urlscan.io logo urlscan.io
SecurityTrails logo

r2.app-valley.vip Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r2.app-valley.vip/limitless.html
Effective URL: https://r2.app-valley.vip/limitless.html
Submission: On August 22 via api from SA — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is r2.app-valley.vip.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 25th 2023. Valid for: a year.
This is the only time r2.app-valley.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
r2.app-valley.vip
13    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
r2.app-valley.vip
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
publicationqueenfriends.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
14 app-valley.vip
r2.app-valley.vip
310 KB
3 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1693
94 KB
2 gstatic.com
fonts.gstatic.com
173 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
182 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 84
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
4 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
5 KB
1 publicationqueenfriends.com
publicationqueenfriends.com
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1212
7 KB
25 9
Domain Requested by
14 r2.app-valley.vip 1 redirects r2.app-valley.vip
3 fundingchoicesmessages.google.com pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 pagead2.googlesyndication.com r2.app-valley.vip
pagead2.googlesyndication.com
1 lh3.googleusercontent.com
1 fonts.googleapis.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 publicationqueenfriends.com r2.app-valley.vip
1 static.cloudflareinsights.com r2.app-valley.vip
25 9

This site contains links to these domains. Also see Links.

Domain
app-valley.vip
signulous.app-valley.vip
idevicecentral.com
Subject Issuer Validity Valid
r2.app-valley.vip
Cloudflare Inc ECC CA-3		 2023-05-25 -
2024-05-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
publicationqueenfriends.com
R3		 2023-07-02 -
2023-09-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://r2.app-valley.vip/limitless.html
Frame ID: 62C300F14F0DA29C6BAD9A1E33484D2F
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Frame ID: 89D8C04F3A38B694D853B7141EBA9443
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

AppValley Limitless – AppValley

Page URL History Show full URLs

  1. http://r2.app-valley.vip/limitless.html HTTP 301
    https://r2.app-valley.vip/limitless.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

25
Requests

100 %
HTTPS

90 %
IPv6

9
Domains

9
Subdomains

9
IPs

2
Countries

776 kB
Transfer

1583 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r2.app-valley.vip/limitless.html HTTP 301
    https://r2.app-valley.vip/limitless.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request limitless.html
r2.app-valley.vip/
Redirect Chain
  • http://r2.app-valley.vip/limitless.html
  • https://r2.app-valley.vip/limitless.html
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b11069c362c345ac9e871fe6ef01f6dafdf6fec32247fe0d4b5bafc6852707d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fabdb050ae61c94-AMS
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 14:37:45 GMT
last-modified
Tue, 22 Aug 2023 04:33:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVoEqpCm1HZcYUvCXgsE%2F7O8tTUtBEwgqJh95DQTOShax2o9F6%2BJ0OlYFH0ZKBBaALmis%2FMT%2Bvc5q0i2wsjpMKujg93%2B72kIDcNtQm5YGm8VAazFrsS%2BwUhwuATN7NlDrX5hD8imdhjAVLBnKy3G4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
7fabdb046ca30b73-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 22 Aug 2023 14:37:45 GMT
Expires
Tue, 22 Aug 2023 15:37:45 GMT
Location
https://r2.app-valley.vip/limitless.html
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUU3bYmxIuytuGsWaxV3bi%2Bc%2F0XD%2FzcEYjFtSpGVxjZMfCXiVDpFh%2BOiZLYEZCmuIX9TOYwc8S05QlNFeSNWJ9wvS7GDdoRpmpfZDAC8aEW3g155Ks18v%2Ftn0bxUZ1UGy1heaTQ6XdEfIXMXGOUNZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
ryrndbfu_sn9QMFEIQri9676MBo.js
r2.app-valley.vip/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/cdn-cgi/apps/head/ryrndbfu_sn9QMFEIQri9676MBo.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4232f742730a6c806b5a8e4ff734b8e7ed5ae76b677cf58abe8769a9c2e7bac3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:45 GMT
x-amz-version-id
XnIuZ.QW9CH.BQnWBqbByqg4UaBQ4QAY
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KEK2SDMD7BSRPGYD
age
81686
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PuekXFBVAkYBUMVUYRNkGLDMYm0teivg+kwPSTzC7KItRB9DXd+J69UTJ2p3xkwfCnBK9cm9dr0=
last-modified
Fri, 14 Jul 2023 23:57:14 GMT
server
cloudflare
etag
W/"7b3d393934f4757395e4692010a32914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8aOZQGXSY1a5SlGdj5bskHVtw2Ign801gRwMmACYAElQyxX9lIZymIP5Ue7THjWvzbq7nWpzQVMRL6Z8VyRXrUxB2Chv6a1aFUQ%2F7YKInbKQdQhb2PX%2BDVJbfg35PjFBZjTdwjk%2FFI4EgrFuKE4Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7fabdb08cff11c94-AMS
reset.css
r2.app-valley.vip/css/ 		773 B
793 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/css/reset.css
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 21 Aug 2023 03:37:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"93e42565f156d067f72108759177a957"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Amfr4qPmljYsxAm03h68SiueTN%2FWYCXvv3rSq%2FBTlu97o1%2FxIMguhIKYIeEkM3bUrPDb6ibVaChANimudd3Uf95p5Vr5G1qpPd4EYqBpY6z0bQdX%2Fkvq4oN17Mby6PZjpbVNj%2BFZc8X7WiVcOIyxwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7fabdb08cff31c94-AMS
alt-svc
h3=":443"; ma=86400
style.css
r2.app-valley.vip/css/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/css/style.css
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7615ba31d279c4a2f422fd7a947f1c58e7c5ea46bcdefef9082484c4ed2cc805

