www15.flamingtext.hk Open in urlscan Pro
192.99.32.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www15.flamingtext.hk/
Submission: On June 18 via api (June 18th 2024, 5:12:15 pm UTC) from US — Scanned from CA

Summary HTTP 65 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 65 HTTP transactions. The main IP is 192.99.32.123, located in Canada and belongs to OVH, FR. The main domain is www15.flamingtext.hk.
TLS certificate: Issued by R3 on April 20th 2024. Valid for: 3 months.

This is the only time www15.flamingtext.hk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	192.99.32.123 192.99.32.123	16276 (OVH) (OVH)
1	142.251.174.97 142.251.174.97	15169 (GOOGLE) (GOOGLE)
6	172.217.222.157 172.217.222.157	15169 (GOOGLE) (GOOGLE)
36	51.79.78.56 51.79.78.56	16276 (OVH) (OVH)
2	192.95.37.78 192.95.37.78	16276 (OVH) (OVH)
1	209.85.144.113 209.85.144.113	15169 (GOOGLE) (GOOGLE)
2	173.194.66.156 173.194.66.156	15169 (GOOGLE) (GOOGLE)
11	142.251.167.139 142.251.167.139	15169 (GOOGLE) (GOOGLE)
2	209.85.144.132 209.85.144.132	15169 (GOOGLE) (GOOGLE)
1	142.250.31.106 142.250.31.106	15169 (GOOGLE) (GOOGLE)
65	11

2 192.99.32.123 (Canada)

ASN16276 (OVH, FR)
PTR: ov15.flamingtext.com

www15.flamingtext.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.174.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: qc-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 51.79.78.56 (Québec, Canada)

ASN16276 (OVH, FR)
PTR: ov10.flamingtext.com

cdn1.ftimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.95.37.78 (Montreal, Canada)

ASN16276 (OVH, FR)

www.stat-bot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.144.113 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.66.156 (United States)

ASN15169 (GOOGLE, US)
PTR: qo-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.167.139 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f139.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.85.144.132 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: qv-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.106 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f106.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	ftimg.com cdn1.ftimg.com	303 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 726 www.google.com — Cisco Umbrella Rank: 5	74 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136 tpc.googlesyndication.com — Cisco Umbrella Rank: 172	280 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
2	stat-bot.com www.stat-bot.com	3 KB
2	flamingtext.hk www15.flamingtext.hk	27 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68	258 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	105 KB
65	8

	Domain	Requested by
36	cdn1.ftimg.com	www15.flamingtext.hk cdn1.ftimg.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www15.flamingtext.hk pagead2.googlesyndication.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.stat-bot.com	www15.flamingtext.hk
2	www15.flamingtext.hk	www15.flamingtext.hk
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www15.flamingtext.hk
65	10

This site contains links to these domains. Also see Links.

Domain
addtext.com
profile-cover.com
www.facebook.com
twitter.com
creator.me
flamingtext.com
ar.flamingtext.com
zh-cn.flamingtext.com
flamingtext.fr
de.flamingtext.com
hi-in.flamingtext.com
flamingtext.jp
flamingtext.com.br
flamingtext.ru
flamingtext.es

Subject Issuer	Validity	Valid
*.flamingtext.hk R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.ftimg.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.stat-bot.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www15.flamingtext.hk/
Frame ID: A533D2267E8BA6770472B1F6BE321C45
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240613/r20110914/zrt_lookup_fy2021.html
Frame ID: 5AD3507C1432A8CA52046CCCE7CF4FA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4221310471306460&output=html&adk=1314090037&adf=164220786&abgtt=6&lmt=1718730731&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww15.flamingtext.hk%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_9&aiixl=27_3&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718730730421&bpp=4&bdt=309&idt=710&shv=r20240613&mjsv=m202406120201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=647006722991&frm=20&pv=2&ga_vid=97398214.1718730730&ga_sid=1718730731&ga_hid=1196633589&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C95329722%2C95331833%2C95334508%2C95334526%2C95334570%2C95334578%2C95335896%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1624788123410145&tmod=2094840493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=727
Frame ID: 0B3F820AF995946B580DC953E4336571
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE7307F6C601DA787C64B49986288327
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A89D814A4906CCC9D3664D84834F20F2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logo Design and Name Generator

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

65
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

792 kB
Transfer

1878 kB
Size

5
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://addtext.com/?_loc=top
Title: AddText

Search URL Search Domain Scan URL

URL: https://profile-cover.com/facebook/index?_loc=top
Title: Facebook Covers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/FlamingText

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/FlamingText

Search URL Search Domain Scan URL

URL: https://addtext.com/?_loc=fttrailer
Title: AddText

Search URL Search Domain Scan URL

URL: https://creator.me/?_loc=fttrailer
Title: Creator.me

Search URL Search Domain Scan URL

URL: https://flamingtext.com/
Title: English

Search URL Search Domain Scan URL

URL: https://ar.flamingtext.com/
Title: ‏ﺎﻠﻋﺮﺒﻳﺓ‏

Search URL Search Domain Scan URL

URL: https://zh-cn.flamingtext.com/
Title: 中文

Search URL Search Domain Scan URL

URL: https://flamingtext.fr/
Title: Français

Search URL Search Domain Scan URL

URL: https://de.flamingtext.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://hi-in.flamingtext.com/
Title: हिन्दी

