img.1381a.xyz Open in urlscan Pro
3.36.126.81 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://img.1381a.xyz/
Submission: On November 30 via manual (November 30th 2023, 7:01:46 pm UTC) from NL — Scanned from NL

Summary HTTP 60 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 60 HTTP transactions. The main IP is 3.36.126.81, located in Incheon, Korea, Republic Of and belongs to AMAZON-02, US. The main domain is img.1381a.xyz.

This is the only time img.1381a.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	3.36.126.81 3.36.126.81	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::6815:3c0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	64.227.70.247 64.227.70.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	13

6 3.36.126.81 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com

img.1381a.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3c0b (United States)

ASN13335 (CLOUDFLARENET, US)

www.emailnator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

botsafeguard.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.70.247 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-15.buysellads.com

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	botsafeguard.net botsafeguard.net	559 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	225 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	170 KB
6	1381a.xyz img.1381a.xyz	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	148 KB
1	hcaptcha.com newassets.hcaptcha.com — Cisco Umbrella Rank: 9853	239 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	243 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	391 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 28340	146 KB
1	emailnator.com www.emailnator.com	192 KB
60	11

	Domain	Requested by
29	botsafeguard.net	img.1381a.xyz botsafeguard.net
7	pagead2.googlesyndication.com	img.1381a.xyz pagead2.googlesyndication.com tpc.googlesyndication.com
6	img.1381a.xyz	www.emailnator.com img.1381a.xyz
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	cdn4.buysellads.net securepubads.g.doubleclick.net
2	www.googletagmanager.com	www.emailnator.com www.googletagmanager.com
1	newassets.hcaptcha.com	botsafeguard.net
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.paypalobjects.com	img.1381a.xyz
1	cdn4.buysellads.net	img.1381a.xyz
1	www.emailnator.com	img.1381a.xyz
60	13

This site contains links to these domains. Also see Links.

Domain
play.google.com
apps.apple.com
smsnator.online
premium.emailnator.com
www.facebook.com
discord.gg
tools-ai.online

Subject Issuer	Validity	Valid
emailnator.com GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
botsafeguard.net GTS CA 1P5	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
cdn4.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-11-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-15` - `2024-04-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: http://img.1381a.xyz/
Frame ID: A93A8B82CE04BEE8B2B93D9BA606D0CC
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world
Frame ID: 0BAD8715A29F585CCC5DA8861CED6301
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1701370901&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701370901174&bpp=2&bdt=333&idt=302&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8265019389962&frm=20&pv=2&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319
Frame ID: C1F0E9F9C1B475216645AEF46EF4143D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1701370901176&bpp=1&bdt=335&idt=325&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=328
Frame ID: 6CB67DAD38D99815CD49A12696E4689B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701370901177&bpp=1&bdt=337&idt=329&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=332
Frame ID: 185A529C247932BE1E6FC2AE7501B9C1
Requests: 1 HTTP requests in this frame

Frame: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html
Frame ID: 72ACE7F240E0C647BCA71FDF53DA5F27
Requests: 5 HTTP requests in this frame

Frame: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
Frame ID: 3B0224AD26E11FB11DCFF79311A3E9AC
Requests: 11 HTTP requests in this frame

Frame: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
Frame ID: 8664D0335FB083EB91594B33E6109B8E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C7E6130666AAE2258B3128237B2DE20B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F94A78DE4563DFFA419555FB60D8F4EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Temporary Disposable Gmail | Temp Mail | Email Generator

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

60
Requests

90 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

13
IPs

5
Countries

1685 kB
Transfer

5184 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.emailnator

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id6443654899

Search URL Search Domain Scan URL

URL: https://smsnator.online/
Title: Temp Number

Search URL Search Domain Scan URL

URL: https://premium.emailnator.com/login
Title: Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gmailnator

Search URL Search Domain Scan URL

URL: https://discord.gg/K68g52HCWt

Search URL Search Domain Scan URL

URL: https://tools-ai.online/
Title: AI Tools |

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
img.1381a.xyz/ 3 KB
3 KB 3508ms
739ms Document
text/html 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.1381a.xyz/
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: d56197687ca74ec27dee2a9585c1fa0470fb075640d39d02191e6163257ebb94

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82e5571e9dc0307a-ICN
Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Nov 2023 19:01:40 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVHTLpa1S3DSER4N8A1doyWo9h7Aeb0gbtozj5h%2FFyciWCsZE08%2FLlskzjVk5ME8F3Ml0nrkdWBLsf66%2B%2BwCVEIEa52NfatcxNG1z0MZ0W8ts2Scy74BGqhw1yyeWn4ayPBjreg%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 app.js Show response
www.emailnator.com/js/ 707 KB
192 KB 127ms
49ms Script
application/javascript 2606:4700:3031::6815:3c0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3c0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a9c7ff5d09af1805e9a32d1fc7fc7b6336f8a4b8e6fcf08e715e267fe23f29

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:40 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6759
cf-polished: origSize=723927
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 13 Aug 2023 02:13:04 GMT
server: cloudflare
etag: W/"b0bd7-602c47c65cf4b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Px%2FhySVcPvNnuiFiwQ35YenPoe1xtLGdNd68RvE6lv5VOhToIAj0wUHh2QRll2DrcT%2BhWfYuDAk2pUVCkSLzsu%2BsEEhtG3iAc6J8P01U8FyWWqln1zTPrz8pS9rc6RblEiKD6PC56oEtNJ78z2Xlhuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 82e55722d8f906c6-AMS

GET
H2 200 botsafev1.js Show response
botsafeguard.net/ 2 KB
1 KB 140ms
67ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafev1.js

Requested by

Host: img.1381a.xyz
URL: http://img.1381a.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75d3ce98cd017395fe312ba110d653725e053b4778a5b37983cc1f2daa2f834

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:40 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafev1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::84w9x-1701288745677-55abaf1e69cf
server: cloudflare
x-matched-path: /botsafev1.js
etag: W/"4d878b7984591ac0d1fd7d44873aee68"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWbN3XHgGbQmDWv%2FPE90suwKp2UGUJDcPrpaymDpHpFK4zInX4nqxIzvmLnOqfsh7f%2BeDWkS9NlEhEcAlaJGfCqrvzO5xPRu5rvp0lTsAGQLZPDy3PxPtY2uRcyoEpECaXDmemztblBgPsdZfEr1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e55722cb236703-AMS

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 235ms
86ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Requested by