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 21 Aug 2023 03:37:27 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"e65b82cbeb96b9c41ebaf4aec59ba5f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOWW9sYnNr9Bou%2FpbCmTkOUhpIecncGEyrSyt8ZGAqlPlPKY0nZjXHStjRh4Pw8rP1doCWpn5MdRut67NG2CzZwbix6zoRRYM%2BIqL2vBY9IZkQD3iV197p77gscuoI9gH5JeNoxpHQsW4179Q02R%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7fabdb08cff41c94-AMS
alt-svc
h3=":443"; ma=86400
limitless.jpg_medium
r2.app-valley.vip/images/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r2.app-valley.vip/images/limitless.jpg_medium
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b066568a01b7726b47a2b126924bea5f82df96657fc4c0cf80db7cb9c48158b5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Aug 2023 03:42:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7c73827f48fcbe547ebe0480c0582261"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7kpZfCK%2FZflmm6cKKgnHQNu59UZdvjxRxNxMIc6ekOLiUUDZQvQRuuOju071LCW%2FkjpSxqUywECd%2Fdj3KJiMK6Al0Wb4SPOf%2FC0cTV18PT4Kuf1SIY%2Fr1C0f52XrcUTk42tn%2B8OLsk8ctYaTRz5dg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
accept-ranges
bytes
cf-ray
7fabdb0928791c94-AMS
alt-svc
h3=":443"; ma=86400
content-length
62794
limitlessview.png_medium.PNG
r2.app-valley.vip/images/ 		187 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r2.app-valley.vip/images/limitlessview.png_medium.PNG
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df95a28b80237e0d8a283de8a3dc7cf109fb62c7fbc1aca312d29cbfaf8aef71

