
751a2921267e28e43716b857cb581cd4a568c3261722f1dcf1562073d0a13d32
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
7877f927239cec9b42ab2c871d665330e4ef4376a4e6757f806bb5ddaeec9d69
81cbada022cf3ae7e35c182f109f0ee63906ca80d9bec31090d0a3527822e2f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f6444328400be38f3236ca72099db38459b7c750ba52c7ed370fdb0788c4325
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
9275ce25d73d521dc74f1ed4d6e0ae1964d0931591e40f9891bf4401a03d9b4d
9546215459dd8843d4e28b0860cd29281405b506a48e1302bde72ce1ca899a73
99e815f63e63f3547ccf41876d7b8657684dc00ea30e8680653b80ba72cbd948
9d1a71851b9c575f7a08134336da7769a379f0db481b058bf45a82d60b7e2ddc
9ff3b63d0fa4df3bd11cceb2be375cfcb444c617cb3f82aee6c07ba23a559ea5
a0839873267db8bee0f65fd082d1083b3e53e79ae0e4a1db748505b9280c3709
a1031a3b03eb3d3cfee98016df03254fd9a5ce69e53ccdc6413a824520daff06
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d569e3565423b4e329da9b7b9475544096d6372b07e2f5d0cdb440cbb7766e
a5e13811aff2d531e586b1214304595843828c8a5da128407dd9ff2c17af255c
a691acc4b04930a20d758bf4fe156188583816610dd4432dfca01a3f9edd4377
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
ade892e32b37ebf3a6faaf9d9ae891d1419e94cfc29e0c2f6eb3029d1974f2c4
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b248dca1fe86d7e4c48e9b6c56a74b1714889c47b79c5f2db8a14625d673db38
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
c010d7538256567a8bb435706cecee0e6d79e21f45b98d33546bc60ea05b3948
c0cd39b59eb05e0473016acc7f66291b1f27c281d8ba75c183eed17bafcfdb48
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21956945f2c5a905a191609c858d9bd2706f13532d19e2f14af43975eac666b
c2761ab9db801a318abc6fe3ee3c8d20ef9a6162e15e0367dc42b83430b7038e
c29e12c25b55cd74825d1225f5da5b32df37792aae1b5fc9ee34ad52e17fec7b
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c68886b75751de30d3ac0ea6c7bc0593250b5aa6d0a5c65029fbefd573fb2909
c748e95e1974d3f8238c5522e45c023f5f1fbae889fb8a33684a72b81dc5ee86
c8d2007512491e683fc36a9493df808ab6d45deec5acccf062c662e71cfc7d71
c9d5e4215257814189fc6a5dcea583a8f72d7cff164e6689890fb9f8929e558f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cea84d294d8acaa5a5ead95a89cc4b0efbc3bf5c932c31d5f6b42f770eabd7c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d317d19880c76f8315f1676c85ddab821783e7b73c275ad2093c3f295f72aa7c
d4f276d6e8ecc70b94034c4add18c782ce370d1699173e4da0cf2ae29a798147
d527c1de63172dfe29de857fa0b3f991a029d58724bc32e4b84cd72202a09e2e
d660d0243a84278e891c290a323e65383f7e05297e512cd49bc59870061a790b
d79a06ce53ae434a01cbcb984b67f2401dcb479df877847f4ec378708cfa82d4
d9739e4687527f7ef0ae3b385831ad1b13fdd505cbb5a760c6568b5822d75758
dbf28eff1ff1ebe28a7761d77b7d6ab0b47ee8dcc7db974544ee9c9e87b8486c
dcad9023cb49fe77956731ea677e48bf7fb1b557bbd2b62edadbfc9d35d283c7
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
e322f3013d6ed7edb973704d7157134ce7f8b73756e2a37e8ad0c406fd7de767
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e928f0d75fe0416938c219a6b5f2cfad4ee6653809f0a80820e50ee193c92321
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6a795bc5038032105f62420ba9a60d1413a0f50031ed7bd33acdf434b373173
fc473ad77b642878c37f4efd0282c2b71df71719f96622981f5c2b73ec55b041
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fff1303b15acfcab3dcbb8165076b69fcfc3dbbd81280b5b027e477c129354f3

rufyzyuua.gq Open in urlscan Pro 2606:4700:3030::6815:1e6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

135 Requests

94 %HTTPS

42 %IPv6

33 Domains

49 Subdomains

46 IPs

8 Countries

1560 kBTransfer

4719 kBSize

22 Cookies

2 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rufyzyuua.gq Open in urlscan Pro
2606:4700:3030::6815:1e6 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

94 %
HTTPS

42 %
IPv6

33
Domains

49
Subdomains

46
IPs

8
Countries

1560 kB
Transfer

4719 kB
Size

22
Cookies

135 HTTP transactions
4 data transactions