Host: img.1381a.xyz
URL: http://img.1381a.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cdf190d48e2fcdae7ed37710aa5512150fe83d1031822382fc0bcd62055ea70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Origin: http://img.1381a.xyz
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52652
x-xss-protection: 0
server: cafe
etag: 1460598204573874297
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:01:41 GMT

GET
H2 200 emailnator.js Show response
cdn4.buysellads.net/pub/ 500 KB
146 KB 261ms
31ms Script
application/javascript 64.227.70.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/emailnator.js?1701370800000
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.227.70.247 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-15.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: e13c214140de255582aa55b434545b141c5c71262b31f846c7e208a77ca16dd8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: gzip
server: //srv.buysellads.com
etag: cd395d7651aeaba03909a70e55a34776507c823d
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
60 KB 197ms
57ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-P7P66FK

Requested by

Host: www.emailnator.com
URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d45d95cfc73c0722ed465dce3674c080e65f222d6ed51127f7abc2ed2c646040

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61442
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Nov 2023 19:01:41 GMT

POST
H/1.1 200
OK generate-email Show response
img.1381a.xyz/ 46 B
2 KB 722ms
722ms XHR
application/json 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.1381a.xyz/generate-email
Requested by: Host: www.emailnator.com
URL: https://www.emailnator.com/js/app.js?ver=MfLJevaWBm35
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8e714abfd034fae08075a45672f8158e55539cd64fb4923bb4a17df95ff24ba5

Request headers

Accept: application/json, text/plain, */*
Referer: http://img.1381a.xyz/
X-XSRF-TOKEN: eyJpdiI6IjVKY2FPVnFCY014dHJHODI1Y043VWc9PSIsInZhbHVlIjoiOFZuZEZEY0NVRXBqaStuNXh1YW4zelpsUnlnYVpVcUUwMnRYaVVhR05nRWNJRGRMbFVHNm05V3YySngvUmd2YUxLQlpBaEpHejdiR2Izbjdhc0l3QzYwN0hmaW51UFdGQzVjRGNQMVhTSUVRai9WWkNXT1NWelJCVnJtR2NPQzYiLCJtYWMiOiI1OWQ4NGUxYWZiYzFjNzM0Njc5OTM1MDZmOWY3MGNhYWJmYjFjMjgzNjc0NWFlN2Q4ZTY0NTg2YjEwMjQ5YTc4IiwidGFnIjoiIn0=
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 30 Nov 2023 19:01:41 GMT
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
X-RateLimit-Remaining: 4995
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LC6%2BvGD2wGcPReJC1of%2Bli8OPEuPZWOX54KEcbxSThau6Z2lG4gWhtv7YLl87a9qPGATk0nriEh6sfzIW4bhk9Hoi9WHp5mrOUtSJy0xWpdt49CPeXOnmqN662xHgzmkVtD%2Bx6g%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Cache-Control: no-cache, private
X-RateLimit-Limit: 5000
Connection: keep-alive
CF-RAY: 82e55724ce5b328a-ICN
alt-svc: h3=":443"; ma=86400
Content-Length: 46

GET
H/1.1 404
Not Found google-play.svg
img.1381a.xyz/images/ 34 B
34 B 277ms
277ms Image
text/plain 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1381a.xyz/images/google-play.svg
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 2a86ed34d4001e36593bc4d9ca43986155796497584b56efa3ba6ac5375094c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 34
Content-Type: text/plain; charset=utf-8

GET
H/1.1 404
Not Found app-store.svg
img.1381a.xyz/images/ 32 B
32 B 548ms
275ms Image
text/plain 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1381a.xyz/images/app-store.svg
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 31aec2e1225cb19957e4526aa419fdfdc6add76d69133cb0aa5bab0fac9dc6fe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 32
Content-Type: text/plain; charset=utf-8

GET
H/1.1 404
Not Found logo.webp
img.1381a.xyz/images/ 28 B
28 B 555ms
277ms Image
text/plain 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1381a.xyz/images/logo.webp?2245a08de0624eb2d3f7cecc7337e846
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 6270b9c0cec36f64b874b24c1e1c6a9e51c5203e5f44d54ee14aea37ee943f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 28
Content-Type: text/plain; charset=utf-8

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
391 B 162ms
26ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: img.1381a.xyz
URL: http://img.1381a.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (ama/4894) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (ama/4894)
etag: "5d5637be-2b"
x-cache: HIT
content-type: image/gif
paypal-debug-id: d1c4cfe1ff620
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
content-length: 43
expires: Thu, 30 Nov 2023 20:01:41 GMT

GET
H/1.1 404
Not Found bg.webp
img.1381a.xyz/images/ 26 B
26 B 561ms
281ms Image
text/plain 3.36.126.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.1381a.xyz/images/bg.webp?d106f605c767b21bd98d289ed67929cf
Requested by: Host: img.1381a.xyz
URL: http://img.1381a.xyz/
Protocol: HTTP/1.1
Server: 3.36.126.81 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: 34648b9834c23ed67ee80466475c2e58550360d76d72e22148ca4c79c7e92d0a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 26
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 181ms
109ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2044622973026891&plah=img.1381a.xyz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc9542b3fac5d4702cd12aacef24469aaddce96e60997da179d2773a1484ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137286
x-xss-protection: 0
server: cafe
etag: 8324076433767740823
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:01:41 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/ Frame 0BAD 9 KB
4 KB 121ms
33ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231128/r20190131/zrt_lookup_nohtml_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2044622973026891

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29ac11b866b20f17242bdff6076537a14e60f213ef8deb1c56794ff61da4b30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 64299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4104
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 01:10:02 GMT
etag: 18311852268564407380
expires: Thu, 14 Dec 2023 01:10:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 91 KB
30 KB 225ms
151ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/emailnator.js?1701370800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5038646149280557199732138b0132f17bdb23111af3ae6eaec8404c4a73e9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29980
x-xss-protection: 0
server: cafe
etag: 26 / 19691 / m202311150101 / config-hash: 11152387477177976423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:01:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 161ms
161ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6R52Y0NSMR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-P7P66FK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f199116cffbe81bed48db586bc71d9977dff8b9117cdccdff59fb2383fe8949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89824
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 30 Nov 2023 19:01:41 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C1F0 603 B
218 B 339ms
338ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1701370901&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701370901174&bpp=2&bdt=333&idt=302&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8265019389962&frm=20&pv=2&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2044622973026891&plah=img.1381a.xyz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 143ms
143ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookie-notice&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: img.1381a.xyz
URL: http://img.1381a.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 19:01:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6CB6 603 B
215 B 338ms
337ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1701370901176&bpp=1&bdt=335&idt=325&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=328