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Aug 2023 15:29:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3579595fc8bf92dcd0cdfd5cdc15ef6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyFJHefnAMsIe30OAFdiM5q7UKPRJsR%2Fe0W3%2B3bOIXwhvEYQVfLz4JRHzu%2BW%2Fmb8ogU5kVvvSSNx5O2WTpg1t%2FR2kcYgf%2BGlSa6DYRqO2JGvnmw48bv%2BUgmzNi%2FD%2F1OPtPkuKbwuhFouGMrhw%2F1j4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
7fabdb09287b1c94-AMS
alt-svc
h3=":443"; ma=86400
content-length
191764
rocket-loader.min.js
r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 10:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ddfd41-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vlQVYZbYlAllqZ4BFvjN1dMC9fkPyXTnvk3Qps6Rxa8FZgmZ8cIMSXZKS76RfwQ6wyD6BTdKvF4nssHT3FGJTjaQr73x3Rg3dOdWq7gnporRc7q90fcIBpYXJur4GNMad16VLUtlnNRoQgpA3UpL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7fabdb09287c1c94-AMS
expires
Thu, 24 Aug 2023 14:37:45 GMT
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/limitless.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
https://r2.app-valley.vip/
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:45 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7fabdb098b8a0e08-AMS
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2574722752334321
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eac4486e1d2545822c983646d0b83b8fcaf72c294a5b265a5f32466f76809106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r2.app-valley.vip/
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50943
x-xss-protection
0
server
cafe
etag
13623495742547430357
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:37:46 GMT
mountain.svg.html
r2.app-valley.vip/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r2.app-valley.vip/images/mountain.svg.html
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 21 Aug 2023 03:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqX3HGxX7ujDXxjESwccsi2sVVMWh2Z6H1bFSCQ0HZWtGxKHyr1xmSK2zQQu8TaBKNXdg%2BqrjkmxsYCYW6dGszVz1jUf4Y%2FVzjhUuYvZe%2Bk82AUco8oMvJ5UvjDL3VOcxCSM8baJ0z7%2BMeXgldVPqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
7fabdb0b6b6e1c94-AMS
alt-svc
h3=":443"; ma=86400
open-sans_bold.woff
r2.app-valley.vip/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/fonts/open-sans_bold.woff
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e03e0c7668266486cab9529702019d75c219fcec2b1e82a7c11797ba9b78506

Request headers

Referer
https://r2.app-valley.vip/css/style.css
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Aug 2023 03:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"623e3205570002af47fc2b88f9335d19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYWss1jPDyM5NXyCd2ZAh4NzzGesPZupYtJCcw%2F0UsWs9UetxutrO3dsIr5BC7vm8mBpBr%2BYVrm%2B6yEkl8p6fL4QEMA9nuDWMT7rKvQuu2xH8C1Vrc5fa3Qq5HUVBt%2Fv013FZXvjsAaBHqQeV%2F%2BXfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=1800
cf-ray
7fabdb0b6b6f1c94-AMS
alt-svc
h3=":443"; ma=86400
open-sans_regular.woff
r2.app-valley.vip/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/fonts/open-sans_regular.woff
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552

