urlscan.io logo urlscan.io
SecurityTrails logo

kugeci.1233.fun Open in urlscan Pro
2606:4700:3035::6815:4f59  Public Scan

Go To Rescan Add Verdict Report
URL: https://kugeci.1233.fun/
Submission: On January 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3035::6815:4f59, located in United States and belongs to CLOUDFLARENET, US. The main domain is kugeci.1233.fun.
TLS certificate: Issued by E1 on December 14th 2023. Valid for: 3 months.
This is the only time kugeci.1233.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    2606:4700:3035::6815:4f59 (United States)

ASN13335 (CLOUDFLARENET, US)
kugeci.1233.fun
1    2607:f8b0:4006:81d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:310c::ac42:2c41 (United States)

ASN13335 (CLOUDFLARENET, US)
lyrics-615.pages.dev
2    2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2607:f8b0:4006:823::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
play.google.com
6    2607:f8b0:4006:81d::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2607:f8b0:4006:81c::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4006:823::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2607:f8b0:4006:81f::200e (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
3    2607:f8b0:4006:81d::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2607:f8b0:4006:808::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
225 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 1233.fun
kugeci.1233.fun
32 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
135 KB
2 google.com
play.google.com — Cisco Umbrella Rank: 31
www.google.com — Cisco Umbrella Rank: 2
6 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 971
69 KB
2 pages.dev
lyrics-615.pages.dev
262 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236
396 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600
16 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1012 B
32 11
Domain Requested by
6 pagead2.googlesyndication.com kugeci.1233.fun
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 kugeci.1233.fun kugeci.1233.fun
2 www.googletagmanager.com kugeci.1233.fun
www.googletagmanager.com
2 use.fontawesome.com kugeci.1233.fun
use.fontawesome.com
2 lyrics-615.pages.dev kugeci.1233.fun
1 www.google.com tpc.googlesyndication.com
1 bam.nr-data.net js-agent.newrelic.com
1 stats.g.doubleclick.net www.google-analytics.com
1 js-agent.newrelic.com kugeci.1233.fun
1 play.google.com kugeci.1233.fun
1 fonts.googleapis.com kugeci.1233.fun
32 14

This site contains links to these domains. Also see Links.

Domain
play.google.com
www.facebook.com
Subject Issuer Validity Valid
1233.fun
E1		 2023-12-14 -
2024-03-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
lyrics-615.pages.dev
GTS CA 1P5		 2023-12-15 -
2024-03-14		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-15 -
2025-02-15		 a year crt.sh
*.nr-data.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2024-10-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://kugeci.1233.fun/
Frame ID: 128CE99471D9EACE20376043282BC638
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Frame ID: 87A0D5A9B33274A4F36D68252A6F5774
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=2588941767&adk=3416455403&adf=671297044&pi=t.ma~as.2588941767&w=730&fwrn=4&fwrnh=100&lmt=1706051462&rafmt=1&format=730x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462626&bpp=19&bdt=435&idt=310&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=7540365162868&frm=20&pv=2&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=348
Frame ID: 9FA1893DD61BC6FD729E3E256FD9F104
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=2117992636&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462646&bpp=2&bdt=455&idt=355&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Frame ID: 09EEE6DD55ABC6AE8268E60556A27830
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=3305550917&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462648&bpp=1&bdt=457&idt=382&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=2321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=392
Frame ID: 9AB651FA37328083687F0FDF2B8727A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&adk=1812271804&adf=3025194257&lmt=1706051463&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkugeci.1233.fun%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462870&bpp=3&bdt=679&idt=186&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280%2C350x280&nras=1&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=215
Frame ID: E94109B4EE93BE24279917534FFF4B0D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6F781BD730BD6F209185E3D5D4F0DE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14EF009B19E97ACA23CC6A10BAAC28E9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

酷歌词

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

32
Requests

100 %
HTTPS

86 %
IPv6

11
Domains

14
Subdomains

14
IPs

1
Countries

774 kB
Transfer

2312 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
kugeci.1233.fun/ 		140 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.28
Resource Hash
046e31ef84ca78b93b038975ae83c9df9eaf5da0bba94eed90224032023c5820