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 185A 603 B
215 B 338ms
338ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701370901177&bpp=1&bdt=337&idt=329&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=332

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:01:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:40:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19253
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 29 Nov 2024 13:40:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 64 B
81 B 211ms
94ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=img.1381a.xyz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b43fcf07bea0091ded984af6c7d425d89c6433add38d976b84302a6b0e29b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
x-xss-protection: 0
expires: Thu, 30 Nov 2023 19:01:41 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 84ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6R52Y0NSMR&gtm=45je3b60v879839310z89128604173&_p=1701370901089&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1006089140.1701370901&ul=en-us&sr=1600x1200&_s=1&sid=1701370901&sct=1&seg=0&dl=http%3A%2F%2Fimg.1381a.xyz%2F&dt=Temporary%20Disposable%20Gmail%20%7C%20Temp%20Mail%20%7C%20Email%20Generator&en=page_view&_fv=1&_ss=1&tfd=4250
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6R52Y0NSMR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Nov 2023 19:01:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://img.1381a.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 botsafev2.js Show response
botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/ 57 KB
20 KB 48ms
48ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafev1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ef2e2808ff0c2d7abcc04bf117c8e696119aca6db26757ef5c8ef752f8fae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafev2.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::2ct44-1701260496494-6d91a02c4e04
server: cloudflare
x-matched-path: /v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js
etag: W/"4916d7d8be47f68de6e498377e67c6fc"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFX6Tte5pI4fD4Q9HsHx5o2VYqSz9tkc3YS5pNBH0s5IvCIW5sORgYM2zalrm6VaOl1TjPvXq4j62mlNpJy6P9ZdxlknwZPc7O%2FXUkW6oOvXlFO3RDRyYr%2BE3zv%2FH0SuBOEeG2n4DE647IGukbXw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e55728ad796703-AMS

GET
H2 200 api.js Show response
botsafeguard.net/ 310 KB
87 KB 59ms
59ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/api.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafev1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="api.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::xhm6r-1701160266243-95f09a97f4e0
server: cloudflare
x-matched-path: /api.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7cZSI2cL4nLvAGWrg4geJqJnUjeEhmaFZJvggnelhdgIl0hvffGmZKavKxZxjF0te%2BN4eWhgijRxNw88LPYHFG0nTeKVLW3pM94kdHmSSaD64GhFlXVo3KtVgI0Mkvwa0ERc%2Bs6o0%2FC6tQT7teD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e55728ad7b6703-AMS

GET
H2 200 datadom.js Show response
botsafeguard.net/ 36 KB
10 KB 49ms
49ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/datadom.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafev1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8292f991a2884667021a1e752d6c05953ef64b3ce9afa80dc62e5e5f3be98250

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="datadom.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::bvcgv-1701300210990-b7de5c9536de
server: cloudflare
x-matched-path: /datadom.js
etag: W/"a9b90901f30ae7b74ad986e586eb426e"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBEN%2BCiZLF0qI6JG26felULZnKC0XKg%2B0Ixmzz1TpOkQmfjt%2BOv8MA2zY9hgpIHGwTwrH1BKxtmboPNOcQjX1n1xf%2FC3sJXrP2F%2BIjLOKjdKXAV9AEkwR3W0fUyLs1NBjMuLiQvotVDWw%2Fbe9DZk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e55728ad806703-AMS

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 83ms
83ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231128&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b458f767037941ee9f9305ca19474d5038614f3b0fb35b43d24434296088ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12230
x-xss-protection: 0

GET
H3 200 enforcement.0087e749a89110af598a5fae60fc4762.html Show response
botsafeguard.net/v2/2.3.0/ Frame 72AC 792 B
1 KB 58ms
58ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/botsafev2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3bceb4c49b969726a971d36211bac3150c7c92eea854ecee2f94ce2b87e7177

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
age: 61679
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e557293f3ab8e5-AMS
content-disposition: inline; filename="enforcement.0087e749a89110af598a5fae60fc4762.html"
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 19:01:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ei2pApwYpQySFJfVn5FRQTzzf%2BHb9BZGVkRGaKMcE2bh14fJAU36NGAvLOX2D3ZbaiyMaAxg491o5dM%2BxnmnAOtkyTY5zFDTDAobGAOcUbtlVKhgtGmrLHzUdz2tBJnDW%2FcOy%2FDHKbNu2Bd7YnP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
x-matched-path: /v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html
x-vercel-cache: HIT
x-vercel-id: fra1::jlrn7-1701370901971-270459fdee3e

POST
H3 200 dd
botsafeguard.net/ 0
0 235ms
179ms Fetch
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://botsafeguard.net/dd
Requested by: Host: botsafeguard.net
URL: https://botsafeguard.net/datadom.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://img.1381a.xyz/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
42ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 19:01:42 GMT

GET
H3 200 botsafe.html Show response
botsafeguard.net/captcha/v1/c572e75/static/ Frame 3B02 8 KB
2 KB 192ms
191ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e557294f4ab8e5-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 19:01:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2PEjGM5CsJ8MmK0y1k22lY%2BEpGBIyhkfAXBEOQ5qafFuJJB5Yo8%2BKeulggGrw2hVcOp2rHmaos04V39HokFQ36va2605VvZ%2FXFGT1FYgrvoglG7dC6DwXdTpby8l67GB2Wlx7RLYw3HJmDUP8Ai"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path: /captcha/v1/[slug]/static/botsafe.html
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::lz2dw-1701370901973-67e0ddcdf655

GET
H3 200 botsafe.html Show response
botsafeguard.net/captcha/v1/c572e75/static/ Frame 8664 8 KB
2 KB 194ms
194ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Next.js

Resource Hash

0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82e557294f4fb8e5-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 30 Nov 2023 19:01:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qv9RzH%2BACFa45iJLkzC%2BB2qVYdfsHpRpD8wRgPhCGhkxU6mkoHELOkQ3u8EdIrpsi0thKskeDsJimxUJa8QSVUdHWEvvRuIehzTHk2PkpZ4mPIGofUPiidnJU%2FXvm6FIdpdx3D3CCLM6bqrV4YvK"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-matched-path: /captcha/v1/[slug]/static/botsafe.html
x-powered-by: Next.js
x-vercel-cache: MISS
x-vercel-execution-region: iad1
x-vercel-id: fra1::iad1::t2p9k-1701370902001-2d5f9456aa28

