worker-frosty-violet-a136.3282026277.workers.dev Open in urlscan Pro
2606:4700:3034::ac43:9181 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://worker-frosty-violet-a136.3282026277.workers.dev/
Submission: On January 15 via api (January 15th 2024, 6:30:40 pm UTC) from US — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3034::ac43:9181, located in United States and belongs to CLOUDFLARENET, US. The main domain is worker-frosty-violet-a136.3282026277.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.

This is the only time worker-frosty-violet-a136.3282026277.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::ac43:9181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:402... 2607:f8b0:4020:804::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::6815:4e9f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::ac43:dfbd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:402... 2607:f8b0:4020:806::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:402... 2607:f8b0:4020:806::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
21	8

3 2606:4700:3034::ac43:9181 (United States)

ASN13335 (CLOUDFLARENET, US)

worker-frosty-violet-a136.3282026277.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:4e9f (United States)

ASN13335 (CLOUDFLARENET, US)

hoshinoai.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.hoshinoai.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:dfbd (United States)

ASN13335 (CLOUDFLARENET, US)

analysis.hoshinoai.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4020:806::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	225 KB
4	hoshinoai.live hoshinoai.live resources.hoshinoai.live analysis.hoshinoai.live	1 MB
3	workers.dev worker-frosty-violet-a136.3282026277.workers.dev	4 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
21	5

	Domain	Requested by
8	pagead2.googlesyndication.com	worker-frosty-violet-a136.3282026277.workers.dev pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	worker-frosty-violet-a136.3282026277.workers.dev	worker-frosty-violet-a136.3282026277.workers.dev
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	hoshinoai.live	worker-frosty-violet-a136.3282026277.workers.dev
1	www.google.com	tpc.googlesyndication.com
1	analysis.hoshinoai.live	worker-frosty-violet-a136.3282026277.workers.dev
1	resources.hoshinoai.live	worker-frosty-violet-a136.3282026277.workers.dev
21	8

This site contains no links.

Subject Issuer	Validity	Valid
3282026277.workers.dev GTS CA 1P5	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
hoshinoai.live GTS CA 1P5	`2023-11-23` - `2024-02-21`	3 months	crt.sh
resources.hoshinoai.live E1	`2023-11-23` - `2024-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://worker-frosty-violet-a136.3282026277.workers.dev/
Frame ID: 96D871F23CCC1D9E52D3955DBC488468
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 7A678073E060F526F52F071EBC670375
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1464700414259736&output=html&adk=1812271804&adf=3025194257&lmt=1705343435&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fworker-frosty-violet-a136.3282026277.workers.dev%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705343434510&bpp=13&bdt=508&idt=494&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5433671929203&frm=20&pv=2&ga_vid=63892474.1705343435&ga_sid=1705343435&ga_hid=967346677&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31079437%2C31080261%2C31080333%2C44795921%2C31080401%2C95321626%2C95321967%2C95322166&oid=2&pvsid=3208487929190632&tmod=305577280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=527
Frame ID: C272198675BD9BDD6423A5870A8876F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19766B1578ED2F6A9267DB8BD7299641
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E46E323ADD78C357B0C54CA14108D953
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

星野爱

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

21
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1675 kB
Transfer

3668 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
worker-frosty-violet-a136.3282026277.workers.dev/ 3 KB
2 KB 410ms
138ms Document
text/html 2606:4700:3034::ac43:9181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worker-frosty-violet-a136.3282026277.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd7910dc074c6be8aebea3f4cbd8493b8f20193b0cf6d494657274a98eba0a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 846030cdbc8267db-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 15 Jan 2024 18:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKhmm48FNgStczDwgXiuIbAOHAE%2FPppLQHw8DGBcdGZEcnRngPDIcmu6GEGoFtbrtg3TZENo39x7iJ7H%2FXxqv8ee2lZG4oq5MITuP5FEGJp9syXF7ccOOL66vd6ogpcfyVLm0S647Usf%2FyHzlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 364ms
116ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1464700414259736

Requested by

Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7542089c30108210d07f539a8cd0e3a855ad4b95c9841659ce335df98580c0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Origin: https://worker-frosty-violet-a136.3282026277.workers.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51297
x-xss-protection: 0
server: cafe
etag: 3769550335739960009
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 15 Jan 2024 18:30:34 GMT