Search URL Search Domain Scan URL

URL: https://flamingtext.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://flamingtext.com.br/
Title: Português

Search URL Search Domain Scan URL

URL: https://flamingtext.ru/
Title: Русский

Search URL Search Domain Scan URL

URL: https://flamingtext.es/
Title: Español

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www15.flamingtext.hk/ 51 KB
13 KB 202ms
80ms Document
text/html 192.99.32.123
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.32.123 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ov15.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 9d3649ed31c7141566da7e51444868eba965485eb63b3c831c7bd58ae9a5099b

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 18 Jun 2024 17:12:09 GMT
server: nginx/1.26.0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
105 KB 164ms
62ms Script
application/javascript 142.251.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5FBCKV4TZX

Requested by

Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.174.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qc-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6797f5340d442f4cf3a92196d0aa07c315a07ff3f1d13658f06543493bf6fe37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106751
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jun 2024 17:12:10 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
52 KB 217ms
117ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4221310471306460

Requested by

Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

25c78d7723c1d457a77fa72132e3aa5b2bfdbcd06991d5cb1aa9c7ef8c8549ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Origin: https://www15.flamingtext.hk
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53182
x-xss-protection: 0
server: cafe
etag: 6800854225867713042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 18 Jun 2024 17:12:10 GMT

GET
H2 200 ft-nib-text-80.png
cdn1.ftimg.com/images/ 6 KB
6 KB 168ms
83ms Image
image/png 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/ft-nib-text-80.png
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: dac7016b9e04b66c8d0cbb94a80d9b01cd07bf4470d675fb0cb5f01bb7cedd1b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: "61178406-1708"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 5896
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 hamburger-grey-25x20.png
cdn1.ftimg.com/images/ 200 B
402 B 167ms
82ms Image
image/png 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/hamburger-grey-25x20.png
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 8952e62b7efc6563ac4d4afe8e09b57cad8b498c34b6f838b2fe3495b7fa26f5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: "61178406-c8"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 200
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 spinner-240x120.gif
cdn1.ftimg.com/images/ 5 KB
5 KB 183ms
81ms Image
image/gif 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/spinner-240x120.gif
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: bcc8793b8528c17c0190221b2ec11f7f3469949294b33e562da16ab73b1f142e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:19 GMT
server: nginx/1.26.0
etag: "61178407-136e"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 4974
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 x.gif
cdn1.ftimg.com/images/ 43 B
244 B 169ms
85ms Image
image/gif 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/x.gif
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:19 GMT
server: nginx/1.26.0
etag: "61178407-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 43
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ft-904.min.css
cdn1.ftimg.com/css/ 33 KB
9 KB 141ms
40ms Stylesheet
text/css 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/css/ft-904.min.css
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 5d6dbc2e26c247925e4e8a21b11817b331ed852c0b09880e4b25a0d3c4ad5e5b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 06:32:05 GMT
server: nginx/1.26.0
etag: W/"662755e5-84d0"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 pagination-904.min.css
cdn1.ftimg.com/css/ 2 KB
995 B 169ms
84ms Stylesheet
text/css 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/css/pagination-904.min.css
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: df1bf0ce0d36cdb7dcd394de0e38e2993dcd85b71badc7652e815552fb71be41

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 06:32:08 GMT
server: nginx/1.26.0
etag: W/"662755e8-7c7"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ftnew2-en_US-904.min.js Show response
cdn1.ftimg.com/js/ 214 KB
76 KB 62ms
62ms Script
application/javascript 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/js/ftnew2-en_US-904.min.js
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: edee0cee30789ca45ac2f432edd1422f4717862f49655a5da98a8393412c8a43

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 06:33:47 GMT
server: nginx/1.26.0
etag: W/"6627564b-3575a"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 analytics.js Show response
www.stat-bot.com/js/ 8 KB
3 KB 141ms
40ms Script
application/javascript 192.95.37.78
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.stat-bot.com/js/analytics.js
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.95.37.78 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.26.0 /
Resource Hash: 827682e74a2a691014970536e1b59cf775cad0d859c274c34823a41fa717b521