GET
H3 200 enforcement.0087e749a89110af598a5fae60fc4762.js Show response
botsafeguard.net/v2/2.3.0/ Frame 72AC 229 KB
84 KB 66ms
66ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a463321a2685e3c84830fe9248e5f879b7aa42bb799e79b8fa5ae3ef970b25e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="enforcement.0087e749a89110af598a5fae60fc4762.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::5jkdp-1701309237175-60643356629b
server: cloudflare
x-matched-path: /v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.js
etag: W/"08f24e13e1365c92dfb6059e32a6ad11"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NoOyoZo7flY0w8b%2FTpwVPSLEl6oMP1iTmZJLNaDON%2BzbK1Q2iglzoG%2BAf6GioHMgk0KVlmak6CRAP8EzqlFz%2FNzSSUIa8jQsDbzSkotsCp5XhfxP39MGA%2BkH9pa5xSboYzlFC4dnAE%2BcUM8DZjF%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e557299fbdb8e5-AMS

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C7E6 13 KB
5 KB 34ms
32ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 19794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 13:31:48 GMT
expires: Fri, 29 Nov 2024 13:31:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F94A 829 B
1 KB 203ms
73ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f950816ed49d9d7a9cecdbb30542beb32e2092f0df87d905875be9bce10260f8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wpraNNejC3ioysCNg8GmUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://img.1381a.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wpraNNejC3ioysCNg8GmUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 19:01:42 GMT
expires: Thu, 30 Nov 2023 19:01:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js Show response
pagead2.googlesyndication.com/bg/ Frame C7E6 39 KB
15 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/AX3dw4l-chShuz7KlUyOrqJTCrFFfFTQ1_DS3LGhDvc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 13:31:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19793
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15254
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 13:31:49 GMT

GET
H3 200 9f00285ccd3c1846.css
botsafeguard.net/_next/static/css/ Frame 3B02 6 KB
2 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/css/9f00285ccd3c1846.css

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2483711
content-disposition: inline; filename="9f00285ccd3c1846.css"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::z9b9k-1698887191717-214f55b76d7a
server: cloudflare
x-matched-path: /_next/static/css/9f00285ccd3c1846.css
etag: W/"9c911bce05be893f26ff727058aeca80"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sILLChNB4fdxTkB1jU3K50418pcO30n8odBp6%2BG7X8lJRwkfaKkowg2Adqok7oVy1dBZn6F%2Bry8UpjNbNP%2FxBQCLVj6dpr8OFH8%2B27E1um2h1CP8wt4q8NOI7lGr4adIPQIlb3sDQ8lJLnofwB9i"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a88f6b8e5-AMS

GET
H3 200 botsafe.js Show response
botsafeguard.net/ Frame 3B02 310 KB
88 KB 71ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafe.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafe.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::vcvnm-1700525894723-de4b49a0a0ed
server: cloudflare
x-matched-path: /botsafe.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ljprtqj0Dnnnnr7TLZcAocMwEAC16l6y%2FnfIjnmwheRbqxVwyJHakQcnWNr34KzZP%2BmHZ%2BCO2TmewchHw37RfkkF5Tj%2BjbtSC8DEyyGMwU%2F7gAQe2R3iG6%2F5I7ED%2BMPS5Lk25mJF4FHISA8zFzuM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e5572a88f8b8e5-AMS

GET
H3 200 webpack-5d138c676ac39e99.js Show response
botsafeguard.net/_next/static/chunks/ Frame 3B02 3 KB
2 KB 40ms
40ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1599200
content-disposition: inline; filename="webpack-5d138c676ac39e99.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::gbwqq-1699771702879-d33a7491c880
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-5d138c676ac39e99.js
etag: W/"e942fb3ab92ef789fe454b7c71f5ec24"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAZhWjS10Fwbg4%2FSmERWpiDfl%2B%2Bi9Lp9ZjNS1XyWfqt28uKiY%2FsvI5D11pZzqfJaCZ1ojZPvNGisiKpmOgEJi84WSNzXwM2YEVOuyEcylItfpL7Sk0qiG%2FipF0Zk%2F8XLjDxgm55bjJm8iswN8tYF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a88fab8e5-AMS

GET
H3 200 b51ee262-fcc8afbf20d0d3c1.js Show response
botsafeguard.net/_next/static/chunks/ Frame 3B02 157 KB
50 KB 44ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216349
content-disposition: inline; filename="b51ee262-fcc8afbf20d0d3c1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::p77x6-1701154553350-7d4673279ae5
server: cloudflare
x-matched-path: /_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js
etag: W/"b8df62458bb31f6799e6196743a7e6d4"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1Xn%2B3ia8%2B9iiXjY2TnhZluQO9NRJzuypu3gw4UapVAaZfh7mHiLVfnVFIA3hIKHjbQ%2BlPwhFzlmluB0aQshJmg%2B%2BGqgL3hKTMzU0Du1lTeZ8IID9jNdLXACuGbwH2ZGcye1Xzyjii2nXn6gBakw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a88fcb8e5-AMS

GET
H3 200 275-d3fb3348b6ec9437.js Show response
botsafeguard.net/_next/static/chunks/ Frame 3B02 94 KB
25 KB 39ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/275-d3fb3348b6ec9437.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1958306
content-disposition: inline; filename="275-d3fb3348b6ec9437.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::q9c84-1699412596821-7919057e68a6
server: cloudflare
x-matched-path: /_next/static/chunks/275-d3fb3348b6ec9437.js
etag: W/"67082095635c0b12d98a4e3e7f6ff6ca"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6WrJ7Gl3JYHfTT1UsovL4Uo0MkJ71VNnymjDjJ0eQjnihfrJuqndoYyBS079rs0r%2BMJZOaltnyQlsg6diJMfeRRckyuUt%2BXX1wG7hYjzUkwS3kDed0Oi%2Fn7276j%2FKkzT4s7B2d4c1r8Mrc4NnqJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a88feb8e5-AMS

GET
H3 200 main-app-71dd5d6e86cb4f59.js Show response
botsafeguard.net/_next/static/chunks/ Frame 3B02 415 B
843 B 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/main-app-71dd5d6e86cb4f59.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2469603
content-disposition: inline; filename="main-app-71dd5d6e86cb4f59.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::r9nxb-1698901299533-338968418909
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-71dd5d6e86cb4f59.js
etag: W/"8b2302a7f92d8512952ef6f1926db3a0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRsAythCw3iMDtLW0M7D8vANuTrksuL91hxHdsPf2mJa1sKT3QyDrZFxjRicAVZRQHbq0EsyTy5YhRxkaj%2FP7NOpgbMNZXZ0Oocsd5dOOkzi5orpnyrHuSSBZWZ8sTb6pLFrUvkqhTY1%2Fayqu1QO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a8900b8e5-AMS