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
Content-Type,Authorization
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
84a3b69aedd44bcc-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 Jan 2024 23:11:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1WDqfRRNvjMX5z9SzYawTqkC0ChBoSHfmKTZYxcQuSvkVMgRpMJew2Rmu8EB2kxhB5f639rvMgT6BohagcJa18k3h%2BaE8ZNDEfE4cwQxUSo3T7I40vv93AcqH09YvARDcO5GGfQ4mXJ5UiQn3c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-cache
EXPIRED
x-powered-by
PHP/7.2.28
css
fonts.googleapis.com/ 		5 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:300,400,600
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e7e0e3a9d62b7218734370ea8ed793f1a64357c02208c4917f5e5ac684d1bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 23:03:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jan 2024 23:11:02 GMT
app.css
lyrics-615.pages.dev/lyrics/ 		127 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lyrics-615.pages.dev/lyrics/app.css
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77bd416c767a7ae26bdf70cc5e644c526e8b7cbbdb6d4a32fbf76fa1d2db2341
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f9a445f0677bff82aadb772510ece337"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wgLanxQJ1OueDkTw4vXgldd0wWEeT2%2Fa713WKXTsLJt0Qkb7xrIDEbEwkNZ8m5WWpypzxeqlwKig6xXSKCS%2B2war0u5F1nsatY6WmEAhGXnPZPMALd4nKeHk%2FioE9he7N94DGAJTsDGmqolY9Z1CTChPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
84a3b6a75cfc4bbb-BUF
alt-svc
h3=":443"; ma=86400
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://kugeci.1233.fun/
Origin
https://kugeci.1233.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViIiTzFu5TqT077WJ5fY2vCy5QCY2dfOv0mxPY%2B8YyF4gbgtoBWWdnFTrPKLgCDSUUDoqwQVsFP%2FgrxDc6UR5pvTswjxFt6%2FCabRcCzoJbPRR%2FQfSS1a5Cye82Y1MrsMBcjHH1%2FdnFUcr%2F7JDrl%2F%2B5vS"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
84a3b6a74b4b4364-EWR
alt-svc
h3=":443"; ma=86400
logo.png
kugeci.1233.fun/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kugeci.1233.fun/img/logo.png
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e630ad35a12f88f4818ed708213e516f6729b706bc01769ef85dfa54dc0c70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400
content-length
8398
pragma
public
last-modified
Thu, 05 Mar 2020 14:07:09 GMT
server
cloudflare
etag
"20ce-5a01c0d7fb3a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCS2OHG73yUwqIhHrA1i1nSgSvaBh5ZRktBzr9KZh5HLLfppx8ua6hjJNF9WJv%2Fp4LCgrVlvoMnGIECawHFjZGFashypYsJzPK%2BUe%2F7vYTtsclte55J%2BA5sKpqSfKPxHC%2FOX4wi4THa18yUtN1w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a3b6a6da9f4bcc-BUF
access-control-allow-headers
Content-Type,Authorization
expires
Tue, 23 Jan 2024 23:12:02 GMT
en_badge_web_generic.png
play.google.com/intl/en_us/badges/static/images/badges/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.google.com/intl/en_us/badges/static/images/badges/en_badge_web_generic.png
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Aug 2022 06:08:00 GMT
server
sffe
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/uxe-owners-acl/play_google
report-to
{"group":"uxe-owners-acl/play_google","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/uxe-owners-acl/play_google"}]}
content-type
image/png
cache-control
private, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4904
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="uxe-owners-acl/play_google"
expires
Tue, 23 Jan 2024 23:11:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9338d2a3277f48a80a9329187aef592b7b0d4bafcb6bc9c95e681d0b0b08930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51020
x-xss-protection
0
server
cafe
etag
9875471416237523441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 23 Jan 2024 23:11:02 GMT
app.js
lyrics-615.pages.dev/lyrics/ 		808 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lyrics-615.pages.dev/lyrics/app.js
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2c41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cb867cb324b2898b269ed800ca7d61ee45543c2b3f5325071e592e27132b71