Request headers

Referer
https://r2.app-valley.vip/css/style.css
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 21 Aug 2023 03:37:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bf2d0783515b7d75c35bde69e01b3135"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duhR9bud9Dtq2D2UPN%2FMoaeu%2FsqB%2F7q%2BuzJhJhALrQMMCHYrji7a6afkk9eFnmik%2B94LVLZPrAIFKm6n4Aijbz7MmubdxxbKOK7KtQo0iG2WCKGs5sEuVIfWOARsr7zWdxcgSxh6ktHdyz6JWOlLQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=1800
cf-ray
7fabdb0b6b711c94-AMS
alt-svc
h3=":443"; ma=86400
ryrndbfu_sn9QMFEIQri9676MBo.js
r2.app-valley.vip/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/cdn-cgi/apps/head/ryrndbfu_sn9QMFEIQri9676MBo.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4232f742730a6c806b5a8e4ff734b8e7ed5ae76b677cf58abe8769a9c2e7bac3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
x-amz-version-id
XnIuZ.QW9CH.BQnWBqbByqg4UaBQ4QAY
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KEK2SDMD7BSRPGYD
age
81687
alt-svc
h3=":443"; ma=86400
x-amz-id-2
PuekXFBVAkYBUMVUYRNkGLDMYm0teivg+kwPSTzC7KItRB9DXd+J69UTJ2p3xkwfCnBK9cm9dr0=
last-modified
Fri, 14 Jul 2023 23:57:14 GMT
server
cloudflare
etag
W/"7b3d393934f4757395e4692010a32914"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0SQ%2BcUiHMwfyx7bZY84g672A7iw4RgdfyLueskcnZAVGWfHc0jRtcsZ%2Bsgg58nzySYxpVO5oyFj7M1Z%2Ba6V%2F%2FyB%2FcAklhR%2BBfILT2D1YLtO%2FbD%2Fjgspxa3GNujoavC3vrB5i%2F%2F%2Bk0KrIzbcYVfbqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7fabdb0f48071c94-AMS
invoke.js
publicationqueenfriends.com/5bb6697ce02069c672fa6e8a2b3f5d46/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://publicationqueenfriends.com/5bb6697ce02069c672fa6e8a2b3f5d46/invoke.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Tue, 22 Aug 2023 14:37:48 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2574722752334321&plah=r2.app-valley.vip
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2574722752334321
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ef1d0e86d40c1ad358ac2120e8081f807e0f0f652f511a3927caa7e1150683e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134828
x-xss-protection
0
server
cafe
etag
6307296934728045426
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Aug 2023 14:37:46 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/ Frame 89D8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230817/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2574722752334321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r2.app-valley.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
4871
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 22 Aug 2023 13:16:35 GMT
etag
13776922816869014096
expires
Tue, 05 Sep 2023 13:16:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-2574722752334321
fundingchoicesmessages.google.com/i/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2574722752334321?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2574722752334321&plah=r2.app-valley.vip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4d41d676c534f6d94af8e440a70c5578b3af18e6155b07c189534b257a8b371
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dOjq4sobxy3GBgtkGBWSTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-dOjq4sobxy3GBgtkGBWSTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWEPV-2Mah9CAiLBqEzFog-l_caq_CjjqIQEwz7O9EkljxXDq-A2fLGnmvJ-a2XZtTYjzp8HRe1xLuELAYdmKkYqUQcVld1QW-VyATZnh1j97HHnvkLLJ0kR0RcDz8edG9A7PJuQw==
fundingchoicesmessages.google.com/f/ 		286 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWEPV-2Mah9CAiLBqEzFog-l_caq_CjjqIQEwz7O9EkljxXDq-A2fLGnmvJ-a2XZtTYjzp8HRe1xLuELAYdmKkYqUQcVld1QW-VyATZnh1j97HHnvkLLJ0kR0RcDz8edG9A7PJuQw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkyNzE1MDY3LDYxODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yMi5hcHAtdmFsbGV5LnZpcC9saW1pdGxlc3MuaHRtbCIsbnVsbCxbWzgsIm5jUmxjSklUU2NNIl0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.ncRlcJITScM.es5.O/d=1/rs=AJlcJMye1QmvFSrgd3aMW_50PE5kZfyhTQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e21977add0d930b5706ae7c2aed680a6f9ae7d0e44e3185e5f3d5a6a1a482662
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PjgVTKSoGb8gL4QZBHH9bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-PjgVTKSoGb8gL4QZBHH9bQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		69 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.ncRlcJITScM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMye1QmvFSrgd3aMW_50PE5kZfyhTQ/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
69201589507bc202272ad99fcd55412ba1999651cc3883a975618bc32b76e708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 14:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 14:37:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 14:37:48 GMT
5PnN_FQWcrFekzhs8FcMfPIgchETpSaAlVphTqXys4eXraQ1VwyGXRBa1w6pYKlUsmCCKPkzwtKtBSmZJXAqGWE88DXPNy0p76Drzzi8PgjedJGBzus=h60
lh3.googleusercontent.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/5PnN_FQWcrFekzhs8FcMfPIgchETpSaAlVphTqXys4eXraQ1VwyGXRBa1w6pYKlUsmCCKPkzwtKtBSmZJXAqGWE88DXPNy0p76Drzzi8PgjedJGBzus=h60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
00de743d016f900f4f46f6ab571bb32b99575ad51ff91f02a2f4eab4c4445305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:19:13 GMT
x-content-type-options
nosniff
age
8315
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1297
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 23 Aug 2023 12:19:13 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r2.app-valley.vip/
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:35:16 GMT
x-content-type-options
nosniff
age
370952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Aug 2024 07:35:16 GMT
AGSKWxU6EHEF0SbT5gY4_yEP2PkZ71O5rWTjErxHpUQglSsS8BLoymX85kTyZXoGpynHat-_3YY8arSsGQWvF2SnpVNw8QAfhIuLPABLbD_BJldbTbXuNKcVxo4-OOB7-v3g0y1VNlNFzg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU6EHEF0SbT5gY4_yEP2PkZ71O5rWTjErxHpUQglSsS8BLoymX85kTyZXoGpynHat-_3YY8arSsGQWvF2SnpVNw8QAfhIuLPABLbD_BJldbTbXuNKcVxo4-OOB7-v3g0y1VNlNFzg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.ncRlcJITScM.es5.O/d=1/rs=AJlcJMye1QmvFSrgd3aMW_50PE5kZfyhTQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lS0KxAsvE4n1zdAV5UQFEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://r2.app-valley.vip/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Aug 2023 14:37:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-lS0KxAsvE4n1zdAV5UQFEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://r2.app-valley.vip
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://r2.app-valley.vip
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 19 Aug 2023 00:05:03 GMT
x-content-type-options
nosniff
age
311565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 Aug 2024 00:05:03 GMT
rocket-loader.min.js
r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 17 Aug 2023 10:58:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ddfd41-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ%2FjOR8tf01yqELFfECONh6yimskEucAWmu3oKn%2FtEAUyhPo%2BQ8TAH2rCxCcrdTGLEQP3EVzUvKE5fi5UHCYle7bhdNDiB30uHW0aiULLi9jpyvYOB5yb4IXowN2fuoh4y9qyZCdLKg9ShoWXzrlFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7fabdb191d5d1c94-AMS
expires
Thu, 24 Aug 2023 14:37:48 GMT
base.js
r2.app-valley.vip/js/ 		828 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r2.app-valley.vip/js/base.js
Requested by
Host: r2.app-valley.vip
URL: https://r2.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dacfa508d2d1d0478e9634a3e834a5b59e76bf95d1d0738c375a72cbe6a670fb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://r2.app-valley.vip/limitless.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 14:37:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Mon, 21 Aug 2023 03:37:25 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
W/"4483b53d597e0bb9c1a76e8c2d9ea6d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FxlZMyJloGnLn1Um2f3mKpgaGEIxm0j%2B8sr%2FByUmIAsLlgZ7mZlYEdqvUW1rjKHRhqbrp%2FLAmdAADEk37KjXG5cVIXop7XUebhaZuc2bBSyhuKw1%2BISz2x9QzIZylu9IsiFKTjKvDP%2BQe5ygqWYxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7fabdb197dcf1c94-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture object| CloudflareApps object| __cfQR object| __cfBeacon object| atOptions object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| Nzg2MzA5MmU1Yjg5ZDA4YmxvYWRlcl9qcw== string| Nzg2MzA5MmU1Yjg5ZDA4YmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady boolean| __cfRLUnblockHandlers