GET
H3 200 9f00285ccd3c1846.css
botsafeguard.net/_next/static/css/ Frame 8664 6 KB
2 KB 53ms
53ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/css/9f00285ccd3c1846.css

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2483711
content-disposition: inline; filename="9f00285ccd3c1846.css"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::z9b9k-1698887191717-214f55b76d7a
server: cloudflare
x-matched-path: /_next/static/css/9f00285ccd3c1846.css
etag: W/"9c911bce05be893f26ff727058aeca80"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YO86UabiH8u5T0ttZ1O7yxJHEubQNqhFHwvMATM6MPPv%2BVXtQYUBBewqNisCqhBXXi701OT9pZJcNy%2FMVlxHSVL9M3qPqMwtHUdELpY%2BXRU%2Bg694HvHP%2BkpzHJP6iSYLl67AS%2Bvs0XLxvyEOlJnn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572a9916b8e5-AMS

GET
H3 200 botsafe.js Show response
botsafeguard.net/ Frame 8664 310 KB
88 KB 79ms
79ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/botsafe.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="botsafe.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::vcvnm-1700525894723-de4b49a0a0ed
server: cloudflare
x-matched-path: /botsafe.js
etag: W/"f38eb5406c959002a8c5c3489f4ad61a"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKxcx6EyHp4rlTACXq4IUYJgKHWZGpWXAY57jH6T%2Foc8LtpV9EmXdD69RomPbzrVCD0om0px%2Fkc45qOdz98l4VaMAnNec553t1pfvHukqK55hdFU4y0pZzXD%2BJiiveIfuExp9MMFYFwizZJMzZgO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e5572a9918b8e5-AMS

GET
H3 200 webpack-5d138c676ac39e99.js Show response
botsafeguard.net/_next/static/chunks/ Frame 8664 3 KB
2 KB 46ms
45ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1599200
content-disposition: inline; filename="webpack-5d138c676ac39e99.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::gbwqq-1699771702879-d33a7491c880
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-5d138c676ac39e99.js
etag: W/"e942fb3ab92ef789fe454b7c71f5ec24"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HVcSLEMutIoTBtsI%2F8Fx75yDKF2bNeC%2FSQ%2FDj5poSC5gBEN7AN0bq5bYUKUVHjDtlUxmVL97FAW0D7EELOgyNqIFB4MAKWPfycvfDn%2F2aAvE7wjRRD%2Bfe2RTEOxwzohtMUWQJUlr0NCEsMACEPI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572aa929b8e5-AMS

GET
H3 200 b51ee262-fcc8afbf20d0d3c1.js Show response
botsafeguard.net/_next/static/chunks/ Frame 8664 157 KB
50 KB 47ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 216349
content-disposition: inline; filename="b51ee262-fcc8afbf20d0d3c1.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::p77x6-1701154553350-7d4673279ae5
server: cloudflare
x-matched-path: /_next/static/chunks/b51ee262-fcc8afbf20d0d3c1.js
etag: W/"b8df62458bb31f6799e6196743a7e6d4"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02x7GZJj4u7Li3RakHLCbnETvrG9wd3FMxP0eR%2FORX6gpvFg2rrsHGVdqQYJBaA2Z9TBIBkB5kCvAhwnSPCzodOZmQ4xwIiwMvHSNQjqxcRfr%2Fyk4%2FkUJ61%2FWTtKBOIXwLm8Uh81cB7LzALCNt9%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572aa92bb8e5-AMS

GET
H3 200 275-d3fb3348b6ec9437.js Show response
botsafeguard.net/_next/static/chunks/ Frame 8664 94 KB
25 KB 77ms
77ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/275-d3fb3348b6ec9437.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1958306
content-disposition: inline; filename="275-d3fb3348b6ec9437.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::q9c84-1699412596821-7919057e68a6
server: cloudflare
x-matched-path: /_next/static/chunks/275-d3fb3348b6ec9437.js
etag: W/"67082095635c0b12d98a4e3e7f6ff6ca"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zanXI%2BEHIftgCiKS2ohdx2UWV0hXHlBNR%2BLeqx8441J9Dj4tWS9b0tyN1QuWEUDjXXwjBqCHlxtSndEqYiKxUk%2BT0nyt%2Ba%2BzctwjGBZih4TK47YIuelUTfVgM2oAfnKr7jVQL2dM%2FztN1dN2kB5V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572aa92cb8e5-AMS

GET
H3 200 main-app-71dd5d6e86cb4f59.js Show response
botsafeguard.net/_next/static/chunks/ Frame 8664 415 B
847 B 95ms
95ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/main-app-71dd5d6e86cb4f59.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2469603
content-disposition: inline; filename="main-app-71dd5d6e86cb4f59.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::r9nxb-1698901299533-338968418909
server: cloudflare
x-matched-path: /_next/static/chunks/main-app-71dd5d6e86cb4f59.js
etag: W/"8b2302a7f92d8512952ef6f1926db3a0"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCGKBSxY9kKGduwOYF7YluVwOnqoN0Q0s0j25hToIeEmA43g0S2cuoL5x8wK%2FFqNybwOuRynd%2FnD3fSUIAlAJ7OgNWx0Ib34YtXbryx84Ha3Ai%2F3%2B18mAN%2BRF5mIBZqrSRsLu9vpSpPsKasgR9bW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572aa92db8e5-AMS

GET
H3 200 settings Show response
botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/ Frame 72AC 58 B
665 B 183ms
183ms Fetch
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/AAAAA-AAAA-AAAA-AAAA-AAAAAAAA/settings

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23d8a074a10d67166ecfd5b1d2503739d9c365285be8bd0bf97b06d77fd15c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::2s7l9-1701370902214-1363435d1249
server: cloudflare
x-matched-path: /v2/[slug]/settings
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01pzEqhKACJWTWD0OqBpwqWqax4HV%2FzxV22lI3D%2B8ampBOGpiSxDsYHawqzp8TOM4WiSjkPVuFtoS%2FDOkfpUD5zkbDhkkOTexhquAptqu%2FI2A2xEyDUWdOl3fxdlGVOo15aaN6hbZ660mUT5%2B3Wh"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 82e5572ab955b8e5-AMS