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: gzip
last-modified: Tue, 23 Apr 2024 06:48:36 GMT
server: nginx/1.26.0
etag: W/"662759c4-1f7e"
content-type: application/javascript
cache-control: max-age=31622400, public
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ftsprite-904.png
www15.flamingtext.hk/images/ 14 KB
14 KB 40ms
40ms Image
image/png 192.99.32.123
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www15.flamingtext.hk/images/ftsprite-904.png
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.32.123 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ov15.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: c688065c6ef7f1e49a502cd45a75356e65027402d3345176a310faa1ce61bba6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Tue, 23 Apr 2024 06:32:03 GMT
server: nginx/1.26.0
content-type: image/png
cache-control: max-age=31622400, public
accept-ranges: bytes
content-length: 13995
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ft-flags-sprite.png
cdn1.ftimg.com/images/ 3 KB
3 KB 77ms
76ms Image
image/png 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/ft-flags-sprite.png
Requested by: Host: cdn1.ftimg.com
URL: https://cdn1.ftimg.com/css/ft-904.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: a93648a598766273e060586f1e2870fb3211c0a08aa339dfaf8eadaf08e62ea7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn1.ftimg.com/css/ft-904.min.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: "61178406-b8f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2959
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ftsprite-904.png
cdn1.ftimg.com/images/ 14 KB
14 KB 77ms
77ms Image
image/png 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/ftsprite-904.png
Requested by: Host: cdn1.ftimg.com
URL: https://cdn1.ftimg.com/css/ft-904.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: c688065c6ef7f1e49a502cd45a75356e65027402d3345176a310faa1ce61bba6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn1.ftimg.com/css/ft-904.min.css
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Tue, 23 Apr 2024 06:32:03 GMT
server: nginx/1.26.0
etag: "662755e3-36ab"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 13995
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 ft-ico-font-1.ttf
cdn1.ftimg.com/fonts/ft-ico-font/ 2 KB
3 KB 125ms
42ms Font
application/octet-stream 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/fonts/ft-ico-font/ft-ico-font-1.ttf?u9nwlh
Requested by: Host: cdn1.ftimg.com
URL: https://cdn1.ftimg.com/css/ft-904.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 2ed959c2ae6340b60d713acc77bfee9edcdd74ae67b2114d7258797a896fcdd0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn1.ftimg.com/css/ft-904.min.css
Origin: https://www15.flamingtext.hk
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: "61178406-9c0"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2496
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 font-awesome.min.css
cdn1.ftimg.com/font-awesome/4.6.2/css/ 28 KB
7 KB 67ms
67ms Stylesheet
text/css 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/font-awesome/4.6.2/css/font-awesome.min.css
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: gzip
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: W/"61178406-7103"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31622400
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/ 94 KB
33 KB 215ms
111ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4221310471306460

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

7128dbd2f6ea279c24aec942a5aaf3c907dbde65d005386f4e216ec4958cf81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33834
x-xss-protection: 0
server: cafe
etag: 17645228891939778657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 17:12:10 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/ 428 KB
145 KB 548ms
444ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4221310471306460

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

c2a1fb21ec5a249b854ea6b48aa90e678e7e0ecce493bca4e45ac526df022d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148186
x-xss-protection: 0
server: cafe
etag: 5143331627354334602
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 17:12:10 GMT

GET
H2 200 team-america-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 8 KB
9 KB 49ms
44ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/team-america-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: fae8b16ffce77f637c3c7557b9993a7c66677445f18b5897e3d0a4339f2dd342

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Thu, 23 May 2024 04:48:17 GMT
server: nginx/1.26.0
etag: "664eca91-212e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 8494
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 comics-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 4 KB
4 KB 50ms
45ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/comics-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 13a8c01115939dfddf9d88d8d1b36a273be37eaabe97ddbfaf5b5b5ca526cb76

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:40 GMT
server: nginx/1.26.0
etag: "649991d4-10da"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 4314
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 smurfs-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 4 KB
4 KB 51ms
45ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/smurfs-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 11b9eed4e07de1f1d1513721c6e059961b0f1e3632060de47b358c0dfcb8f48b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:41 GMT
server: nginx/1.26.0
etag: "649991d5-e7c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3708
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 3d-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
3 KB 51ms
46ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/3d-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 276276904ca6ce1917baf913c20af2de8a91dbe6a8ef875e0676008d9ea5d58a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:40 GMT
server: nginx/1.26.0
etag: "649991d4-9b4"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2484
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 fluffy-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 4 KB
4 KB 52ms
47ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/fluffy-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 7f8aad72bf918fdb847cdbe93cba5efe73deeee65da47526dfe9fa8daa2e0529

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:43 GMT
server: nginx/1.26.0
etag: "649991d7-f66"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3942
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 runner-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 4 KB
5 KB 52ms
48ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/runner-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 19e77354794bd1f31702c10187be8847a1fd21d1c5d737978014d46a7c4d926a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:42 GMT
server: nginx/1.26.0
etag: "649991d6-115e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 4446
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 water-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 4 KB
4 KB 53ms
48ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/water-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 0e6b7a83ba50327229bb51d27eced3677583324277af4daf0faac5ede0f3ba38

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:41 GMT
server: nginx/1.26.0
etag: "649991d5-f58"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3928
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 style-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
3 KB 53ms
48ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/style-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: b870e08dcc746ba5ef4e67885fa236889e4f5d55544a6c330d88da5bcf566157

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:42 GMT
server: nginx/1.26.0
etag: "649991d6-c92"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3218
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 blackbird-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
3 KB 54ms
49ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/blackbird-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 290a85bbe9b93969026caebfe4362455f1886a8ff3bd4075c4c2e7269e342085

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:41 GMT
server: nginx/1.26.0
etag: "649991d5-d18"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3352
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 fabulous-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
3 KB 54ms
50ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/fabulous-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 4968d866996b655accf6340f7e1bd3589a2b9d50704d85efef9ddc8c7a030dbe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:43 GMT
server: nginx/1.26.0
etag: "649991d7-b9a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2970
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 april-fools-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
3 KB 55ms
50ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/april-fools-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 4b867718296a48282828a0673204c768f340074fb1bbbfc272d666fbec272c59

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Fri, 08 Mar 2024 04:00:48 GMT
server: nginx/1.26.0
etag: "65ea8d70-c6c"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3180
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 glow-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
2 KB 55ms
51ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/glow-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: e6dcdba388f156625d94dfed60eb5fae76099d8f62101e47d5da17d432635571