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7d16d04036cf37b7e031824733f06ed1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mcjitppp2r7tu5CKO0A12SPHAAFchVyOGOO0uKqkNT3I1eK6gPZAghRWg9A200LiXAAI54HcJ5lyz3pkI%2B8fw36pEr2UrthcPbQfHY3wk%2BBAdbfDPIl06X0q7yIKB8%2FrDUfFmTY9lSB9iztk7U1kTpLvtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
84a3b6a75cfd4bbb-BUF
alt-svc
h3=":443"; ma=86400
tablesort.number.min.js
kugeci.1233.fun/js/ 		542 B
652 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kugeci.1233.fun/js/tablesort.number.min.js
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:4f59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adad69590ecc7ee548a2567fa617045de82cf66d5e857682348f1c99cde0244b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
EXPIRED
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Thu, 05 Mar 2020 14:07:09 GMT
server
cloudflare
etag
W/"21e-5a01c0d7fc343"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3cjzEaMDTDXDPk5PE7nR5%2Fc%2BjGRq8hEcEmlaD02WQCiCvnNH0GEfgTaT10XxtHnGMftJ1w0vu7W%2FwhHylA1K8e8JTajkYyozPWAQwUCPLSSB4d2Rbp5amfxwTOiosyD0cAdVrTtP1TDOjviTME%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
84a3b6a71b0f4bcc-BUF
access-control-allow-headers
Content-Type,Authorization
expires
Tue, 23 Jan 2024 23:12:02 GMT
js
www.googletagmanager.com/gtag/ 		133 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-122050875-1
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
183caaceea7fb6ab5c104c78d3a75142267bc63cbf690b244fcce1f970f21d14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51877
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 23:11:02 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://kugeci.1233.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Sep 2023 01:44:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXy2geB3WpIYmXD7GRrlA1eUWCVbPCcBRL9LosNuhVAreaF5WNY3QwV4rthY%2Bz3PFz5m4QDhxGo0JiJtnnGc%2FrkliawPVaAOnuIILHHAtu5K9cHsQLPqLBNiVmXx08XHiFMztgauVMAw1ff6%2Fsp294CG"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
84a3b6a81c754364-EWR
alt-svc
h3=":443"; ma=86400
content-length
59572
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87fe931a4f4487c11e2ac93f7722c7b7fe3a293487c404d701d5e3da990db3ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139757
x-xss-protection
0
server
cafe
etag
15049634119638091652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Jan 2024 23:11:02 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/ Frame 87A0 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240118/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
10990
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 20:07:52 GMT
etag
9219409622527106327
expires
Tue, 06 Feb 2024 20:07:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		243 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2CW86FWSC0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122050875-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4cef11375df549b5d36fdbe12ee944066e6026f700cdf2a822229bae59f59469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85782
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jan 2024 23:11:02 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-122050875-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 23 Jan 2024 21:51:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4760
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 23 Jan 2024 23:51:43 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9FA1 		603 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=2588941767&adk=3416455403&adf=671297044&pi=t.ma~as.2588941767&w=730&fwrn=4&fwrnh=100&lmt=1706051462&rafmt=1&format=730x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462626&bpp=19&bdt=435&idt=310&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=7540365162868&frm=20&pv=2&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 09EE 		603 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=2117992636&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462646&bpp=2&bdt=455&idt=355&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9AB6 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=3305550917&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462648&bpp=1&bdt=457&idt=382&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=2321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=392