GET
H2 200 style.css
worker-frosty-violet-a136.3282026277.workers.dev/ 669 B
616 B 272ms
271ms Stylesheet
text/css 2606:4700:3034::ac43:9181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worker-frosty-violet-a136.3282026277.workers.dev/style.css

Requested by

Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac7dac3bc0eb31a89e41a26656a30d6583b2d2384b48734689eb7350af62c135

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
etag: W/"a7600126ac924692d42e2a94e5458ce5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odmRc59dxNJlhvbylxnw%2FazbOgW4EGATnWrxBovmv%2FRepOHY88HjdKzTdDYUtePfXk7yA26CTLHrEJbRIFmUW%2F4ZXr0H8v7MIYVy5WS8Xnxkhm4hqJzhOvzBToECZmLJIzM3uAfc86ZmOfT8kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 846030ceae0e67db-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Ai.jpeg
hoshinoai.live/ 1 MB
1 MB 739ms
584ms Image
image/jpeg 2606:4700:3032::6815:4e9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hoshinoai.live/Ai.jpeg

Requested by

Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4e9f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

507a7d8a4a728c61314629738ac84a2e1cbe6b8d13aa9773cb701cce28a450f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1472196
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "1e6d5399780ffbad4ee389f3cd942e60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhnNOCyLi36pmcemWsIOk%2BG1PGC6m66XVyJtAZpZaozlouJz3HbhDyehPxfAHOFmXwfIiJ5c3dYvaMdQYBcZp22YUBF4XV5hUmv9u3jVPUHxPNsoX0wDQw4ZEq0YpjDhPzrVb6w06ZWrgefFdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 846030cf9f792293-MIA

GET
H2 200 email-decode.min.js Show response
worker-frosty-violet-a136.3282026277.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 104ms
104ms Script
application/javascript 2606:4700:3034::ac43:9181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://worker-frosty-violet-a136.3282026277.workers.dev/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 10:36:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658bfe17-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejuBosaX440IBVoP9Kq%2FzgN7OIYb4KDW6YPPOPn8MiS9zjpb1ZAn1lh3K5J3NmQYZrhQoMf17tsBLsKbEt%2FGNaTXjRWBrcVaj2nR6TahXmRT4lazMD91Ea5%2FlRmotkNVvagnlWcvBF8lN32iGpFvIcL%2BhlvkRLu8lOI8Jq%2FDuAvFdf5eNdTfmhrnOOeNaYo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 846030ceae1167db-MIA
expires: Wed, 17 Jan 2024 18:30:34 GMT

GET
H2 200 %E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%20-%20YOASOBI.mp3
hoshinoai.live/ 0
0 278ms
166ms Media
text/html 2606:4700:3032::6815:4e9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hoshinoai.live/%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%20-%20YOASOBI.mp3
Requested by: Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4e9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

GET
H2 206 %E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%20MV.mov
resources.hoshinoai.live/ 2 MB
0 687ms
534ms Media
video/quicktime 2606:4700:3032::6815:4e9f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.hoshinoai.live/%E3%82%A2%E3%82%A4%E3%83%89%E3%83%AB%20MV.mov
Requested by: Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:4e9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 23 Nov 2023 14:34:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "041a81623b9287b08943fd44c16e33f1-403"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA6uE6TDTyE%2FJ2UhQBkAJCmY8E6E9u2aEMnfi7PMphbsxrJngEKo83hkqVxztdg2PaZVkfrqBGOe8JxQ8Vn7XOz2wB20S8hPCbpWfF%2Fp2N6lRzRiU0aPUdfbq0%2F3cQHcrQBoyka%2Fykve9Tfp8WuBKmmcFgMd3Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/quicktime
Content-Range: bytes 0-3374752712/3374752713
accept-ranges: bytes
cf-ray: 846030cffdb067cc-MIA
alt-svc: h3=":443"; ma=86400
Content-Length: 3374752713

