urlscan.io logo urlscan.io
SecurityTrails logo

ha.check-tl-ver-294-3.com Open in urlscan Pro
104.21.33.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news-xxagedi.com/?id=1220818779&p1={clickid}&p2={t1}&p3={t6}&p4={t2}
Effective URL: https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbA...
Submission: On May 19 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 64 HTTP transactions. The main IP is 104.21.33.190, located in and belongs to . The main domain is ha.check-tl-ver-294-3.com.
TLS certificate: Issued by GTS CA 1P5 on April 29th 2024. Valid for: 3 months.
This is the only time ha.check-tl-ver-294-3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

20    193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com
news-xxagedi.com
6947927ec8.news-xwibuzi.com
13    23.158.56.123 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 123-56-158-23.clients.gthost.com
news-xrikilo.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
begtd.antaresarcturus.top
14    172.67.148.63 (None, )

ASN- ()
begtd.check-tl-ver-294-3.com
cdnstatic.check-tl-ver-294-3.com
3    2a00:1450:4001:810::200a (None, )

ASN- ()
fonts.googleapis.com
6    2a00:1450:4001:81d::2003 (None, )

ASN- ()
fonts.gstatic.com
6    2a00:1450:4001:82f::2003 (None, )

ASN- ()
www.gstatic.com
4    104.21.33.190 (None, )

ASN- ()
ha.check-tl-ver-294-3.com
Domain Requested by
19 6947927ec8.news-xwibuzi.com 1 redirects news-xrikilo.com
6947927ec8.news-xwibuzi.com
13 news-xrikilo.com news-xrikilo.com
8 begtd.check-tl-ver-294-3.com 6947927ec8.news-xwibuzi.com
begtd.check-tl-ver-294-3.com
cdnstatic.check-tl-ver-294-3.com
6 www.gstatic.com cdnstatic.check-tl-ver-294-3.com
6 fonts.gstatic.com fonts.googleapis.com
6 cdnstatic.check-tl-ver-294-3.com begtd.check-tl-ver-294-3.com
cdnstatic.check-tl-ver-294-3.com
ha.check-tl-ver-294-3.com
4 ha.check-tl-ver-294-3.com cdnstatic.check-tl-ver-294-3.com
ha.check-tl-ver-294-3.com
3 fonts.googleapis.com begtd.check-tl-ver-294-3.com
ha.check-tl-ver-294-3.com
1 begtd.antaresarcturus.top 1 redirects
1 news-xxagedi.com 1 redirects
64 10

This site contains no links.

Subject Issuer Validity Valid
*.news-xrikilo.com
R3		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.news-xwibuzi.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
check-tl-ver-294-3.com
GTS CA 1P5		 2024-04-29 -
2024-07-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Frame ID: 9B7B9AEE37C8167B61ECBED3D59F53BF
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://news-xxagedi.com/?id=1220818779&p1={clickid}&p2={t1}&p3={t6}&p4={t2} HTTP 307
    https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D Page URL
  2. https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D Page URL
  3. https://6947927ec8.news-xwibuzi.com/tb?id=1220818779&land=100&monetization=user&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=... HTTP 302
    https://begtd.antaresarcturus.top/?pl=VTeOp2JVt0eY_vI1dRhUhw HTTP 302
    https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f4082... Page URL
  4. https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f4082... Page URL
  5. https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f4082... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

64
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

10
Subdomains

8
IPs

2
Countries

2495 kB
Transfer

3690 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news-xxagedi.com/?id=1220818779&p1={clickid}&p2={t1}&p3={t6}&p4={t2} HTTP 307
    https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D Page URL
  2. https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D Page URL
  3. https://6947927ec8.news-xwibuzi.com/tb?id=1220818779&land=100&monetization=user&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D&type=reject HTTP 302
    https://begtd.antaresarcturus.top/?pl=VTeOp2JVt0eY_vI1dRhUhw HTTP 302
    https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391 Page URL
  4. https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391 Page URL
  5. https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://news-xxagedi.com/?id=1220818779&p1={clickid}&p2={t1}&p3={t6}&p4={t2} HTTP 307
  • https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Request Chain 31
  • https://6947927ec8.news-xwibuzi.com/tb?id=1220818779&land=100&monetization=user&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D&type=reject HTTP 302
  • https://begtd.antaresarcturus.top/?pl=VTeOp2JVt0eY_vI1dRhUhw HTTP 302
  • https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
news-xrikilo.com/
Redirect Chain
  • https://news-xxagedi.com/?id=1220818779&p1={clickid}&p2={t1}&p3={t6}&p4={t2}
  • https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
347ae0dea38ef679c7219f439b5308b032443f3444a7445980f609c928ea1b3f
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 09:48:08 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