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E941 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&adk=1812271804&adf=3025194257&lmt=1706051463&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkugeci.1233.fun%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462870&bpp=3&bdt=679&idt=186&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280%2C350x280&nras=1&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:11:03 GMT
expires
Tue, 23 Jan 2024 23:11:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2CW86FWSC0&gtm=45je41h0v881487368&_p=1706051462870&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=1943985118.1706051463&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1706051463&sct=1&seg=0&dl=https%3A%2F%2Fkugeci.1233.fun%2F&dt=%E9%85%B7%E6%AD%8C%E8%AF%8D&en=page_view&_fv=1&_ss=1&tfd=2952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2CW86FWSC0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 23:11:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kugeci.1233.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=203833891&t=pageview&_s=1&dl=https%3A%2F%2Fkugeci.1233.fun%2F&ul=en-us&de=UTF-8&dt=%E9%85%B7%E6%AD%8C%E8%AF%8D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=347517768&gjid=1356283141&cid=1943985118.1706051463&tid=UA-122050875-1&_gid=1255445512.1706051463&_r=1&gtm=457e41h0&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&jsscut=1&z=1435999230
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kugeci.1233.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Jan 2024 23:11:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kugeci.1233.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
nr-rum-1.250.0.min.js
js-agent.newrelic.com/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-rum-1.250.0.min.js
Requested by
Host: kugeci.1233.fun
URL: https://kugeci.1233.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d9b52b20b38a25ec5a1e82a0d18f325104b685d0e096e83c6601a6ff416d00c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://kugeci.1233.fun/
Origin
https://kugeci.1233.fun
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
PO1DNfF7oqt2gwAJ8VybzlFNt0XvHsWQ
content-encoding
br
via
1.1 varnish
date
Tue, 23 Jan 2024 23:11:03 GMT
strict-transport-security
max-age=300
x-amz-request-id
0NRBRVY8M5J4GV69
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
15785
x-amz-id-2
uDhTimMu3u9LgVs4yvTS2Pt/xe6cFzwmfKow4I6hD4ghALaKbUggDeH1gTvEVKrO4MO+YOmdZ9E=
x-served-by
cache-yyz4575-YYZ
last-modified
Tue, 09 Jan 2024 19:15:56 GMT
server
AmazonS3
x-timer
S1706051463.253101,VS0,VE0
etag
"cf8a3c74761a92dc975ec5cfa6f5585f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges
bytes
x-cache-hits
267434
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240118&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9b6c505ac1a06ff3ee4e820a7b3851b32e41f31a6949ec4eba931fb88adaa2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12116
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-122050875-1&cid=1943985118.1706051463&jid=347517768&gjid=1356283141&_gid=1255445512.1706051463&_u=YADAAUAAAAAAACAAI~&z=1887522153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kugeci.1233.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 23 Jan 2024 23:11:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kugeci.1233.fun
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cb2044a7ca