GET
H3 200 549-a3844f67ddcf1cac.js Show response
botsafeguard.net/_next/static/chunks/ Frame 3B02 7 KB
3 KB 38ms
38ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/549-a3844f67ddcf1cac.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1865798
content-disposition: inline; filename="549-a3844f67ddcf1cac.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::7brb8-1699505104713-00cd0bca5d97
server: cloudflare
x-matched-path: /_next/static/chunks/549-a3844f67ddcf1cac.js
etag: W/"278e396ee8dd021ec23a2275f29f8eda"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=soWx2Y2heQVBH0Is6H11vM%2FdNafq4g64IpySF7DZ7SshZMSgilxo%2F9yOC73OdLOD8%2B3F%2FcqcYFrI2CmNG%2FCXLD0tNXVPS2jqJ8Dej2K7cH%2B6XXqHfxSTzmA2omXhRCnoHsqsMQy2tBIOQ9vna126"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572b6a3ab8e5-AMS

GET
H3 200 page-53d509ea03eb9b5d.js Show response
botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/ Frame 3B02 216 B
843 B 35ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1856813
content-disposition: inline; filename="page-53d509ea03eb9b5d.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::nhlbg-1699514089923-1a90a558d940
server: cloudflare
x-matched-path: /_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js
etag: W/"a3d2e122c737492231ba55afca9d27b5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67PkXarZkQc7s%2FWpglZ%2BUEQU9F0tv1cKlGEpZaIdTDxuND67dcubruYws2uyTN1sFZ76cdQN%2FBVjQTgRr8xGDAYHdtGoahRL3THcwKbWzjbfu50CfW4AsCXKc%2BTMJ0LVxOF2L6BwF%2FFChxLndrPs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572b6a3cb8e5-AMS

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F94A 0
0 143ms
143ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231128&jk=4486208892955917&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 549-a3844f67ddcf1cac.js Show response
botsafeguard.net/_next/static/chunks/ Frame 8664 7 KB
3 KB 33ms
33ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/549-a3844f67ddcf1cac.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1865798
content-disposition: inline; filename="549-a3844f67ddcf1cac.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::7brb8-1699505104713-00cd0bca5d97
server: cloudflare
x-matched-path: /_next/static/chunks/549-a3844f67ddcf1cac.js
etag: W/"278e396ee8dd021ec23a2275f29f8eda"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7ZFa%2FYrQLXKeuIgC0y%2Blnm%2FEODQ1MN3Z6TTcb3ANFaZa2HBoQ4nA9hrrurIHYRJziGYzGwecTIN3BK%2BszWWfM53oZpOO9VXGydyRwQafsQAsSQvzbDh%2FEi%2B1u%2FOnmG%2B9DcAiXnzr5o2u4A70eQu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572b7a4ab8e5-AMS

GET
H3 200 page-53d509ea03eb9b5d.js Show response
botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/ Frame 8664 216 B
839 B 34ms
34ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/_next/static/chunks/webpack-5d138c676ac39e99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1856813
content-disposition: inline; filename="page-53d509ea03eb9b5d.js"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::nhlbg-1699514089923-1a90a558d940
server: cloudflare
x-matched-path: /_next/static/chunks/app/captcha/v1/%5Bslug%5D/static/botsafe.html/page-53d509ea03eb9b5d.js
etag: W/"a3d2e122c737492231ba55afca9d27b5"
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2exQLtBSV10jDCm2mD3qiM5g6YVpdOBekn211TobCGGetSM4iqibWRfnSP5qVpg41JBK9jBfgujKu9LC37izEZCgEs0NWXXS7VMicg39kB9MVutt%2B6QC05O1O%2BaNUJdUBZZEQspMP7ITYZv%2Bpcwr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 82e5572b7a4bb8e5-AMS

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C7E6 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DtkXSA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 8664 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 checksiteconfig Show response
botsafeguard.net/ Frame 8664 652 B
1 KB 160ms
159ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/checksiteconfig?v=c572e75&host=img.1381a.xyz&sitekey=botsafe-test-key&sc=1&swa=1&spst=0

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64fdac549fe0b401ecc9dad52f6da50d99b4929486f297197ab5cbb28a3cdd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::5xb7l-1701370902383-396557bda157
server: cloudflare
x-matched-path: /checksiteconfig
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtMf1binpOrEB6LoYaP1d12ijsWBDt5czRdHpUFJZGCAA5%2BneH3zkzY5JcWCxlUliXl9K19ymvVcWKThRCnGOsW7NCWADH2RTXQlpzVJh8OI70Uq4oqJMd%2BC5Hh6eEu%2BHM4%2BR7teM2NoIpI%2BBjOC"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 82e5572bdad4b8e5-AMS

GET
H3 404 vendors.581.0087e749a89110af598a5fae60fc4762.js
botsafeguard.net/v2/2.3.0/ Frame 72AC 0
0 57ms
57ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/v2/2.3.0/vendors.581.0087e749a89110af598a5fae60fc4762.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://botsafeguard.net/v2/2.3.0/enforcement.0087e749a89110af598a5fae60fc4762.html
Origin: https://botsafeguard.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="404"
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::wp45t-1701370902399-084a9881773a
server: cloudflare
x-matched-path: /404
x-vercel-cache: HIT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71gRA1HW9cIduzqBgIy1KdbLQYSV2aC1sYPAv24%2BoodV5G62B0U6mBg5MzREiQJUF0e97gwT2BKmPv1qOivjWoaenmDxlQIdpWMbmXZb%2BlZWxNjfxzHXNeVKB3HFB9sDGwgGm%2BH1UNVj%2FsS2v4t%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 82e5572beaeab8e5-AMS

GET
DATA 200
OK truncated
/ Frame 72AC 874 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea0e289bc72163ed2e5ad612c985b6356d1a19f5cac9cd717f8e145dae1299d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hsw.js Show response
newassets.hcaptcha.com/c/10c77f8/ Frame 3B02 567 KB
239 KB 135ms
62ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/10c77f8/hsw.js

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9280732b06d34f35d723e572fdc3e4ef9386c43a4db57f5e90cb7383001ba8d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://botsafeguard.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:01:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 0ce4e0ab92519d33ff3c6cca42806b7e.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: loy0mmN2HQ6t5jMv8OVo8j5SrW1bt05c
age: 144174
x-amz-cf-pop: AMS1-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 27 Oct 2023 17:40:11 GMT
server: cloudflare
etag: W/"4dc03b87946485c8d28e04a6f84d8b63"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 82e5572d58996600-AMS
x-amz-cf-id: lTI7hbS2cTqssb4yf5gtwkcuWFta_g4MszSyR2fWLRexEczvErNihQ==