content-length
0
date
Sun, 19 May 2024 09:48:07 GMT
location
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
server
nginx
vary
Origin
x-frame-options
DENY
revopush.js
news-xrikilo.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/revopush.js
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-1fae"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
8110
style.css
news-xrikilo.com/lands/55/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/lands/55/css/style.css
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
293f86a1bf7339b0bd92da16a48f673eb0176f269a0edad28aa7bef16609a990

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-4d0"
content-type
text/css
accept-ranges
bytes
content-length
1232
pc-header.jpg
news-xrikilo.com/lands/55/images/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/pc-header.jpg
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-1310a"
content-length
78090
content-type
image/jpeg
mobile-header.jpg
news-xrikilo.com/lands/55/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/mobile-header.jpg
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-3d44"
content-length
15684
content-type
image/jpeg
video.gif
news-xrikilo.com/lands/55/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/video.gif
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-133e8d"
content-length
1261197
content-type
image/gif
spinning-circles2.svg
news-xrikilo.com/lands/55/images/ 		503 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/spinning-circles2.svg
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-1f7"
content-length
503
content-type
image/svg+xml
pc-after-video.jpg
news-xrikilo.com/lands/55/images/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/pc-after-video.jpg
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-35e74"
content-length
220788
content-type
image/jpeg
mobile-after-video.png
news-xrikilo.com/lands/55/images/ 		156 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/mobile-after-video.png
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-27054"
content-length
159828
content-type
image/png
pc-sidebar.jpg
news-xrikilo.com/lands/55/images/ 		159 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news-xrikilo.com/lands/55/images/pc-sidebar.jpg
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-27b5b"
content-length
162651
content-type
image/jpeg
device.js
news-xrikilo.com/lands/55/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/lands/55/js/device.js
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-457"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
1111
v_F.ico
news-xrikilo.com/lands/55/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/lands/55/v_F.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:08 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-47e"
content-length
1150
content-type
image/x-icon
reject
news-xrikilo.com/ 		5 B
118 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news-xrikilo.com/reject
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 19 May 2024 09:48:09 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
6947927ec8.news-xwibuzi.com/ 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Requested by
Host: news-xrikilo.com
URL: https://news-xrikilo.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
1d68bc70c636fcc06a4ac7b0c24a3a7542088d06387c32a1a9bdc2c479f2c678
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://news-xrikilo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 May 2024 09:48:09 GMT
server
nginx
vary
Origin
x-frame-options
DENY
style.css
6947927ec8.news-xwibuzi.com/lands/100/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/css/style.css
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b11c81c0dc5f00996995c2c24e382e7dafbde057e32e6b7c9ea5dc694617355d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-708"
content-type
text/css
accept-ranges
bytes
content-length
1800
revopush.js
6947927ec8.news-xwibuzi.com/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/revopush.js
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-1fae"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
8110
logo.png
6947927ec8.news-xwibuzi.com/lands/100/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/logo.png
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
d206840f2025a9cce0117437f4956028b0a028286f3f46765bdc29c85ea73303

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-d26"
content-length
3366
content-type
image/png
spinning-circles2.svg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		503 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/spinning-circles2.svg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
W/"6633aa22-1f7"
content-type
image/svg+xml
video.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
61a8b90ca1210fd30ddf7875b2deeb091a785c72f19fc8293a3cedcc5c8822ff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-ac1d"
content-length
44061
content-type
image/jpeg
video-thumb-1.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-1.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
437c7924ffae2dda29c41f1bd55d74e5eac712885f6630630274d12b5b83b95a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-5226"
content-length
21030
content-type
image/jpeg
video-thumb-2.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-2.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
662650439d3d6c5eaa2c0b6cac680be331c81bc76e57df02979f177d83220fa7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-6f8b"
content-length
28555
content-type
image/jpeg
video-thumb-3.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-3.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
bd037ce3cd92fe0c8d7e0747374cec8d54499a4fe86884941fb5b831c87f8cb9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-603b"
content-length
24635
content-type
image/jpeg
video-thumb-4.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-4.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
de0198c26a4c935389c3dd91a225316d3db93cc31c5cffb2c40929b8a05ca105