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:44 GMT
server: nginx/1.26.0
etag: "649991d8-856"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2134
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 thanksgiving1-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
4 KB 55ms
51ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/thanksgiving1-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: ade1f36cbdf861219c99851fd640f32027833024029ccd099e7d848993a1c7ff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Fri, 08 Mar 2024 04:02:18 GMT
server: nginx/1.26.0
etag: "65ea8dca-d8e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3470
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 graffiti-3d-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
4 KB 56ms
52ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/graffiti-3d-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 7328ee594cbea402d9a28c3e368d39dc2db9697f74269a3d7091604a05b1903b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:44 GMT
server: nginx/1.26.0
etag: "649991d8-d8e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3470
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 starborn-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 5 KB
5 KB 56ms
52ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/starborn-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 598105aedfe97a1dce9b0366d210d29fe1117a9baec6d424931ceffc470896b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Thu, 23 May 2024 04:48:16 GMT
server: nginx/1.26.0
etag: "664eca90-151a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 5402
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 world-cup-2014-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
2 KB 56ms
53ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/world-cup-2014-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 7cae477577017a2d3421b5f46fd37bb72b444f868415690d5b46959f55b1977e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:49 GMT
server: nginx/1.26.0
etag: "649991dd-66e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 1646
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 clan-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
2 KB 57ms
54ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/clan-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: bec1be2285dbcd0eb971eb84660c6456671dee45d24a3b20a096a223e5432932

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:49 GMT
server: nginx/1.26.0
etag: "649991dd-72a"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 1834
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 alien-glow-anim-logo.gif
cdn1.ftimg.com/images/logos/s240x120/en_US/ 63 KB
64 KB 57ms
54ms Image
image/gif 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/alien-glow-anim-logo.gif
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 02bcdf70f8a94748010cae9460b870e890eae32b85d8d95d3bf449a3bc280189

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:50 GMT
server: nginx/1.26.0
etag: "649991de-fdb9"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 64953
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 neon-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 1 KB
2 KB 130ms
127ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/neon-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: a4c3d85794c09ed63164a3382c662d6c79e3c2c5d4b94a6c6d3d1641937c96c8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:44 GMT
server: nginx/1.26.0
etag: "649991d8-57e"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 1406
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 winner-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
2 KB 130ms
128ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/winner-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: b2f88945e8fc5dd3496d8e04c070ac09dfbde4f33937f29df32fdee417d73900

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Fri, 08 Mar 2024 04:00:49 GMT
server: nginx/1.26.0
etag: "65ea8d71-7e6"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2022
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 amped-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 5 KB
5 KB 131ms
128ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/amped-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: aabf8e8f982e15496b1c59cdc2ad6af856f08de984ead3590e6b3c9eeeef35c4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:50 GMT
server: nginx/1.26.0
etag: "649991de-1452"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 5202
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 harry-potter-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 2 KB
3 KB 131ms
129ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/harry-potter-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: 7920d3eda8b35b476540d573415eb6b496af9f3b3dfc15c102ed693f2aa9505a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:49 GMT
server: nginx/1.26.0
etag: "649991dd-958"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 2392
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 chrominium-logo.webp
cdn1.ftimg.com/images/logos/s240x120/en_US/ 3 KB
3 KB 132ms
130ms Image
image/webp 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/chrominium-logo.webp
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: db955987e53f4e225a385f15b833060f74aa2d1a5d7a709c39e5ef1fdbd163f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Mon, 26 Jun 2023 13:25:49 GMT
server: nginx/1.26.0
etag: "649991dd-bbe"
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 3006
expires: Thu, 19 Jun 2025 17:12:10 GMT

GET
H2 200 flaming-logo.gif
cdn1.ftimg.com/images/logos/s240x120/en_US/ 33 KB
34 KB 132ms
130ms Image
image/gif 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.ftimg.com/images/logos/s240x120/en_US/flaming-logo.gif
Requested by: Host: www15.flamingtext.hk
URL: https://www15.flamingtext.hk/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: d69a42e777bed972be41cf0222162fe3773b5495eb6d1b46216718e2006f0ab6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:10 GMT
last-modified: Fri, 08 Mar 2024 04:00:50 GMT
server: nginx/1.26.0
etag: "65ea8d72-85aa"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 34218
expires: Thu, 19 Jun 2025 17:12:10 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 151ms
49ms Ping
text/plain 209.85.144.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5FBCKV4TZX&gtm=45je46c0v889164020za200&_p=1718730730131&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=97398214.1718730730&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718730730&sct=1&seg=0&dl=https%3A%2F%2Fwww15.flamingtext.hk%2F&dt=Logo%20Design%20and%20Name%20Generator&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=672&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5FBCKV4TZX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 209.85.144.113 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: qv-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 17:12:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Fetch
text/html 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4221310471306460
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: qi-in-f157.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240613/r20110914/ Frame 5AD3 0
0 144ms
48ms Document
text/html 173.194.66.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240613/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www15.flamingtext.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 58715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 00:53:36 GMT
etag: 16861080603521627538
expires: Tue, 02 Jul 2024 00:53:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0B3F 0
0 379ms
292ms Document
text/html 173.194.66.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4221310471306460&output=html&adk=1314090037&adf=164220786&abgtt=6&lmt=1718730731&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww15.flamingtext.hk%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=27_9&aiixl=27_3&aslmct=0.7&asamct=0.7&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguNjEiLG51bGwsMCxudWxsLCI2NCIsW1siTm90L0EpQnJhbmQiLCI4LjAuMC4wIl0sWyJDaHJvbWl1bSIsIjEyNi4wLjY0NzguNjEiXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjYuMC42NDc4LjYxIl1dLDBd&dt=1718730730421&bpp=4&bdt=309&idt=710&shv=r20240613&mjsv=m202406120201&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=647006722991&frm=20&pv=2&ga_vid=97398214.1718730730&ga_sid=1718730731&ga_hid=1196633589&ga_fc=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C95329722%2C95331833%2C95334508%2C95334526%2C95334570%2C95334578%2C95335896%2C95335292%2C31078663%2C31078668%2C31078670&oid=2&pvsid=1624788123410145&tmod=2094840493&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=727