POST
H3 200 botsafe-test-key Show response
botsafeguard.net/getcaptcha/ Frame 3B02 5 KB
4 KB 169ms
169ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://botsafeguard.net/getcaptcha/botsafe-test-key

Requested by

Host: botsafeguard.net
URL: https://botsafeguard.net/botsafe.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5604ef46380b209bc64a3a2f32b1d393ec3c13207b2b27d40700ddfe142f1a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: application/json
Referer: https://botsafeguard.net/captcha/v1/c572e75/static/botsafe.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 30 Nov 2023 19:01:43 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-vercel-id: fra1::iad1::2tlnx-1701370902890-24f02adae755
server: cloudflare
x-matched-path: /getcaptcha/[slug]
x-vercel-cache: MISS
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch
x-vercel-execution-region: iad1
content-type: text/plain;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ng3xjcmaevxACX9%2BXUONe4m4GTNX1gtI0KKbi9TChlQSNmRm%2FXXmtH%2BVOh0ZSKGXv70B3Y5p2pg2WHOS4L1wH%2FphWx3ORHESGP7AVBhKKgSHIHF96U%2Bs7Z2PiaFvTIN45HvX9ioarLZ6FdMTjnmS"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0, must-revalidate
cf-ray: 82e5572f0ed1b8e5-AMS

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 146ms
145ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231128&jk=4486208892955917&bg=!AAOlA0zNAAaGYW-ApmE7ADQBe5WfOHYGPwFxz16pByDwiSprZEt6P75FNxlKGbyFYPT-CL2T2dEC8XkmKYXv8HyEwDU5AgAAALBSAAAAAWgBB5kCvQCfxmS0x7BPWkncw5Q4n3MsSJEK5GEHJLTp7ah1z2kGSbckQ4jcHA2gm-hZsj8jTiYBQh_VFu0cQZ6O42a3gbZfZ6UOhQeHEDiZ40XGUfp097snG-5SQy8n9IHxcDdEi-pCP5n8yV5k6g8lfcdNWRjeaNt2sx6zcieBxRQ7av6YaQN0hz4soBrO0SfHsx2QD2TrFZNTOj3jMcADOfeRbTYnhK2rGo8g-LqXgS4oI7U6AvMj6e02j42WN6ZynCcrjfnxGFR368h-fShkrD_v8otZRhZrGaq-QyLLK98W0w5nSA9ZQi5yzFM66hlvenUd1_IHnWLFDBz6Vpm4hpF8jyMW8YIReZAcpv0M-iIF5DwUVayjKeQpenrBj6yQbb6UBh4eekVyi_cdKj5EzWW3D3hqWjhmwk9smoYPVV9Z_Ox4JWxvMf3qlMua4nmAUndBYcZlgQOr26UQEYDAowmwEy5G1vJIDHyUaa8YpWmc40ME4-g2OFryI4Kh1M1QHEJSnF46AVsVWMHisrxYnkC1kvLPFxhQu3WM0hJAH3WcfUMIUXML_rOG2CUF9om_d4gxM8hEhSSWCJHBIvryHKQVvBx-GLAGtYsHVQcA_md04TfdEUr-Az9D0alpcEV-23fdVKByvPvxTYpP8130iPZFDWYv8wjzRTbY2boTFPvHFqOnhuGLXuQzLQZgEQq4y_0V1xYjhj4YaRDz5X6fNU_1xlPFvTCZ25Sx8QH1NdATUV7YXvf2PQQhKqI0mLIX_TIT-TVIIAPUzFpUgj6tIF_G6EsfL-RZe2nMEmFrULiVvD6iTKQCDmC0gU-AZRQLCVFKUzpRTXtgyb1Cme0bD-5HdMGk46Mo3uHeyX2hjANfTqh_w9eVRgn3wyPQ-cyBvk89ZPi4RYujU7nRc8DtEbpTiDJsw5t9bFxgSnj7nRyF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: http://img.1381a.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1381a.xyz/	1970-01-21 02:12:10	Name: _ga_6R52Y0NSMR Value: GS1.1.1701370901.1.0.1701370901.0.0.0
.1381a.xyz/	1970-01-21 02:12:10	Name: _ga Value: GA1.1.1006089140.1701370901
img.1381a.xyz/	1970-01-20 16:36:18	Name: XSRF-TOKEN Value: eyJpdiI6IkZxNGlxKzZZci9IWXorYUNLQWNsV3c9PSIsInZhbHVlIjoicVlmMi9ia2RwNWZJcmlLNGQxNWsxM3FBNDE3N0REMEJLNmxxS2RtWS9mWWlBL1d3Szg2R2NkV2NaT3FMMjFrd3lNRXRTUkFIVjloTE5INHlPdkRzL2tjbzNOaVF3VjNHdU5wTmhtcUV0OHl1WlJtWE14SFRrZmNINTlZcDJVMEwiLCJtYWMiOiI3NzEwMGZjMTIzZDYyYTdlNjVhYjY3OTI3NTIyNzI4NDQ0NTFjYTU4YzI5N2UwYWE4NDdmNWEzNTI4YmI5Zjg1IiwidGFnIjoiIn0%3D
img.1381a.xyz/	1970-01-20 16:36:18	Name: gmailnator_session Value: eyJpdiI6ImJZV2FXWmUvcmV4ZE5lVmYvcVNRUnc9PSIsInZhbHVlIjoiV0M1NEpPYU84UnFDREVYLysyN2Ztdy9LMmxyWFhxenRCZkxrOGFuKzNSK2tPV2xQeXlSOHNLMVFsd3ZRSU0yUERoeHIxUFhvWi9yS2o4L0d0YnFFYTJmRTUyYWRweTR2bm5RRkdiKzJ1MzdGNUdtM09zU2lsNTZrUVRoU293aWIiLCJtYWMiOiI3MTI2ODFiMjY2MWQxZmZmNDEzMmRiZTM2NTdlYjFjYmU4ZDUzMTY1OTgzZjNlNjBhZmNiNDMxZTlkMWZjOTg0IiwidGFnIjoiIn0%3D
.doubleclick.net/	1970-01-20 16:36:11	Name: test_cookie Value: CheckForPermission