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-52cc"
content-length
21196
content-type
image/jpeg
video-thumb-5.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-5.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
490dc6e94300e37cc696a01712cabe9c9dc9d5342de1dc362bd6de0dbd81c4c3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-4287"
content-length
17031
content-type
image/jpeg
video-thumb-6.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-6.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
e6ab24220f8c68e6e78680cfc83cbb1ec39eae9770c01a44655ddcb84ce51d79

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-6134"
content-length
24884
content-type
image/jpeg
video-thumb-7.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-7.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
55abd4d24761dffeb5b915315dfd690e7edd4bd81da093bc55c2ee509da4e35b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-59d2"
content-length
22994
content-type
image/jpeg
video-thumb-8.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-8.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
b4769d28577b95827fc642993c97ed423649e262fbae2e86a78d94368d3a74c4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-57a1"
content-length
22433
content-type
image/jpeg
video-thumb-9.jpg
6947927ec8.news-xwibuzi.com/lands/100/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/images/video-thumb-9.jpg
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
8a715d81cd2240d28b5cce714ae32d835d9322ba0b79a766ee8c2458d3b72448

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
accept-ranges
bytes
etag
"6633aa22-6056"
content-length
24662
content-type
image/jpeg
device.js
6947927ec8.news-xwibuzi.com/lands/100/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/lands/100/js/device.js
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
content-encoding
gzip
last-modified
Thu, 02 May 2024 14:58:42 GMT
server
nginx
etag
"6633aa22-457"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
1111
favicon.ico
6947927ec8.news-xwibuzi.com/ 		548 B
256 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:10 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=utf-8
reject
6947927ec8.news-xwibuzi.com/ 		5 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://6947927ec8.news-xwibuzi.com/reject
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/revopush.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.108.118.16 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
16-118-108-193.clients.gthost.com
Software
nginx /
Resource Hash
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 19 May 2024 09:48:11 GMT
server
nginx
content-length
5
vary
Origin
content-type
application/json; charset=UTF-8
/
begtd.check-tl-ver-294-3.com/allow-18/
Redirect Chain
  • https://6947927ec8.news-xwibuzi.com/tb?id=1220818779&land=100&monetization=user&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D&type=reject
  • https://begtd.antaresarcturus.top/?pl=VTeOp2JVt0eY_vI1dRhUhw
  • https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Requested by
Host: 6947927ec8.news-xwibuzi.com
URL: https://6947927ec8.news-xwibuzi.com/revopush.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
284f85c64be6d2f3513e276e11d34f78590cc2a4db313128e6c494896ce94ab0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://6947927ec8.news-xwibuzi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88632b7cdcd765b9-FRA
content-encoding
br
content-type
text/html
date
Sun, 19 May 2024 09:48:11 GMT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2Fng1BcsC%2B%2FMsi%2Bkv9NRJn%2BLEkZ6XgaB8RgLX6Bg6UXPe9jWGArRgj%2FIIL88im4GkTWuV85J1XjwG1h93byxmSEcGHiCjYNjdPZ%2BEf3qUS7kXb0aoPnWrWVYxqhFRBsUP%2FZIphZCdGNKekFznJm%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88632b7c3ff75d6d-FRA
content-length
0
date
Sun, 19 May 2024 09:48:11 GMT
location
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oP8TF8b%2FLfWLdxESAIJOwtdoOrwEMllwVFM6bK1xyxMUESrhZvdM2CshDP4KXWCDVQBuxoa%2FksYfWkdZsiS93EZbcHI1EqNMve%2BDzmdfWfpuHEsoEm0WlDWKRIsG5JCt%2FQRoJJ5%2BKFbyWlQe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
begtd.check-tl-ver-294-3.com/allow-18/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/assets/trls.js
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f86e550be4ed964168fd2c38151d84be5c1d5718358c8b96d920d135d5930163