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.66.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qo-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www15.flamingtext.hk/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 524
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 17:12:11 GMT
expires: Tue, 18 Jun 2024 17:12:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-4221310471306460 Show response
fundingchoicesmessages.google.com/i/ 197 KB
65 KB 169ms
72ms Script
application/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-4221310471306460?href=https%3A%2F%2Fwww15.flamingtext.hk&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

a01739b14f1025f96366513fbb2eb445ff46bc2207718c3557dc4df4a16650b0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xARYPinUD31GILCFlf261Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-xARYPinUD31GILCFlf261Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmLw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCvFwvP5_bDObQMPDvaeYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAzN9AzM4wsMAAX5Oio"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXXoilJHvglfW5LFn-X45RPk8YCdd5WE_cQET6aOnkVPz_lgfGxHkoqHK5mO_DOehKuuIbp7hyMt9lFSYzcYgH_CFHiQMJgEF99TR7TkHf3rRg9eDzOxledyZG1zk-TSIUWU4FDRQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 76ms
75ms Script
application/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXXoilJHvglfW5LFn-X45RPk8YCdd5WE_cQET6aOnkVPz_lgfGxHkoqHK5mO_DOehKuuIbp7hyMt9lFSYzcYgH_CFHiQMJgEF99TR7TkHf3rRg9eDzOxledyZG1zk-TSIUWU4FDRQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzMwNzMxLDgzODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cxNS5mbGFtaW5ndGV4dC5oay8iLG51bGwsW1s4LCJyTVcxX1dPaWpUOCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTNdLG51bGwsMTNdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.rMW1_WOijT8.es5.O/am=CAM/d=1/rs=AJlcJMxmFqfrNsTIf2CIQJgVL9s9wOjgRA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

dde022f62997300a12714dd8bb0362299f1ae374e8e6b44b1e8e0eae29e22fe5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gKHDGed1dkSTptusdmOGkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:11 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gKHDGed1dkSTptusdmOGkA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw0ZBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCvFwvP5_bDObwIo1B1YxK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBma6RmYxxcYAAD6zjn5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVK8WQRQ0mpONsJfPqfJbORTcHJoyRQv_qz6lwN-SmXQViQNzcmaRx6rb5MOYhJPFUHho0f3gs-CzQvMrzCrltLrbAV4k6Crv7PS-RMRjOaxGGP07KwwPVU2cu83IFly3L-HDa6yQ== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 74ms
74ms Script
application/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVK8WQRQ0mpONsJfPqfJbORTcHJoyRQv_qz6lwN-SmXQViQNzcmaRx6rb5MOYhJPFUHho0f3gs-CzQvMrzCrltLrbAV4k6Crv7PS-RMRjOaxGGP07KwwPVU2cu83IFly3L-HDa6yQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzMwNzMxLDkyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3MTUuZmxhbWluZ3RleHQuaGsvIixudWxsLFtbOCwick1XMV9XT2lqVDgiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzMxMDgyMjUzXSxudWxsLDEzXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

ce232ca30e46b81517402a715e1111af3042bdd9ea00c038c93a9d25e468ac0f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YfFnxf2LUvKn_TSvEtYeiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:11 GMT
content-security-policy: script-src 'report-sample' 'nonce-YfFnxf2LUvKn_TSvEtYeiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII1pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCvFwvP5_bDObwIX7vy8wK2kk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBma6RmYxxcYAAAkAjrE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 108ms
108ms XHR
application/json 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240613&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

719a95150345f2fbb52cec43669b063480abd5e633f299064237b4bee5b13d49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12798
x-xss-protection: 0

GET
H2 200 pixel.gif
www.stat-bot.com/ 43 B
181 B 42ms
42ms Image
image/gif 192.95.37.78
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.stat-bot.com/pixel.gif?v=1.0&domain=www15.flamingtext.hk&path=%2F&dns=0&pageLoad=2188&pageTime=204&ttfb=80&id=flamingtext&version=904&server=www15&userType=visitor&ab=b&type=pageview&_=0.5397382714242394
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.95.37.78 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx/1.26.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
server: nginx/1.26.0
content-length: 43
content-type: image/gif;charset=UTF-8

GET
H2 200 favicon-32x32.png
cdn1.ftimg.com/images/icons/ 1 KB
1 KB 42ms
41ms Other
image/png 51.79.78.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.ftimg.com/images/icons/favicon-32x32.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.79.78.56 Québec, Canada, ASN16276 (OVH, FR),
Reverse DNS: ov10.flamingtext.com
Software: nginx/1.26.0 /
Resource Hash: a05e4b7bdadcfac9075f93ec1008baec3bbc347bd34b14c7733f4fb3a1235e75

