landingkangutingo.kangutingo.workers.dev Open in urlscan Pro
172.67.212.242  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response landingkangutingo.kangutingo.workers.dev/	176 KB 46 KB	121ms 60ms	Document text/html	172.67.212.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.242 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eacb2d29bb1dc578b63c96fa49c7e34533d6432cfbe50e640394cd6d2ede3e84 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-ray 89c89d9dffe31913-FRA content-encoding br content-type text/html;charset=UTF-8 date Mon, 01 Jul 2024 18:56:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5BlR5%2BrUjjCbK1TfqC8bXMSbuTfox5YBLv4%2BSeCd3ZsfSxbAMJA76PG3ouAu7ie%2FsEfoHndj2fNJWgOc1JHbSyDZdMTwSfh%2BVz7Zfk%2BfZxfBbYf1PQJUFNa3JF8wp%2Fj5NqhzUzdzeANJ1f5N1VAySrwvoT1GkMYUW3y"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	landing.css kolectiva.co/	99 KB 23 KB	248ms 174ms	Stylesheet text/css	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kolectiva.co/landing.css Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 383d7200ed824bb720cb4b53950c7a672ab9465af2a31bf602ec91d2fb08ba01 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:22 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meUBM4mHVIFAF4rrbobWMUB8WzaBXbOaS1IKy0DTjQ%2Bnt2z1v0qnT00tH5KVw777b1yOSkMta%2FVqRA5Z%2FoKAw%2BUQjS4lz4phDMdqQYbazuxD1LFgIDZGWx8bRuyoXzs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cf-ray 89c89d9f7d2e30e8-FRA alt-svc h3=":443"; ma=86400
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 51 KB	173ms 84ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8336575336116017 Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 2f019d7ee96ebc27ab4d6f5688e1dd294a33b7a143e53a6ee13f8f34c14dd179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Origin https://landingkangutingo.kangutingo.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52633 x-xss-protection 0 server cafe etag 5558672042131570369 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 01 Jul 2024 18:56:22 GMT
GET H2	200	AVvXsEifP_ybpDwKQ7NsLxqAq3Gmhkd3iTshUazvhfHzNi8Sq29S2QJ21n6u6Bczueq8CWNwtpY2i4JvweELthQcuaBE7mqAzYteatQ1e-vKbheff2b2LJZrGuqamw5NdxdE50L2YGAaw-eVi7zjWbZg0gskcYGSOeQ_Q6WWKMYO1ZwOJpKWunz0siD8nXd5YUg=w200 blogger.googleusercontent.com/img/a/	4 KB 4 KB	787ms 787ms	Image image/png	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEifP_ybpDwKQ7NsLxqAq3Gmhkd3iTshUazvhfHzNi8Sq29S2QJ21n6u6Bczueq8CWNwtpY2i4JvweELthQcuaBE7mqAzYteatQ1e-vKbheff2b2LJZrGuqamw5NdxdE50L2YGAaw-eVi7zjWbZg0gskcYGSOeQ_Q6WWKMYO1ZwOJpKWunz0siD8nXd5YUg=w200 Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash dc2e3fcd9719f70590b0a70c86d9ea289cd429a4c068233feb195916e747fcbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT x-content-type-options nosniff server fife etag "v13352" vary Origin content-type image/png access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Kolectiva.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4411 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:23 GMT
GET H2	200	AVvXsEj2HRx6SFAoJZeBPFoFjOSnJNofYctmCMl5aBCaTYP4zcx-FqvTqtKhF6wtOpMzUMpzGuOWNLwZAAdkIqnjqHiW6A6XQq1scEI8PZ5zmXGYZcCBrHyWOBUkt6fYcUoc5Bep7i4GfYGD3SE_R5lsZ1uBKXl38z3omE9Xswc3C_JevfJeIcGWwAJO2ePIOG8=s... blogger.googleusercontent.com/img/a/	490 KB 491 KB	896ms 783ms	Image image/gif	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEj2HRx6SFAoJZeBPFoFjOSnJNofYctmCMl5aBCaTYP4zcx-FqvTqtKhF6wtOpMzUMpzGuOWNLwZAAdkIqnjqHiW6A6XQq1scEI8PZ5zmXGYZcCBrHyWOBUkt6fYcUoc5Bep7i4GfYGD3SE_R5lsZ1uBKXl38z3omE9Xswc3C_JevfJeIcGWwAJO2ePIOG8=s1600 Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash bdb80c4a55130d7e4d6d518f6f4689df85ef707938c6e930ee59997888f81c50 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT x-content-type-options nosniff server fife etag "v12b90" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="un v_nculo piel a piel.gif";filename*=UTF-8''un%20v%C3%ADnculo%20piel%20a%20piel.gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 501861 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:23 GMT