GET
H2 200 / Show response
analysis.hoshinoai.live/ 24 B
463 B 820ms
670ms Fetch
text/plain 2606:4700:3032::ac43:dfbd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analysis.hoshinoai.live/
Requested by: Host: worker-frosty-violet-a136.3282026277.workers.dev
URL: https://worker-frosty-violet-a136.3282026277.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:dfbd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0424061ec2676f5ca8a393504dfab8ad975f36a9c3f4ce6a9fb084911de1902

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZegwWIut%2FXyWfqmY7HvZHseIfnoPr0VukSEVkNe5YKVg2Idv3iJHo7TapOwBoXohsQqt10ECdl8q1iu92YcEFBHNEfshbQq4UqP6uOVW4%2FKg1N6wsS5VbK7N6SMKJO7oDkZ%2FYhmBE4gzFy41b%2BwPxsQWb7wJSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cf-ray: 846030d14d109acb-MIA
alt-svc: h3=":443"; ma=86400
content-length: 24

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/ 401 KB
136 KB 290ms
134ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_fy2021.js?bust=31080401

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1464700414259736

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f98e6fd6cba9d7e76909ae53d59e8c1e6c6ddda7569ef8a0b49476cd7c72bbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139240
x-xss-protection: 0
server: cafe
etag: 15976424024971529515
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Jan 2024 18:30:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 7A67 9 KB
4 KB 265ms
79ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1464700414259736

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 77828
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 20:53:26 GMT
etag: 9219409622527106327
expires: Sun, 28 Jan 2024 20:53:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 113ms
112ms Fetch
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1464700414259736
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C272 603 B
245 B 171ms
169ms Document
text/html 2607:f8b0:4020:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1464700414259736&output=html&adk=1812271804&adf=3025194257&lmt=1705343435&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fworker-frosty-violet-a136.3282026277.workers.dev%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705343434510&bpp=13&bdt=508&idt=494&shv=r20240109&mjsv=m202401100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5433671929203&frm=20&pv=2&ga_vid=63892474.1705343435&ga_sid=1705343435&ga_hid=967346677&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C95320239%2C31079437%2C31080261%2C31080333%2C44795921%2C31080401%2C95321626%2C95321967%2C95322166&oid=2&pvsid=3208487929190632&tmod=305577280&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=527

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_fy2021.js?bust=31080401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 18:30:35 GMT
expires: Mon, 15 Jan 2024 18:30:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 106ms
104ms Fetch
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_fy2021.js?bust=31080401
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 117ms
117ms XHR
application/json 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_fy2021.js?bust=31080401

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cda51550da2da7e2c0c7af18de56fc86ea2678a1070ca8bc92f6fa93cbf3c16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12283
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 282ms
103ms Script
text/javascript 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401100101/show_ads_impl_fy2021.js?bust=31080401