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
last-modified: Sat, 14 Aug 2021 08:51:18 GMT
server: nginx/1.26.0
etag: "61178406-4b3"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 1203
expires: Thu, 19 Jun 2025 17:12:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 176ms
49ms Script
text/javascript 209.85.144.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406120201/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 17:12:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE73 0
0 141ms
48ms Document
text/html 209.85.144.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

209.85.144.132 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

qv-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www15.flamingtext.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 33998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 07:45:34 GMT
expires: Wed, 18 Jun 2025 07:45:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame A89D 0
0 139ms
57ms Document
text/html 142.250.31.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f106.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YOa_mKEvVvA3UkVRRxik9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9;q=0.9
Referer: https://www15.flamingtext.hk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-YOa_mKEvVvA3UkVRRxik9w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jun 2024 17:12:12 GMT
expires: Tue, 18 Jun 2024 17:12:12 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 photoad._ad01_.ads.css Show response
fundingchoicesmessages.google.com/f/AGSKWxW-zY-GF55Sa5ND3QfBh40b2Qi6cljfRipecWaU6g-xxgsuPT1qXVyFJCz2G_PjZOrUkzagsUyRPhDGfnfdDDOl13Ro3p-uE3cw3UsbFoS_eDBRqQW0p8xNKsstpaYF3XI74JF1Eg7snnq_1OpQfg7NEqIsB... 54 B
109 B 64ms
64ms Script
application/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-zY-GF55Sa5ND3QfBh40b2Qi6cljfRipecWaU6g-xxgsuPT1qXVyFJCz2G_PjZOrUkzagsUyRPhDGfnfdDDOl13Ro3p-uE3cw3UsbFoS_eDBRqQW0p8xNKsstpaYF3XI74JF1Eg7snnq_1OpQfg7NEqIsBCj8YZEawcbmOOItacDnLqoxKWivXXLr/_/adload./cwggoogleadshow./photoad._ad01_.ads.css

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.rMW1_WOijT8.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwDwKDCvjhsWDOrEF7FPX4bGIzJGw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

ac0107fb0298121c2e295ed996097f2bcf4bb07d2684248142e9e3a0c40971ba

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NNrB5Q2dQOzXLp2ovcPYsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NNrB5Q2dQOzXLp2ovcPYsA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCvFwvPl_bDObwInjZ7czKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBma6RmYxxcYAAAMNjpS"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 87 KB
31 KB 49ms
48ms Script
text/javascript 172.217.222.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.222.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qi-in-f157.1e100.net

Software

cafe /

Resource Hash

ee96911b243a5b84ce8bc38f4ee45ffe908c9a7a791ffb3494cc4a0c9c057b11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 16:14:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31598
x-xss-protection: 0
server: cafe
etag: 11034565240661902148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Jun 2024 17:14:02 GMT

POST
H3 204 AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 145ms
62ms XHR
text/html 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BgZ_-VDv77o-dCdTqWdqZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-BgZ_-VDv77o-dCdTqWdqZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hm_7HNbAIzPp25x6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDM30DMzjCwwAneEsxA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P3VutKmD0UvIXGM8GvDK8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-P3VutKmD0UvIXGM8GvDK8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hm_7HNbAIrDpy9x6TkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDM30DMzjCwwAliYspw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZTLcoEi9aBAhhEWEyNPZnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZTLcoEi9aBAhhEWEyNPZnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hm_7HNbAIN3_7eYVJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYApyos4w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uHMNLVHZQFyZx5AlKLGwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-uHMNLVHZQFyZx5AlKLGwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwcb_4f28wm0DBt1j0mJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGZopmdgHl9gAABpnywU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXQeDHcmtuaMz8LppQJ8JohRuhbygTkgOgGaLim3jnBWYLAZUMbCuPyW_t8D-nE_SFKdwrIXxxjOp77mGR3I463TywhxkFUIcI0XO9gJrAXjIJmPh_nwTQdWel4o8fnCyHeDjbjvQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 74ms
74ms Script
application/javascript 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXQeDHcmtuaMz8LppQJ8JohRuhbygTkgOgGaLim3jnBWYLAZUMbCuPyW_t8D-nE_SFKdwrIXxxjOp77mGR3I463TywhxkFUIcI0XO9gJrAXjIJmPh_nwTQdWel4o8fnCyHeDjbjvQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE4NzMwNzMyLDY3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cxNS5mbGFtaW5ndGV4dC5oay8iLG51bGwsW1s4LCJyTVcxX1dPaWpUOCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbMzEwODIyNTNdLG51bGwsMTNdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