GET H2	200	mamitas%20usando%20fular%20kangutingo.gif blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxxuL-QXWgffupV9Xq-3AV1FVTTJMJXUCMrSvPxJID1zuO7Ib5emPgS-e-TJRNwy9ahaLdIkmFggsp6NPQktPxzsUikIJu8zo2eY_Y3gTRwoSyDAXJcu-ZlU84Ku-E-3ZLYIjZu89vwS3MC8LK...	2 MB 2 MB	1102ms 990ms	Image image/gif	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjxxuL-QXWgffupV9Xq-3AV1FVTTJMJXUCMrSvPxJID1zuO7Ib5emPgS-e-TJRNwy9ahaLdIkmFggsp6NPQktPxzsUikIJu8zo2eY_Y3gTRwoSyDAXJcu-ZlU84Ku-E-3ZLYIjZu89vwS3MC8LKPDnH0IzwSoVxKttAp7BTk957oVMIrzlC38qnJuqh8E8/s1600/mamitas%20usando%20fular%20kangutingo.gif Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 13736492c382c4c0dfb5291ced114fb2b2a9258d21834f187baecf32efda9b7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT x-content-type-options nosniff server fife etag "v12b84" vary Origin content-type image/gif access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="mamitas usando fular kangutingo.gif" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2413384 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:23 GMT
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	181ms 49ms	Script application/javascript	2a04:4e42:600::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1264754 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-mxp6927-MXP last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1719860183.427057,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 19, 627058
GET H2	200	o-0IIpQlx3QUlC5A4PNr5TRA.woff2 fonts.gstatic.com/s/notosans/v11/	16 KB 16 KB	181ms 49ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v11/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 Requested by Host: kolectiva.co URL: https://kolectiva.co/landing.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://kolectiva.co/ Origin https://landingkangutingo.kangutingo.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 22:41:20 GMT x-content-type-options nosniff age 504903 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16056 x-xss-protection 0 last-modified Fri, 25 Sep 2020 00:08:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Jun 2025 22:41:20 GMT
GET DATA	200 OK	truncated /	817 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4372c7a91ad23d8ff25f241ad3f6d35eac8df11b57c66d1087edc456be127985 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 fonts.gstatic.com/s/notosans/v11/	16 KB 16 KB	268ms 137ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v11/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 Requested by Host: kolectiva.co URL: https://kolectiva.co/landing.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://kolectiva.co/ Origin https://landingkangutingo.kangutingo.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 19:54:07 GMT x-content-type-options nosniff age 342136 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16180 x-xss-protection 0 last-modified Thu, 24 Sep 2020 23:50:59 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 19:54:07 GMT
GET H2	200	o-0OIpQlx3QUlC5A4PNr4ARMQ_m87A.woff2 fonts.gstatic.com/s/notosans/v11/	28 KB 28 KB	192ms 61ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/notosans/v11/o-0OIpQlx3QUlC5A4PNr4ARMQ_m87A.woff2 Requested by Host: kolectiva.co URL: https://kolectiva.co/landing.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 58f9eeb4ee5d4b2629b55fd54f66b6cc498c8dfd358bec820f7e102c8b857275 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://kolectiva.co/ Origin https://landingkangutingo.kangutingo.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 27 Jun 2024 12:20:08 GMT x-content-type-options nosniff age 369375 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 28424 x-xss-protection 0 last-modified Thu, 24 Sep 2020 23:50:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jun 2025 12:20:08 GMT