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 Jan 2024 18:30:35 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1976 13 KB
5 KB 76ms
73ms Document
text/html 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 423660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 20:49:35 GMT
expires: Thu, 09 Jan 2025 20:49:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E46E 829 B
1 KB 222ms
84ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ce30d4a36bafed55ac908ada19069e4894fd07b9e1d89c81c4c3967f52d6373f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uPmF_D6AxYTTHFHxNpo-2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-uPmF_D6AxYTTHFHxNpo-2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 Jan 2024 18:30:35 GMT
expires: Mon, 15 Jan 2024 18:30:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1976 39 KB
15 KB 77ms
75ms Script
text/javascript 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 13:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 362859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Jan 2025 13:42:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E46E 0
0 125ms
125ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=3208487929190632&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1976 0
10 B 112ms
111ms Image
text/plain 2607:f8b0:4020:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ijneyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 15 Jan 2024 18:30:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 110ms
109ms Image
text/html 2607:f8b0:4020:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=3208487929190632&bg=!pKelp-jNAAaumcC-jpk7ADQBe5WfOEGKcxqZorI_LOWNQDT0aQmd90vCS6kqCifcqeX4yVjFNAYQdxOGyqZe5WWtqXWrAgAAAGxSAAAAAmgBBwoAIEY3rkK57miGGRu8duP3kqCeOsusEqieyFm8DFTabnHimQLkI9a23NNZUJuyUJfq9-G0Sjlw6-q0w7IHC9UIXtPdZO69dCBjVvQWkJFNHqE1nXO4t1pqDbsoac2kgqd15c6O-v3Ac5W-d6Q6MnY2Q99LyBdaZkk8G2MNHV1rZz-HenY4kI5AGesDjGJjXt9qx6HAeRAJHdzCZobjh-UOSwprybsZ8mZZJLu9a0R-CEWzYpk8BW2J7BFhKsKwEZHlgm-v7NjU9l2K7C9dsJqWT5itoY2duRgZVNHzk8RL_Sh46-1KcgVrhuH9IVVIhh5Q_OngRKTfDVPkK7lZbo3ILdVCZhoRotNl_SIZoUedkpuIVd2XhsZb-vxyS6-OQe_NiY-pFi3OZdgYp3cb1Kf37ICuxvefLroPQaRR0b9a0e8vyHWBmvmJ0kFc7IOw19DjY4N-5x0ZPuheR0svPqgL8U8hqLPf4sgNmB9PansAaPGS2aF0ChES4Qjgq0Du-arARH9I3FFg1lURkVUynaKl8wFCVGxJbXm1HVc-81_v_5jEAgblT7Q9ngfqqr6rYHLs048OUPkzOJ-YNhpA3pWrE4Mee7z4Y84WhA5HjddZTLk-OuLNLgZ9_XIHAKfNZieMoXobG0oi-UudGdE0S6hsV-p6wTw1Tg7S9wfjW3ZzmRYNCBIhRXftmW43tk0GtM_vaNKzY-9Fu-zSfMdQ0vfbpRloA00Xd4nURGL5tVpoukrnCVgI6eE619cw91XBr7bh2S68FXr4usSpqC-LL43M4MTi1aQfslAlZBcHePmiqI-5ly_uZpFv_16o3GqQOK5eGyHzDGoMZDr-9ZRxlg5990vCcn8ojRQJDf1YN55PrrA4W-46GZ2zW-GavWY6DvVyQraZggE01_rWj72L0O6Gj8vdPvO_0R3V6_dlQ1frofVAc7yPe40YUWmSSIyOQwJrBtfGtoAroGYEfaqnTh3bsLHsZshfdWBRDbu3MuJ6oHJRhYyxqhwIpicQ_8mG6H3Y1ilufBoJFPM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://worker-frosty-violet-a136.3282026277.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 17:42:24	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analysis.hoshinoai.live
googleads.g.doubleclick.net
hoshinoai.live
pagead2.googlesyndication.com
resources.hoshinoai.live
tpc.googlesyndication.com
worker-frosty-violet-a136.3282026277.workers.dev
www.google.com
2606:4700:3032::6815:4e9f
2606:4700:3032::ac43:dfbd
2606:4700:3034::ac43:9181
2607:f8b0:4006:80c::2004
2607:f8b0:4020:804::2002
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2002
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
507a7d8a4a728c61314629738ac84a2e1cbe6b8d13aa9773cb701cce28a450f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
6f98e6fd6cba9d7e76909ae53d59e8c1e6c6ddda7569ef8a0b49476cd7c72bbb
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7542089c30108210d07f539a8cd0e3a855ad4b95c9841659ce335df98580c0db
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
ac7dac3bc0eb31a89e41a26656a30d6583b2d2384b48734689eb7350af62c135
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
cda51550da2da7e2c0c7af18de56fc86ea2678a1070ca8bc92f6fa93cbf3c16c
ce30d4a36bafed55ac908ada19069e4894fd07b9e1d89c81c4c3967f52d6373f
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
dd7910dc074c6be8aebea3f4cbd8493b8f20193b0cf6d494657274a98eba0a5f
e0424061ec2676f5ca8a393504dfab8ad975f36a9c3f4ce6a9fb084911de1902
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

worker-frosty-violet-a136.3282026277.workers.dev Open in urlscan Pro 2606:4700:3034::ac43:9181 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

100 %IPv6

5 Domains

8 Subdomains

8 IPs

2 Countries

1675 kBTransfer

3668 kBSize

1 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

worker-frosty-violet-a136.3282026277.workers.dev Open in urlscan Pro
2606:4700:3034::ac43:9181 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

8
Subdomains

8
IPs

2
Countries

1675 kB
Transfer

3668 kB
Size

1
Cookies

21 HTTP transactions
9 data transactions