bam.nr-data.net/1/ 		40 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/cb2044a7ca?a=419532446&v=1.250.0&to=Z1FaZRdUChEDW0AIDV4beVIRXAsMTVxRBwNFWEw%3D&rst=3090&ck=0&s=c7e2c155d6fc66ed&ref=https://kugeci.1233.fun/&hr=0&ap=290&be=1989&fe=1013&dc=874&at=SxZZE19OGR8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1706051460194,%22n%22:0,%22f%22:0,%22dn%22:34,%22dne%22:34,%22c%22:34,%22s%22:63,%22ce%22:101,%22rq%22:102,%22rp%22:1990,%22rpe%22:1998,%22di%22:2723,%22ds%22:2862,%22de%22:2863,%22dc%22:2998,%22l%22:2998,%22le%22:3002%7D,%22navigation%22:%7B%7D%7D&fp=2308&fcp=2308
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.250.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer
https://kugeci.1233.fun/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 23 Jan 2024 23:11:03 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/plain
access-control-allow-origin
https://kugeci.1233.fun
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
40
x-served-by
cache-ewr18138-EWR
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Jan 2024 23:11:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6F7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
247512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Jan 2024 02:25:51 GMT
expires
Mon, 20 Jan 2025 02:25:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 14EF 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76eb0511f1aab51bd55f02e780f06a425df209e36b46545d91108e1275832e48
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YLCzNA-kzPPj8pDPqXCu_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kugeci.1233.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-YLCzNA-kzPPj8pDPqXCu_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Jan 2024 23:11:03 GMT
expires
Tue, 23 Jan 2024 23:11:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame A6F7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 02:39:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
246691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 20 Jan 2025 02:39:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 14EF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240118&jk=62341819138073&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame A6F7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?a2h97w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 23 Jan 2024 23:11:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240118&jk=62341819138073&bg=!5Oel56jNAAa8BdJLnAU7ADQBe5WfONYafP1W2SupH0Hw4N5Vi1PGr9ns0LOsw_7Zz8bANt6Y5gvM8C54zbBH-9J5RQvPAgAAAHlSAAAAA2gBB5kCwUkrmTjOGNH1odxLsE15EFnl1u2kk1lD4-12SWw21YSh6q54DAqh_4k7Y3a3L6bPH_fsXp2s3-yrolFdYTThbXBgUFN8VVriv7XP-ILUDrOTYJokQvcZwICr6TD9VLGKxmJ1g9V0F04edO_TrX197CwQUgNdNzZqQDUI5KOZswo5huPewPzxV3HljxcO1aVvn8GcuAZTdAH7YhnwcDcxOo-yWrJlk9gGN521Bs85Kfl5xWMSzLDTOySGVvHFftRTXxJos5XCPiBh6l-2yobO75v1CyVNFJuCL8UNGqtmYPWpxHMvGoCSenHZSdJkjZwnqbARaQc51Lr6hXuxCPXIpcrkQndQD4kKBj5ESsAb2itF9feG5ktu2lpUTjkMhDmYUdQ33Zu8s6oPnbth0EH63suNK_Dz8KMmZLclqieMZ2WRjjtV7RRBZh28W76cCyaiiRKURS-ldFCiiSKMbaN5tb4jliEJL-Vl7GafRK7qL0TL_3uyzRZBvvui7rwctQ33Q6rQqA-9094-V2jqhSNI_SLflWm1wxD6RIFh79SJwflU7nWjGKrWH6mQUx0aYmJS4cbMDYG50-5h1NygOXm638keqrKpuG9LK9Im5j7NGEgGEKfb_9Fxb0u2tSsNTkGbiF-xJpMgzNBDYjJVdhkHw8cUPNhLbgIJMnwWlDIQ6F57retTs0SmMtv1yGWhDDsGt8PL--fRa3VO1TNemGICRIX4MH0cBLQVODQ-Xy1QewJBr8WUjxkFE6fC-tKklzHorfuDW2QIBxph8ErMidmIw5v-qHQfMRJC_GDs4ZeJ7Gekg8Z-PA8b5RdcdGB0v_pSLyYGJ7PjnXRt5lJRRKPGZ_PfeWtv0-G0-DKoAaV8htjY2NVrs7c4rb9ZzNOHxHf86u6EY_VceR3VOCJ6UCT1Cj4_b4_XuqDpqGi2WNxXQEWFLw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://kugeci.1233.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| NREUM object| webpackChunk:NRBA-1.250.0.PROD object| newrelic object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| _ function| Popper function| jQuery function| $ function| Tablesort function| axios function| Color function| Chart function| gtag object| dataLayer number| google_rum_task_id_counter object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
kugeci.1233.fun/ Name: XSRF-TOKEN