GET H2	200	fular-el%25C3%25A1stico-comprar-un-fular.jpg 1.bp.blogspot.com/-ytb3gH5fxMQ/YDrFcmCiDMI/AAAAAAAA7Z4/V9fm7oMM7pEbEaTik0mkoXwu7TAyKVQyACNcBGAsYHQ/s0-rw/	44 KB 44 KB	525ms 387ms	Image image/webp	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-ytb3gH5fxMQ/YDrFcmCiDMI/AAAAAAAA7Z4/V9fm7oMM7pEbEaTik0mkoXwu7TAyKVQyACNcBGAsYHQ/s0-rw/fular-el%25C3%25A1stico-comprar-un-fular.jpg Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 580398aeef41667ae9ecff45ba78ce8fe99a5bfcf6347280a0d334f2023451fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT x-content-type-options nosniff server fife etag "ved9f" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="fular-el_stico-comprar-un-fular.webp";filename*=UTF-8''fular-el%C3%A1stico-comprar-un-fular.webp timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44836 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:23 GMT
GET H2	200	fular%2BQ2%2B-%2Bcomprar%2Bun%2Bfular%2Bprearmado.webp 1.bp.blogspot.com/-_l6dh_x9Fow/X8gxH0xUD5I/AAAAAAAA5YA/Xl8KB44i5FAfqolzI6TXITrvTejglmLbwCNcBGAsYHQ/s0-rw/	57 KB 57 KB	586ms 449ms	Image image/webp	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-_l6dh_x9Fow/X8gxH0xUD5I/AAAAAAAA5YA/Xl8KB44i5FAfqolzI6TXITrvTejglmLbwCNcBGAsYHQ/s0-rw/fular%2BQ2%2B-%2Bcomprar%2Bun%2Bfular%2Bprearmado.webp Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 00dd77e0a34133e4dc7896a646824b7198c3bea3307adbaf16c8b089366eabfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:23 GMT x-content-type-options nosniff server fife etag "ve582" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="fular Q2 - comprar un fular prearmado.webp" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 58572 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:23 GMT
GET H2	200	mochila%2Bportabeb%25C3%25A9.jpg 1.bp.blogspot.com/-zU1a_iMx_Gg/YK6A2rOp85I/AAAAAAAA8DY/2hC8A1vfhyUl7TQuUAKE9QMln5xIcGW8ACNcBGAsYHQ/s0-rw/	215 KB 215 KB	1021ms 884ms	Image image/webp	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-zU1a_iMx_Gg/YK6A2rOp85I/AAAAAAAA8DY/2hC8A1vfhyUl7TQuUAKE9QMln5xIcGW8ACNcBGAsYHQ/s0-rw/mochila%2Bportabeb%25C3%25A9.jpg Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f4a3b8ccc457730308eeb6c89c44bc22d9689da694ff0eeb2676832a91c1aace Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:24 GMT x-content-type-options nosniff server fife etag "vf037" vary Origin content-type image/webp access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="mochila portabeb_.webp";filename*=UTF-8''mochila%20portabeb%C3%A9.webp timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 220208 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:24 GMT
GET H2	200	Mochila%20Ergon%C3%B3mica.webp blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlsV6G-BRUy4uC7hayM24HPsVI2JFhUS4vz2dVJT-v3HCsDp8uC3UogHLwLGWEjCiSMpQy5bLlIoPAcvP36es3kKlbOL2CYYCSymQpz47blt42jex5sLowuFEACi0_t3BS39hRCp1wujYMN17C...	30 KB 30 KB	780ms 775ms	Image image/webp	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhlsV6G-BRUy4uC7hayM24HPsVI2JFhUS4vz2dVJT-v3HCsDp8uC3UogHLwLGWEjCiSMpQy5bLlIoPAcvP36es3kKlbOL2CYYCSymQpz47blt42jex5sLowuFEACi0_t3BS39hRCp1wujYMN17Chbn9Oz-3a_sihAMYiEDhh5fhTerl1K6Ga6mWNU5jBgI/s1600-rw/Mochila%20Ergon%C3%B3mica.webp Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 078c9e10bf9f1ed7ed4f6131c928be5ac35870b1175b602f30b9452c91439133 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:24 GMT x-content-type-options nosniff server fife etag "v13077" vary Origin content-type image/webp access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Mochila Ergon_mica.webp";filename*=UTF-8''Mochila%20Ergon%C3%B3mica.webp alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30902 x-xss-protection 0 expires Tue, 02 Jul 2024 18:56:24 GMT