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://img.1381a.xyz/images/google-play.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1381a.xyz/images/app-store.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1381a.xyz/images/logo.webp?2245a08de0624eb2d3f7cecc7337e846 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://img.1381a.xyz/images/bg.webp?d106f605c767b21bd98d289ed67929cf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&adk=1812271804&adf=3025194257&lmt=1701370901&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=128x810_l%7C140x810_r&format=0x0&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701370901174&bpp=2&bdt=333&idt=302&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8265019389962&frm=20&pv=2&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=319 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=90&slotname=4269377563&adk=2000705666&adf=1047078985&pi=t.ma~as.4269377563&w=728&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=12&format=728x90&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rh=90&rw=728&sfro=1&wgl=1&dt=1701370901176&bpp=1&bdt=335&idt=325&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=154&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=328 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2044622973026891&output=html&h=280&slotname=6252367097&adk=655611541&adf=3328144058&pi=t.ma~as.6252367097&w=712&fwrn=4&fwrnh=100&lmt=1701370901&rafmt=1&format=712x280&url=http%3A%2F%2Fimg.1381a.xyz%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1701370901177&bpp=1&bdt=337&idt=329&shv=r20231128&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=8265019389962&frm=20&pv=1&ga_vid=1006089140.1701370901&ga_sid=1701370901&ga_hid=1886681973&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=444&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809005%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=4486208892955917&tmod=411014826&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=332 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://botsafeguard.net/v2/2.3.0/vendors.581.0087e749a89110af598a5fae60fc4762.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

botsafeguard.net
cdn4.buysellads.net
googleads.g.doubleclick.net
img.1381a.xyz
newassets.hcaptcha.com
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.emailnator.com
www.google.com
www.googletagmanager.com
www.paypalobjects.com
104.19.219.90
192.229.221.25
2001:4860:4802:32::36
2606:4700:3031::6815:3c0b
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a06:98c1:3120::3
3.36.126.81
64.227.70.247
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
017dddc3897e7214a1bb3eca954c8eaea2530ab1457c54d0d7f0d2dcb1a10ef7
0ed17cbe9a220fc69ff84735d3bfb9cb3ab358aa68616f6c4b2a7fc7517fda60
0fc9542b3fac5d4702cd12aacef24469aaddce96e60997da179d2773a1484ffa
23d8a074a10d67166ecfd5b1d2503739d9c365285be8bd0bf97b06d77fd15c18
29ac11b866b20f17242bdff6076537a14e60f213ef8deb1c56794ff61da4b30a
2a86ed34d4001e36593bc4d9ca43986155796497584b56efa3ba6ac5375094c3
2b458f767037941ee9f9305ca19474d5038614f3b0fb35b43d24434296088ccb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f199116cffbe81bed48db586bc71d9977dff8b9117cdccdff59fb2383fe8949
31a9c7ff5d09af1805e9a32d1fc7fc7b6336f8a4b8e6fcf08e715e267fe23f29
31aec2e1225cb19957e4526aa419fdfdc6add76d69133cb0aa5bab0fac9dc6fe
34648b9834c23ed67ee80466475c2e58550360d76d72e22148ca4c79c7e92d0a
3a63afc7f4e22a4f3637df748bb4d98622be10ce9f2696f6602f2c9538a26072
4e762a20abb9256e9f046cfa06a525b73bfa524962434c358a4f6e210feadd1e
5038646149280557199732138b0132f17bdb23111af3ae6eaec8404c4a73e9b8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5604ef46380b209bc64a3a2f32b1d393ec3c13207b2b27d40700ddfe142f1a09
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5cdf190d48e2fcdae7ed37710aa5512150fe83d1031822382fc0bcd62055ea70
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6270b9c0cec36f64b874b24c1e1c6a9e51c5203e5f44d54ee14aea37ee943f90
64fdac549fe0b401ecc9dad52f6da50d99b4929486f297197ab5cbb28a3cdd30
8292f991a2884667021a1e752d6c05953ef64b3ce9afa80dc62e5e5f3be98250
89aeea5dd4db71980646e5a1a2a10b301ce390f673f2eb2685a44fc03f609654
8e714abfd034fae08075a45672f8158e55539cd64fb4923bb4a17df95ff24ba5
9280732b06d34f35d723e572fdc3e4ef9386c43a4db57f5e90cb7383001ba8d3
a1363e427a6186e40e32312f014881f9615f274a22cebadae3dc8c2878a1ce1d
a463321a2685e3c84830fe9248e5f879b7aa42bb799e79b8fa5ae3ef970b25e4
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b4d2a299111013a4fd4254e9cd9ea7c409998e48f1b994e457f4b049ff1c9957
c4ef2e2808ff0c2d7abcc04bf117c8e696119aca6db26757ef5c8ef752f8fae8
c6b5c214ee34b953c560b3f129950e70dbacfd21a13d24d8a4c16b7dff4c3d16
d32bbfa9e54ce10fdf04013c52f8c07ce8d1428c80efccc847326419b9173720
d436ab7f223c8a4a8caf8481ea995de081967e93403168c30e13588ee30a0b8d
d45d95cfc73c0722ed465dce3674c080e65f222d6ed51127f7abc2ed2c646040
d56197687ca74ec27dee2a9585c1fa0470fb075640d39d02191e6163257ebb94
e0b43fcf07bea0091ded984af6c7d425d89c6433add38d976b84302a6b0e29b1
e13c214140de255582aa55b434545b141c5c71262b31f846c7e208a77ca16dd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0e289bc72163ed2e5ad612c985b6356d1a19f5cac9cd717f8e145dae1299d9
f3bceb4c49b969726a971d36211bac3150c7c92eea854ecee2f94ce2b87e7177
f75d3ce98cd017395fe312ba110d653725e053b4778a5b37983cc1f2daa2f834
f950816ed49d9d7a9cecdbb30542beb32e2092f0df87d905875be9bce10260f8

img.1381a.xyz Open in urlscan Pro 3.36.126.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

90 %HTTPS

67 %IPv6

11 Domains

13 Subdomains

13 IPs

5 Countries

1685 kBTransfer

5184 kBSize

5 Cookies

7 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

img.1381a.xyz Open in urlscan Pro
3.36.126.81 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

90 %
HTTPS

67 %
IPv6

11
Domains

13
Subdomains

13
IPs

5
Countries

1685 kB
Transfer

5184 kB
Size

5
Cookies

60 HTTP transactions
3 data transactions