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-1941"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AXJopqKhFeL6Zn4i8U835YdobHXyyCOWrShlLMUBbqqFxDUp67dAdm5J9kkNIdqazZptwweiquJiUFslKKux%2FdiTnn7Y4N4WmhThxX377mtCbI%2BKiZbYTffXVfJsfCa4P8CWRJdVj1jMttRCiOy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b7d4d5765b9-FRA
alt-svc
h3=":443"; ma=86400
style.css
begtd.check-tl-ver-294-3.com/allow-18/assets/ 		200 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/assets/style.css
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b254e1555d9d2ed2804383af7e5c7c7bba4ffdfa2ba8665305c105557dd258b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-31fa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNAFzyuj7IspOdVq6McZThJaTbzbyDM0oqXcYOnjnLe9jQgNxYfzvjwZoBmZGuGMINwDW2Ec6XjeCSSCCqBVSibRKDbmzXKCh%2BCI9mMmeu33PFbh0lOD0Yn4YTdKpCuaU1UAcE%2BzzC6lGyDssEJ6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88632b7d4d5865b9-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
begtd.check-tl-ver-294-3.com/shared-js/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4774
etag
W/"6627c958-dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgBBn22BNU3YgAnLVypXdT87Qoa2k20lmrJQE5ydNCc3Pf3CBzXHthwCbBM%2BxGNK7xzi7YlbbgoIelfpnDUoHIhpoEcbDrrwmgGJTrTS%2BTn1W2IVOw9TrY1FidxHaXBE25g%2FHCmi97FEhtvFCvww"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b7d4d5965b9-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 May 2024 09:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 May 2024 09:48:11 GMT
ps.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
22724f76070a43959ae51c82dd9865a72ee22884f3a12b0eabbc9c9bc9559ea3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFuDOGSt1ko5hTmJtANwgJKspvzF3wZI3hbY4pJnHz9PwRDG81YE2fb5hIAnQvoL9o2DC00hwuZwJD%2FafFHSFPuw8zPOB9xUJs160Y%2BfdXMd%2BXwU9MJbxBGh1Wz%2FHy%2Fi28XLI%2B0M9chiaiEy%2Bi20CsFuBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b7ebf2c65b9-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		148 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://begtd.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 22:52:58 GMT
x-content-type-options
nosniff
age
39314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 22:52:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://begtd.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 13:48:35 GMT
x-content-type-options
nosniff
age
71977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 13:48:35 GMT
config.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		360 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/config.js?id=VTeOp2JVt0eY_vI1dRhUhw
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:12 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJ%2FNXHAHzD5DvQiYHOHtTsWGiCtuqI%2FEadC7iQ%2FKQ6fn54ScGcKwz3N0Efy93eUuSXpYVBmnRVb3UuLBH%2FNnJH6qnjGy3boNstsRIhcObgctEe11MNoGuttiwbtNqaBVM9fo%2Fe0yQUDsIWiuQLSfi5m0YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b7f2fd165b9-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 17:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 17:45:08 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 08:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 08:48:24 GMT
/
begtd.check-tl-ver-294-3.com/allow-18/ 		2 KB
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
284f85c64be6d2f3513e276e11d34f78590cc2a4db313128e6c494896ce94ab0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88632b87ebb965b9-FRA
content-encoding
br
content-type
text/html
date
Sun, 19 May 2024 09:48:13 GMT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1CXoMzp9MvuglyiAahUMYPvPg9VgnQqYVKcblJwsKWSAPMVsy0pdiBUR8vRfjhr1bFoErVMaiUDHiPb%2FsXuwk2QypIqUjhfHtPiBBsahqpypuu%2F0XzBodzTdotxKnJddSIM1QHHVR2miO3B3Qhyc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
begtd.check-tl-ver-294-3.com/allow-18/assets/ 		6 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/assets/trls.js
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f86e550be4ed964168fd2c38151d84be5c1d5718358c8b96d920d135d5930163