GET H3	403	ads googleads.g.doubleclick.net/pagead/ Frame 9D76	0 0	248ms 80ms	Document text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8336575336116017&output=html&adk=3953984709&adf=2873229911&abgtt=6&lmt=1719800309&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kolectiva.co%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_23~27_8~29_18&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&dt=1719800430055&bpp=3&bdt=2039&idt=10&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3998198624565&frm=20&pv=2&ga_vid=225622491.1719800430&ga_sid=1719800430&ga_hid=519051033&ga_fc=0&u_tz=-300&u_his=19&u_h=800&u_w=1280&u_ah=709&u_aw=1280&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1502&bih=760&scr_x=0&scr_y=1957&eid=44759876%2C44759927%2C44759842%2C31084864%2C44798934%2C95334509%2C95334527%2C95334571%2C95334828%2C95335896%2C95331953%2C95335291&oid=2&pvsid=1446300663942195&tmod=1906201975&nvt=1&fsapi=1&ref=https%3A%2F%2Fwww.kolectiva.co%2Fcheckout&fc=1920&brdim=0%2C23%2C0%2C23%2C1280%2C23%2C1280%2C709%2C1505%2C760&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=0.85&ifi=1&uci=a!1&fsb=1&dtd=48 Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://landingkangutingo.kangutingo.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 01 Jul 2024 18:56:23 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame 14E0	0 0	253ms 68ms	Document text/html	142.250.185.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f4.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Fyvl4XGLzxHDOkrIXnCRzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://landingkangutingo.kangutingo.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-Fyvl4XGLzxHDOkrIXnCRzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 01 Jul 2024 18:56:23 GMT expires Mon, 01 Jul 2024 18:56:23 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	zrt_lookup_fy2021.html googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame 5C69	0 0	218ms 53ms	Document text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil04s23-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://landingkangutingo.kangutingo.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers age 76821 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4164 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 30 Jun 2024 21:36:02 GMT etag 9187630395144177108 expires Sun, 14 Jul 2024 21:36:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	favicon.ico landingkangutingo.kangutingo.workers.dev/	176 KB 46 KB	95ms 77ms	Other text/html	172.67.212.242 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://landingkangutingo.kangutingo.workers.dev/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.212.242 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eacb2d29bb1dc578b63c96fa49c7e34533d6432cfbe50e640394cd6d2ede3e84 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:24 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OBc7TLXXYf8n%2BpaZbEn1nNEy8nQLAheKHhNdFmNLuW%2FtE7ciybsDUtmDWeL%2BM%2FoMHkiISois3Ds%2F%2BnDw4IhGUMi3IkRCrDprtiDtE48DePmJjBm81hUXXIYmjQG5N%2Bolo4SxuzLCuizc4Mr0RQnvCa4ajvQINkHsJuke"}],"group":"cf-nel","max_age":604800} content-type text/html;charset=UTF-8 cf-ray 89c89da99a1d1913-FRA alt-svc h3=":443"; ma=86400