b6f2890b084b973c7f73672b119471d71f888fc998412d23785b61f6225d427e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0lnjWcEyuSU8tgIY0258iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-0lnjWcEyuSU8tgIY0258iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmII0pBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDi9s8XWKcC8ZKIi6wHEi-yCvFwvPl_bDObwItfjXeYlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzAzN9AzM4wsMABloOog"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWXU2jdvuIy0n-BIv9GKVXtdpeMbmnGMgs3zwCD22WCCKR4yssqKWIT_o6S_aBn7FMUYjQGxh2C8dr2DmxsVvexbynuYRUvNWpNMmgu2sXq6rnvwVq4j8V44Tjw7Uovn8FaKQBPWw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 59ms
58ms XHR
text/html 142.251.167.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWXU2jdvuIy0n-BIv9GKVXtdpeMbmnGMgs3zwCD22WCCKR4yssqKWIT_o6S_aBn7FMUYjQGxh2C8dr2DmxsVvexbynuYRUvNWpNMmgu2sXq6rnvwVq4j8V44Tjw7Uovn8FaKQBPWw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zWZVX95ct7QxI64YuCJfHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zWZVX95ct7QxI64YuCJfHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hm_7HNbAIzXn79zaTkkpRfGJ-cn1eSmleim5hSrAtiF2UmlZbkF6GwU8tAKnLy09Mz89LjjQyMTAzMDM30DMzjCwwAsOAtBQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVcWmn_jCfLG895kOW1DjE_FRmj5eCG2BFuVRgnjAcbNtl-lMlyKnrg-aP4cp3iw-fNq8H_Jz-CTMvWNfjixltl-7bKVawjTWCVCC-ze18LiLOV4axyVFUCXAJxhaYzKpKGqZo8uQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.167.139 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f139.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l4P0ZOCry5aliQlSYgHaQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://www15.flamingtext.hk/
Accept-Language: en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jun 2024 17:12:12 GMT
content-security-policy: script-src 'report-sample' 'nonce-l4P0ZOCry5aliQlSYgHaQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw_Hm_7HNbAInOh_8ZVJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmhmZ6BubxBQYAmkMsug"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www15.flamingtext.hk
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240613&jk=1624788123410145&bg=!a2ilaCfNAAb64txl2uI7ADQBe5WfOHex_zOdjS1ydwXorCSPtYppGqdUN939Cmgp_4mFjbUbRLdOpcjBerzaQMmY0LzVAgAAAFJSAAAABmgBB34ANWI0Hsc5JV9aE8pmpmRI0g2aTKw3QiRhDemS6P5V_KnwE6-V7Wp3JXdQ-p2vOdciG1YrJ84FmQK37Um-6EIvtlUoRjlDkLIb1In8_gD3kYwzL47tKlWRLpEhjk3TvWkVrWSmstl1umEa79Ap_RGn6ni1OuI8r7e09rYCEPBwdVAFMAaF8VeyuDuMbim0fpfy95DZVJnL8CDgqVtI7CDU_zaDYBwWS42qUPzTSrw3-mZFqJHoYhYb-RK_Po4PazBb98I2Cs7_kED6yxQUdKEq22-KSAb3rfZKalQn448YIw5A0eyHP2yqFDnb0Qt7SkA9q0_MIYglBdzyqWsG9xJnjKyCZmg-isfT6m1Yo1qK-oG1reCzYvQ4F_YHhoZcJIXrB0f2NC3f144eYJF5Mb6SkbPMajsnY_-jv1WBt5oUywDaWu-dnWANVrszSc5RkF592qkqy8Qt9guUg2SoSt2fbdUruvfUr2ydjrnrJ0QReP1BDYVOCt3P-mSO-QCoC8X7WkquLayMFAEdSzS5inzAsi671qQx0NoIUyGQdX8zyrISyvD-SzxJ0xpCPAAF9TT42kx-kZYaMSZQzziiL5q4JovLFC81uVEQi4eGG6DohzXuzARZVQn7H03UWU7a3eZuSPbtIMCExnUh_FeW7NolIsLcStO3GlmQDEoL139Fy9DNV_Z8ycFx5GPp6WvEBbZIPHT3Use4vzrtJXdLUOpZB2iU_5tjaSg_Wtetv4CjT2V10gSXzMZOKU030RgdaBFhtpHaE2iieVobx6SubTkh431H3lcIwbZ4LkWONesQcmKi7yf9AHRuqWAiC2QfDGxK02KISDq_6UycGQPBzKnhjAYI01iWuiYj1mXhncSSIjapv895K2pvTT6BV5vHCX0oW7mQfNZR4pS2Ft3L6iQP4S5ZH9wgMB_ZcEiufIJESrLFNypktqbwZ2iZmn5FrQUl_gfxzmfejqaH1jeJJ1N07terSnRvk6LqAgkFEg75qMI