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://publicationqueenfriends.com/5bb6697ce02069c672fa6e8a2b3f5d46/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
lh3.googleusercontent.com
pagead2.googlesyndication.com
publicationqueenfriends.com
r2.app-valley.vip
static.cloudflareinsights.com
192.243.59.20
2606:4700::6810:3965
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:811::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a06:98c1:3120::3
2a06:98c1:3121::3
00de743d016f900f4f46f6ab571bb32b99575ad51ff91f02a2f4eab4c4445305
054349dda27b80bb105fbc59b5973ef9889ed976aca1fbe39f77688dcff8c552
0b11069c362c345ac9e871fe6ef01f6dafdf6fec32247fe0d4b5bafc6852707d
4232f742730a6c806b5a8e4ff734b8e7ed5ae76b677cf58abe8769a9c2e7bac3
5e03e0c7668266486cab9529702019d75c219fcec2b1e82a7c11797ba9b78506
69201589507bc202272ad99fcd55412ba1999651cc3883a975618bc32b76e708
7615ba31d279c4a2f422fd7a947f1c58e7c5ea46bcdefef9082484c4ed2cc805
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7ef1d0e86d40c1ad358ac2120e8081f807e0f0f652f511a3927caa7e1150683e
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
b066568a01b7726b47a2b126924bea5f82df96657fc4c0cf80db7cb9c48158b5
b4d41d676c534f6d94af8e440a70c5578b3af18e6155b07c189534b257a8b371
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
dacfa508d2d1d0478e9634a3e834a5b59e76bf95d1d0738c375a72cbe6a670fb
df95a28b80237e0d8a283de8a3dc7cf109fb62c7fbc1aca312d29cbfaf8aef71
e21977add0d930b5706ae7c2aed680a6f9ae7d0e44e3185e5f3d5a6a1a482662
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eac4486e1d2545822c983646d0b83b8fcaf72c294a5b265a5f32466f76809106