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 0	0ms 0ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8336575336116017 Requested by Host: landingkangutingo.kangutingo.workers.dev URL: https://landingkangutingo.kangutingo.workers.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 2f019d7ee96ebc27ab4d6f5688e1dd294a33b7a143e53a6ee13f8f34c14dd179 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Origin https://landingkangutingo.kangutingo.workers.dev Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52633 x-xss-protection 0 server cafe etag 5558672042131570369 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 01 Jul 2024 18:56:22 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/	425 KB 144 KB	250ms 103ms	Script text/javascript	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8336575336116017&plah=landingkangutingo.kangutingo.workers.dev&aplac=true Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8336575336116017 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash f907f00eff2e0025aa590f85c090b6f924ad629d95e662e0334a80654835f7d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:25 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 146953 x-xss-protection 0 server cafe etag 13983191826418034760 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 01 Jul 2024 18:56:25 GMT
GET H3	403	ads pagead2.googlesyndication.com/pagead/ Frame 5E04	0 0	219ms 90ms	Document text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-8336575336116017&output=html&adk=3953984709&adf=3964292005&abgtt=6&lmt=1719860185&plat=9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Flandingkangutingo.kangutingo.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_8~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719860185288&bpp=3&bdt=2529&idt=406&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=670285984652&frm=20&pv=2&ga_vid=1589644519.1719860186&ga_sid=1719860186&ga_hid=1001522884&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C95333410%2C95334511%2C95334527%2C95334573%2C95335896%2C31084184%2C21065724%2C31078663%2C31078668%2C31078670&oid=2&pvsid=4177161747592416&tmod=1621517839&uas=0&nvt=1&fsapi=1&fc=1920&brdim=70%2C70%2C70%2C70%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=451 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8336575336116017&plah=landingkangutingo.kangutingo.workers.dev&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://landingkangutingo.kangutingo.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 01 Jul 2024 18:56:25 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	95ms 95ms	XHR application/json	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240625&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8336575336116017&plah=landingkangutingo.kangutingo.workers.dev&aplac=true Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f2.1e100.net Software cafe / Resource Hash 46f1c5383194c3fabb92e32485df9ca255543a2be2c5f9fea1d66e09308657b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:25 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12731 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	259ms 59ms	Script text/javascript	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8336575336116017&plah=landingkangutingo.kangutingo.workers.dev&aplac=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://landingkangutingo.kangutingo.workers.dev/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 01 Jul 2024 18:56:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 01 Jul 2024 18:56:26 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame D5B2	0 0	145ms 46ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://landingkangutingo.kangutingo.workers.dev/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 13651 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 01 Jul 2024 15:08:55 GMT expires Tue, 01 Jul 2025 15:08:55 