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-1941"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AXJopqKhFeL6Zn4i8U835YdobHXyyCOWrShlLMUBbqqFxDUp67dAdm5J9kkNIdqazZptwweiquJiUFslKKux%2FdiTnn7Y4N4WmhThxX377mtCbI%2BKiZbYTffXVfJsfCa4P8CWRJdVj1jMttRCiOy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b7d4d5765b9-FRA
alt-svc
h3=":443"; ma=86400
style.css
begtd.check-tl-ver-294-3.com/allow-18/assets/ 		200 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/allow-18/assets/style.css
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b254e1555d9d2ed2804383af7e5c7c7bba4ffdfa2ba8665305c105557dd258b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-31fa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNAFzyuj7IspOdVq6McZThJaTbzbyDM0oqXcYOnjnLe9jQgNxYfzvjwZoBmZGuGMINwDW2Ec6XjeCSSCCqBVSibRKDbmzXKCh%2BCI9mMmeu33PFbh0lOD0Yn4YTdKpCuaU1UAcE%2BzzC6lGyDssEJ6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88632b7d4d5865b9-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
begtd.check-tl-ver-294-3.com/shared-js/assets/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://begtd.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4774
etag
W/"6627c958-dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XgBBn22BNU3YgAnLVypXdT87Qoa2k20lmrJQE5ydNCc3Pf3CBzXHthwCbBM%2BxGNK7xzi7YlbbgoIelfpnDUoHIhpoEcbDrrwmgGJTrTS%2BTn1W2IVOw9TrY1FidxHaXBE25g%2FHCmi97FEhtvFCvww"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b7d4d5965b9-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/allow-18/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 May 2024 09:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 May 2024 09:48:11 GMT
truncated
/ 		148 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://begtd.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 22:52:58 GMT
x-content-type-options
nosniff
age
39314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 22:52:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://begtd.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 13:48:35 GMT
x-content-type-options
nosniff
age
71977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 13:48:35 GMT
ps.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Requested by
Host: begtd.check-tl-ver-294-3.com
URL: https://begtd.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0ccef25b06ab50b685ba532d43c921569c4df3c2a4d5194bc9a6369e7bf25d2d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQQOT%2Fz2gZNFLuwIGUPS9yaqXl6v2QpgUfs%2Bic9suo44PIvZGIsC90I3Eo6WDn4IPnZqavt%2FFRJQCNfhDxYFDrLwhHgza%2F8sDaMFWSxakPWysDP7M6%2BoAEiFej4cg6kvaFxmdORAK3e8S31qmvHqgwG%2FeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b886c6b65b9-FRA
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		360 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/config.js?id=VTeOp2JVt0eY_vI1dRhUhw
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbBN%2Bhflh0mlEWcdr3LVe%2BYI5gAZ2mDfHDdGWVGX%2F1qvaQ6tS3exeIVWRZNzu1aK%2BiPC4ZaPTfpF%2FsQZC9NIiCgqpuREzqMERLiJIhGqpUVhYyVXeOw%2BjTi6E2%2BdK8NrJyPaLULw9RXfEcH4IxRxgESIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b88bcce65b9-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 17:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 17:45:08 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://begtd.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 08:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 08:48:24 GMT
Primary Request /
ha.check-tl-ver-294-3.com/allow-18/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.33.190 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
284f85c64be6d2f3513e276e11d34f78590cc2a4db313128e6c494896ce94ab0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://begtd.check-tl-ver-294-3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88632b896cb691fb-FRA
content-encoding
br
content-type
text/html
date
Sun, 19 May 2024 09:48:13 GMT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dMwT8kUZ4173cqBxTZBi0%2BFWtypCcwcBCnsSi14axVgqaEwgshcH7aOFj3JpRseHnKmhbmgJ9kGJxJs1vs13IOKMomS3cqw2sZs3uMBWTASteront2Nww2FSuHMJrHDmhtlIQ0mSkjMqb8tD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
ha.check-tl-ver-294-3.com/allow-18/assets/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ha.check-tl-ver-294-3.com/allow-18/assets/trls.js
Requested by
Host: ha.check-tl-ver-294-3.com
URL: https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.33.190 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f86e550be4ed964168fd2c38151d84be5c1d5718358c8b96d920d135d5930163