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www15.flamingtext.hk/	1969-12-31 23:59:59	Name: JSESSIONID Value: 503C91FEDE54FA9B58F4152FC72D627C
.flamingtext.hk/	1970-01-21 07:01:30	Name: _ga_5FBCKV4TZX Value: GS1.1.1718730730.1.0.1718730730.0.0.0
.flamingtext.hk/	1970-01-21 07:01:30	Name: _ga Value: GA1.1.97398214.1718730730
.doubleclick.net/	1970-01-20 21:25:31	Name: test_cookie Value: CheckForPermission
.flamingtext.hk/	1970-01-21 06:11:06	Name: FCNEC Value: %5B%5B%22AKsRol8a9lMgcwgQ9ay18anbxmBobJe8m0fQT7VdMy-O6hjwG4ZtEBOXS8g2r0DFJ77q0yV6xapX5wG75MRewW6e09EWsBqblg1dF40bXpLT8xnPVKo0I5-qpzgtSWRjlZKK3H1-WFambYOvsB7xrnikduKb6lUfog%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn1.ftimg.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.stat-bot.com
www15.flamingtext.hk
pagead2.googlesyndication.com
142.250.31.106
142.251.167.139
142.251.174.97
172.217.222.157
173.194.66.156
192.95.37.78
192.99.32.123
209.85.144.113
209.85.144.132
51.79.78.56
02bcdf70f8a94748010cae9460b870e890eae32b85d8d95d3bf449a3bc280189
0e6b7a83ba50327229bb51d27eced3677583324277af4daf0faac5ede0f3ba38
11b9eed4e07de1f1d1513721c6e059961b0f1e3632060de47b358c0dfcb8f48b
13a8c01115939dfddf9d88d8d1b36a273be37eaabe97ddbfaf5b5b5ca526cb76
19e77354794bd1f31702c10187be8847a1fd21d1c5d737978014d46a7c4d926a
25c78d7723c1d457a77fa72132e3aa5b2bfdbcd06991d5cb1aa9c7ef8c8549ec
276276904ca6ce1917baf913c20af2de8a91dbe6a8ef875e0676008d9ea5d58a
290a85bbe9b93969026caebfe4362455f1886a8ff3bd4075c4c2e7269e342085
2ed959c2ae6340b60d713acc77bfee9edcdd74ae67b2114d7258797a896fcdd0
4968d866996b655accf6340f7e1bd3589a2b9d50704d85efef9ddc8c7a030dbe
4b867718296a48282828a0673204c768f340074fb1bbbfc272d666fbec272c59
598105aedfe97a1dce9b0366d210d29fe1117a9baec6d424931ceffc470896b0
5d6dbc2e26c247925e4e8a21b11817b331ed852c0b09880e4b25a0d3c4ad5e5b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6797f5340d442f4cf3a92196d0aa07c315a07ff3f1d13658f06543493bf6fe37
7128dbd2f6ea279c24aec942a5aaf3c907dbde65d005386f4e216ec4958cf81c
719a95150345f2fbb52cec43669b063480abd5e633f299064237b4bee5b13d49
7328ee594cbea402d9a28c3e368d39dc2db9697f74269a3d7091604a05b1903b
7920d3eda8b35b476540d573415eb6b496af9f3b3dfc15c102ed693f2aa9505a
7cae477577017a2d3421b5f46fd37bb72b444f868415690d5b46959f55b1977e
7f8aad72bf918fdb847cdbe93cba5efe73deeee65da47526dfe9fa8daa2e0529
827682e74a2a691014970536e1b59cf775cad0d859c274c34823a41fa717b521
8952e62b7efc6563ac4d4afe8e09b57cad8b498c34b6f838b2fe3495b7fa26f5
9d3649ed31c7141566da7e51444868eba965485eb63b3c831c7bd58ae9a5099b
a01739b14f1025f96366513fbb2eb445ff46bc2207718c3557dc4df4a16650b0
a05e4b7bdadcfac9075f93ec1008baec3bbc347bd34b14c7733f4fb3a1235e75
a4c3d85794c09ed63164a3382c662d6c79e3c2c5d4b94a6c6d3d1641937c96c8
a93648a598766273e060586f1e2870fb3211c0a08aa339dfaf8eadaf08e62ea7
aabf8e8f982e15496b1c59cdc2ad6af856f08de984ead3590e6b3c9eeeef35c4
ac0107fb0298121c2e295ed996097f2bcf4bb07d2684248142e9e3a0c40971ba
ade1f36cbdf861219c99851fd640f32027833024029ccd099e7d848993a1c7ff
b2f88945e8fc5dd3496d8e04c070ac09dfbde4f33937f29df32fdee417d73900
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
b6f2890b084b973c7f73672b119471d71f888fc998412d23785b61f6225d427e
b870e08dcc746ba5ef4e67885fa236889e4f5d55544a6c330d88da5bcf566157
bcc8793b8528c17c0190221b2ec11f7f3469949294b33e562da16ab73b1f142e
bec1be2285dbcd0eb971eb84660c6456671dee45d24a3b20a096a223e5432932
c2a1fb21ec5a249b854ea6b48aa90e678e7e0ecce493bca4e45ac526df022d82
c688065c6ef7f1e49a502cd45a75356e65027402d3345176a310faa1ce61bba6
ce232ca30e46b81517402a715e1111af3042bdd9ea00c038c93a9d25e468ac0f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d69a42e777bed972be41cf0222162fe3773b5495eb6d1b46216718e2006f0ab6
dac7016b9e04b66c8d0cbb94a80d9b01cd07bf4470d675fb0cb5f01bb7cedd1b
db955987e53f4e225a385f15b833060f74aa2d1a5d7a709c39e5ef1fdbd163f2
dde022f62997300a12714dd8bb0362299f1ae374e8e6b44b1e8e0eae29e22fe5
df1bf0ce0d36cdb7dcd394de0e38e2993dcd85b71badc7652e815552fb71be41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6dcdba388f156625d94dfed60eb5fae76099d8f62101e47d5da17d432635571
edee0cee30789ca45ac2f432edd1422f4717862f49655a5da98a8393412c8a43
ee96911b243a5b84ce8bc38f4ee45ffe908c9a7a791ffb3494cc4a0c9c057b11
fae8b16ffce77f637c3c7557b9993a7c66677445f18b5897e3d0a4339f2dd342

www15.flamingtext.hk Open in urlscan Pro 192.99.32.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

0 %IPv6

8 Domains

10 Subdomains

11 IPs

2 Countries

792 kBTransfer

1878 kBSize

5 Cookies

16 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www15.flamingtext.hk Open in urlscan Pro
192.99.32.123 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

10
Subdomains

11
IPs

2
Countries

792 kB
Transfer

1878 kB
Size

5
Cookies

65 HTTP transactions
0 data transactions