Value: eyJpdiI6Ikg0czlkSWo3WldzNDBKQUltQ3JiUnc9PSIsInZhbHVlIjoiaUp1VDByN1NHcWpDY1QyY0NRV3doZGVTTmRGMU45YlVcLzJZS1FMTG5cL3pyZGZEK0VNT2RcL0VYYXVtOWNNMTM5ZSIsIm1hYyI6IjE1ODU1MDVmOGQwMjBmYmVjYTFiY2Q2MjY1MTdhNmMyYTFkYzc4OTkwOGFkODJlMWIyMmFhYTMxNjVkNjdmMjIifQ%3D%3D
kugeci.1233.fun/ Name: _session
Value: eyJpdiI6InRvZEszUU84c3hYZWt4MUJ4eWxDVlE9PSIsInZhbHVlIjoiUmk3Mm9aNnIyTVg5SHdwV1hlY1RYZkg2eFQxUjdrdnZOUk1yTTQ3b1NLM3ZyaFVKZFhFQ25BMDBrXC9KNGxVejYiLCJtYWMiOiI3NGQ2NzQ2MWNkOTcyZDUxNTZjZDQ4YTRkNGM4MGMxMDc4OTQwNmE1MzhlMDAxN2UyYWU3MmNlY2FhMTZjMzU0In0%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUn6hUwwaDjHLIQVARLA79PtOkJSVzekNPISHsxLnDg8Vtm2ibDYrPd6HvFE
.1233.fun/ Name: _ga_2CW86FWSC0
Value: GS1.1.1706051463.1.0.1706051463.0.0.0
.1233.fun/ Name: _ga
Value: GA1.2.1943985118.1706051463
.1233.fun/ Name: _gid
Value: GA1.2.1255445512.1706051463
.1233.fun/ Name: _gat_gtag_UA_122050875_1
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=2588941767&adk=3416455403&adf=671297044&pi=t.ma~as.2588941767&w=730&fwrn=4&fwrnh=100&lmt=1706051462&rafmt=1&format=730x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462626&bpp=19&bdt=435&idt=310&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&correlator=7540365162868&frm=20&pv=2&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1134&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=348
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=2117992636&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462646&bpp=2&bdt=455&idt=355&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=377
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7333533619920700&output=html&h=280&slotname=6629518301&adk=2212208972&adf=3305550917&pi=t.ma~as.6629518301&w=350&fwrn=4&fwrnh=100&lmt=1706051463&rafmt=1&format=350x280&url=https%3A%2F%2Fkugeci.1233.fun%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706051462648&bpp=1&bdt=457&idt=382&shv=r20240118&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280%2C350x280&correlator=7540365162868&frm=20&pv=1&ga_vid=1943985118.1706051463&ga_sid=1706051463&ga_hid=203833891&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1005&ady=2321&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95321958%2C95320892%2C95321626%2C95322162%2C95322319&oid=2&pvsid=62341819138073&tmod=1578649027&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=392
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
fonts.googleapis.com
googleads.g.doubleclick.net
js-agent.newrelic.com
kugeci.1233.fun
lyrics-615.pages.dev
pagead2.googlesyndication.com
play.google.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
151.101.130.137
162.247.243.29
2606:4700:3035::6815:4f59
2606:4700:310c::ac42:2c41
2606:4700:e2::ac40:8c0d
2607:f8b0:4004:c17::9c
2607:f8b0:4006:808::2004
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::2002
2607:f8b0:4006:823::200e
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
046e31ef84ca78b93b038975ae83c9df9eaf5da0bba94eed90224032023c5820
183caaceea7fb6ab5c104c78d3a75142267bc63cbf690b244fcce1f970f21d14
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21cb867cb324b2898b269ed800ca7d61ee45543c2b3f5325071e592e27132b71
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
4cef11375df549b5d36fdbe12ee944066e6026f700cdf2a822229bae59f59469
54e630ad35a12f88f4818ed708213e516f6729b706bc01769ef85dfa54dc0c70
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7e0e3a9d62b7218734370ea8ed793f1a64357c02208c4917f5e5ac684d1bfc
76eb0511f1aab51bd55f02e780f06a425df209e36b46545d91108e1275832e48
77bd416c767a7ae26bdf70cc5e644c526e8b7cbbdb6d4a32fbf76fa1d2db2341
7d9b52b20b38a25ec5a1e82a0d18f325104b685d0e096e83c6601a6ff416d00c
87fe931a4f4487c11e2ac93f7722c7b7fe3a293487c404d701d5e3da990db3ca
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a9338d2a3277f48a80a9329187aef592b7b0d4bafcb6bc9c95e681d0b0b08930
adad69590ecc7ee548a2567fa617045de82cf66d5e857682348f1c99cde0244b
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d9b6c505ac1a06ff3ee4e820a7b3851b32e41f31a6949ec4eba931fb88adaa2f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849