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-1941"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FKfmgCqOAfUmj%2FMJzhc%2Bu%2BVqU0yyvFR%2BhuHqvSCGIa6tZ2pHfzXBZijiBOcy9bAOIF0%2F2W26T91rASxib9Sqpxa1Ehlf6zg3LweyiS04NZsxWpvhy%2BqJl3xUb55jKWyFSo9Crm3LG3SRWvAM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b89bcfd91fb-FRA
alt-svc
h3=":443"; ma=86400
style.css
ha.check-tl-ver-294-3.com/allow-18/assets/ 		200 KB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ha.check-tl-ver-294-3.com/allow-18/assets/style.css
Requested by
Host: ha.check-tl-ver-294-3.com
URL: https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.33.190 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b254e1555d9d2ed2804383af7e5c7c7bba4ffdfa2ba8665305c105557dd258b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6627c958-31fa0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51f6m5cV8e33PQENGhPQFTE3VQXJpbdv9pmIHYqfHQnZGDRXABt2pGMoZ8UwxnuoeH2Pnkmw7CCit7b0oE7PSfGn9e%2F%2FYVI%2FmKpN1x%2FGBqhrlVVvpeYnGmdzzWdn4ma3fa485BkRNQc5u5oH"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
88632b89bcfc91fb-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
ha.check-tl-ver-294-3.com/shared-js/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ha.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Requested by
Host: ha.check-tl-ver-294-3.com
URL: https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.33.190 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/allow-18/?pl=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&nrid=b6f2156b76aa44fda1f40822e72702a5&hash=QZcbACMhJe-1gBOSs2EXUQ&exp=1716112391
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Apr 2024 14:44:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1941
etag
W/"6627c958-dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WpXqkJHs0KNmtM5hXupwJtKRToWk3Zv1rYv%2BPK8W0uhq6nLZaqAb8r%2BBNDH%2BX5ntoJEfvpHYVFzHWVI81gFzrI7oo8jNQaFdcMBQY0bKMFQrx7dRA1ytvw6koUgAczpOAvvJDU4Xa0uOJ%2BFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
88632b89bd0091fb-FRA
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Requested by
Host: ha.check-tl-ver-294-3.com
URL: https://ha.check-tl-ver-294-3.com/allow-18/assets/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 19 May 2024 09:48:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 May 2024 09:48:11 GMT
ps.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Requested by
Host: ha.check-tl-ver-294-3.com
URL: https://ha.check-tl-ver-294-3.com/shared-js/assets/static-pl.js?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e09981f0479e27085eaf2d0c6c41ba5a487a4ce669c24f4d4dcd9118b65aad72

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTNMQ%2Bsl4CeOKYt4W17XtDHWjCTxbse23Z9WpffZxFUnHbRWZvZ4mTloiT5TrOg5OpYpWr7d0d9Ik47FcEMrmsjCIeX2qiVgeFYI5oco1exKA%2B1qV%2B7o9aNNE%2FyQpUr2peLkE1i6nZ4QlZ8UHn1MDUOxmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b8a4f0665b9-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		148 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ha.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 22:52:58 GMT
x-content-type-options
nosniff
age
39314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 22:52:58 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700,400i&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://ha.check-tl-ver-294-3.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 13:48:35 GMT
x-content-type-options
nosniff
age
71977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 13:48:35 GMT
config.js
cdnstatic.check-tl-ver-294-3.com/ps/ 		360 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-294-3.com/ps/config.js?id=VTeOp2JVt0eY_vI1dRhUhw
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.148.63 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 19 May 2024 09:48:13 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7wnfKlpipC%2Bfmj4q7yMVr88KsV%2F0afwsT62cUcDxqiCdVfHrKwOpXJIExyIuWH5lWd1ZSXuVp8771iarshNgLQWrVf9O0q970QziN8AV3yFp5JWqzbTYmXocJWDO6hsAxBAwZDIPH1BlcYzgjR8Ci2y4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
88632b8aaf8565b9-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 17:45:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57784
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 17:45:08 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-294-3.com
URL: https://cdnstatic.check-tl-ver-294-3.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=VTeOp2JVt0eY_vI1dRhUhw&sm=allow-18&click_id=&sub_id=&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-294-3.com&timeout=30&tb=true&nrid=b6f2156b76aa44fda1f40822e72702a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://ha.check-tl-ver-294-3.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 08:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 May 2025 08:48:24 GMT
truncated
/ 		378 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		377 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
begtd.antaresarcturus.top/ Name: VTeOp2JVt0eY_vI1dRhUhw
Value: 11
begtd.antaresarcturus.top/ Name: __pl
Value: f2d5a8b4-39f9-4308-8ddb-2ebc810e0b86
begtd.antaresarcturus.top/ Name: __cap
Value: 1