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240625&jk=4177161747592416&bg=!V1SlVBvNAAb64txl2uI7ADQBe5WfOG7Ep5HAgzUUMSI8QgHibn9Uev2s72Jom8cCK0tNyvYVA4a5L3UyvVRkRgv10DpCAgAAAOJSAAAAAmgBB34ANUQ8xCyIq5xGGhwY4jPpyxM7RN4hk-ktjb9ug8MUBqNiWM0vM_TwW4g_80hs7SiLNmzBEmDuCgAk99cYY-xDOE1QeBdVs_6JLEbtnx6oqdF8Co7GvLc1kKpxnzHxmQLCE_XVcu1jmWHJNQ2F_mnIm-uLIuwrgxL2p0eXqrGzl8X8QoBwxhKylxRTmPx_5u5gg5VDeHLRmos2upLU7h4mC7xgh4u2LWa1zI6-jppTHeZ-Blo9TE2SMKm3MRxvP_aafppxz6OmpuEVNg7t86YoG98ScBIARVEitPKv0yA28gbJ30ZvxVwt95o9Q-m_nOE44Lu1r6gZvuG4KiMiKJ6hP7gJCoFzSq6aGI8cW5HrW_7GKOONI6C63Ya_K-KLUwtOwY5BwEodPkMd5BqVDaaaabLrfxuK68Il3g9J9HwBUm9tL5PjNMOndkMkiAQO00Rgwiz2rx66N4qt0q_a_p3rbQC_2Y7EmEEjowf3XrEoFNQSYmKimNIIK1OZlRxRKWlfH7igbsSwdnPh5_Z9vRPet_dGxPCNUS_6n07IJZjQardpSGU-3wK26e2Oq1ZFLJos9DovNBuWRrItZYd0rIad6A7aCNfG6j0lFhbys8QJ_MC7jh1nFkWQUYlZQtpzQn1hBuGdSeFnImQzViTUs7ZZUl8VjA53BJp3uiv7mqxJUJzKAVpSoKd7WShfPjhvTskLixNCjIOycC3Wdwp-8_SxjEXDa3SG96Zt--SDE0WkO19cSLUPjvFEJlQw9uQUQlvN0oNyCanQ3cTotM17Zd82XgEZcJzxMx7jDKG8E0Q5t7xLDRGmb9f9TyivYgooU249ZKwIdl-R1wF2jQe75cdlsWHeuJzKHtY6RzLggk2OayeLOpI8u_dKQ9EnU-w2Ol6nm2pgB8UV9AJMqWhDyMEQay8rIjF2hhPNfnwZ-59yBy3tamJACX_aZLW6c3-wMO1-X233J2ye9VQ78FdH1zDEb5U2tMrDMhzVECEomJZqY8G_8SjxdJNb284IwzAdvHvasU53DgOM777FBggKG8rn1HsLaLHqcSZp5WKySh0SNspTgA

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 undefined| event object| fence object| sharedStorage function| Defer function| defer function| deferscript function| deferstyle function| deferiframe function| deferimg undefined| infinite_scroll function| InfiniteScroll function| darkMode function| headScroll object| imageslazy function| wrap object| containerimg object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint function| $ function| jQuery function| ignielLazyLoad object| config object| postsOrPages string| blogId undefined| urlTotal number| fetchIndex string| ampChar boolean| secondRequest number| feedPriority undefined| nextPageToken function| urlVal function| urlMod function| urlSearch function| urlManager function| fetchData function| parseData function| bloggerJS function| MonedaCarritoLocal string| moneda object| monthFormat string| noThumbnail number| postPerPage boolean| fixedSidebar string| paymentOption string| paypalMail string| currencyOption string| shippingOption string| commentsSystem string| disqusShortname object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
blogger.googleusercontent.com
code.jquery.com
fonts.gstatic.com
googleads.g.doubleclick.net
kolectiva.co
landingkangutingo.kangutingo.workers.dev
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
142.250.185.132
172.217.18.2
172.217.23.98
172.67.212.242
188.114.96.3
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2001
2a04:4e42:600::649
00dd77e0a34133e4dc7896a646824b7198c3bea3307adbaf16c8b089366eabfa
078c9e10bf9f1ed7ed4f6131c928be5ac35870b1175b602f30b9452c91439133
13736492c382c4c0dfb5291ced114fb2b2a9258d21834f187baecf32efda9b7e
2f019d7ee96ebc27ab4d6f5688e1dd294a33b7a143e53a6ee13f8f34c14dd179
383d7200ed824bb720cb4b53950c7a672ab9465af2a31bf602ec91d2fb08ba01
4372c7a91ad23d8ff25f241ad3f6d35eac8df11b57c66d1087edc456be127985
46f1c5383194c3fabb92e32485df9ca255543a2be2c5f9fea1d66e09308657b4
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
580398aeef41667ae9ecff45ba78ce8fe99a5bfcf6347280a0d334f2023451fc
58f9eeb4ee5d4b2629b55fd54f66b6cc498c8dfd358bec820f7e102c8b857275
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
bdb80c4a55130d7e4d6d518f6f4689df85ef707938c6e930ee59997888f81c50
dc2e3fcd9719f70590b0a70c86d9ea289cd429a4c068233feb195916e747fcbb
eacb2d29bb1dc578b63c96fa49c7e34533d6432cfbe50e640394cd6d2ede3e84
f4a3b8ccc457730308eeb6c89c44bc22d9689da694ff0eeb2676832a91c1aace
f907f00eff2e0025aa590f85c090b6f924ad629d95e662e0334a80654835f7d9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e