3 Console Messages

Source Level URL
Text
other error URL: https://news-xrikilo.com/?id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other error URL: https://6947927ec8.news-xwibuzi.com/?i=1&id=1220818779&p1=%7Bclickid%7D&p2=%7Bt1%7D&p3=%7Bt6%7D&p4=%7Bt2%7D
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://6947927ec8.news-xwibuzi.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6947927ec8.news-xwibuzi.com
begtd.antaresarcturus.top
begtd.check-tl-ver-294-3.com
cdnstatic.check-tl-ver-294-3.com
fonts.googleapis.com
fonts.gstatic.com
ha.check-tl-ver-294-3.com
news-xrikilo.com
news-xxagedi.com
www.gstatic.com
104.21.33.190
172.67.148.63
188.114.97.3
193.108.118.16
23.158.56.123
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2003
0ccef25b06ab50b685ba532d43c921569c4df3c2a4d5194bc9a6369e7bf25d2d
121ae3a98c7fbba7d158fe1ee759e17994928c9332bbe65028cb0710c22fdf63
1263b5513a15315e3fa3e3ad73c9a4cfd21287bb9cc4eb5b94f0f60651d18c21
19bc7986406ae576bed6b1ce20044821d45e6377442e0756ea506e17ead6b59c
1d68bc70c636fcc06a4ac7b0c24a3a7542088d06387c32a1a9bdc2c479f2c678
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
22724f76070a43959ae51c82dd9865a72ee22884f3a12b0eabbc9c9bc9559ea3
284f85c64be6d2f3513e276e11d34f78590cc2a4db313128e6c494896ce94ab0
293f86a1bf7339b0bd92da16a48f673eb0176f269a0edad28aa7bef16609a990
347ae0dea38ef679c7219f439b5308b032443f3444a7445980f609c928ea1b3f
38e0b9de817f645c4bec37c0d4a3e58baecccb040f5718dc069a72c7385a0bed
437c7924ffae2dda29c41f1bd55d74e5eac712885f6630630274d12b5b83b95a
466d361db2f130d7e3d40a671c935e3e556c3a49567657afee2e44a0a390a84f
47e3881d0fe2662e06375c04b01a8eabdd8eeca52f66aab1dc7ba3b6f5c564f8
490dc6e94300e37cc696a01712cabe9c9dc9d5342de1dc362bd6de0dbd81c4c3
55abd4d24761dffeb5b915315dfd690e7edd4bd81da093bc55c2ee509da4e35b
60d83b366e8b5951e24c08e424b3f22dc2b62ec58a7933fafbcd3370bb70bc93
61a8b90ca1210fd30ddf7875b2deeb091a785c72f19fc8293a3cedcc5c8822ff
662650439d3d6c5eaa2c0b6cac680be331c81bc76e57df02979f177d83220fa7
6935876b0112bb2bb5aa7e27c0fdf9be86e190d47a0fbff8eb8e67e25d11f68d
7e85c285fd983223d07a014d1a96804ba1c8f65fb43238a4fad204350e896958
863a13c42ef72b562bc7aa5005b8ff5693763ae8d16ce3bfc3d876e92a7fdf85
8a715d81cd2240d28b5cce714ae32d835d9322ba0b79a766ee8c2458d3b72448
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
9f4e5aae6461b0d857a26e03d10a44ccc41db096b257a33c5c58f6961b32ad30
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
b11c81c0dc5f00996995c2c24e382e7dafbde057e32e6b7c9ea5dc694617355d
b254e1555d9d2ed2804383af7e5c7c7bba4ffdfa2ba8665305c105557dd258b4
b4769d28577b95827fc642993c97ed423649e262fbae2e86a78d94368d3a74c4
b75cba17751a5e6c0e183475d1074739a876aa2cf4841e760692e573822db343
bad51e23bda3b86050e80b64301111fb7dab284ef6a5d40bc042f711d6844f5a
bd037ce3cd92fe0c8d7e0747374cec8d54499a4fe86884941fb5b831c87f8cb9
c96fb13d89231c5a743ca1826064cd884ed4ec629fd66f15c0dbcf173dfbbf3e
d206840f2025a9cce0117437f4956028b0a028286f3f46765bdc29c85ea73303
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
de0198c26a4c935389c3dd91a225316d3db93cc31c5cffb2c40929b8a05ca105
e09981f0479e27085eaf2d0c6c41ba5a487a4ce669c24f4d4dcd9118b65aad72
e6ab24220f8c68e6e78680cfc83cbb1ec39eae9770c01a44655ddcb84ce51d79
f41b722bec971578de0605c37b14b241965d46d70c41becf7b153b2882478eac
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f86e550be4ed964168fd2c38151d84be5c1d5718358c8b96d920d135d5930163
f9077e9ffe52966b3a279d70797b41c4eba4e6d3928471fe755fcc3856ac4b3e