www.natfrp.com Open in urlscan Pro
2606:4700::6812:10d7  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request download Show response www.natfrp.com/tunnel/	2 KB 1 KB	1285ms 1216ms	Document text/html	2606:4700::6812:10d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e906765906fd455f8c6b916a9b168c04a0683bc37906e164fbd165e8fddd38be Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 874b9050b8672bc9-FRA content-encoding br content-type text/html date Mon, 15 Apr 2024 11:23:29 GMT last-modified Mon, 15 Apr 2024 07:25:30 GMT permissions-policy interest-cohort=() server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	polyfills-C1NxJPLm.js Show response www.natfrp.com/assets/	10 KB 5 KB	46ms 45ms	Script application/javascript	2606:4700::6812:10d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/polyfills-C1NxJPLm.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f191fec7cebf0c46dc0df9de919fbf386891d133ff7fe0e79f1cf415caea84b3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:29 GMT content-encoding br cf-cache-status HIT last-modified Sun, 14 Apr 2024 08:28:43 GMT server cloudflare age 85020 etag W/"661b93bb-2728" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905858cc2bc9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:29 GMT
GET H2	200	index.prod-Cwna020F.js Show response www.natfrp.com/assets/	850 KB 299 KB	52ms 52ms	Script application/javascript	2606:4700::6812:10d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/index.prod-Cwna020F.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e5257baaa1cd1184ba7678b56b9d163df9a256b5072377ad7efd9c31ccf9aef6 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare age 12060 etag W/"661cd66a-d498b" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905858ce2bc9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:29 GMT
GET H2	200	index-DQYL1rfs.css www.natfrp.com/assets/	4 KB 2 KB	46ms 46ms	Stylesheet text/css	2606:4700::6812:10d7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/index-DQYL1rfs.css Requested by Host: www.natfrp.com URL: https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10d7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bdefd86233c7371df4d4ac61961850e93c2b8304261c85bd2c8f705b41ce36b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:29 GMT content-encoding br cf-cache-status HIT last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare age 12060 etag W/"661cd66a-11b2" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905858cb2bc9-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:29 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	199 KB 72 KB	83ms 26ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-156685489-1 Requested by Host: www.natfrp.com URL: https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash cd475846b5d6c5e0e7b790fd55c1ca83610a63675229557f73cd50188c2826e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 73646 x-xss-protection 0 last-modified Mon, 15 Apr 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 15 Apr 2024 11:23:30 GMT
GET DATA	200 OK	truncated /	117 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a627afc4f3dfeafdc58989adc7dccaceeb966f32ce4c061bdd6ada1d829b3b4b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ gravatar.globalslb.net/avatar/	1 KB 2 KB	1060ms 1003ms	Image image/jpeg	2606:4700::6812:245 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gravatar.globalslb.net/avatar/?d=mp Requested by Host: www.natfrp.com URL: https://www.natfrp.com/tunnel/download Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:245 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash faa31d59125ea8a13f09031f0d4cdc036e09d8e354f896ff4d20dff8107a3bc0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT hkg 2 date Mon, 15 Apr 2024 11:23:31 GMT cf-cache-status DYNAMIC last-modified Wed, 11 Jan 1984 08:00:00 GMT server cloudflare content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="none.png" accept-ranges bytes cf-ray 874b905bb82518c7-FRA link <https://gravatar.com/avatar/?d=mp>; rel="canonical" content-length 1288 alt-svc h3=":443"; ma=86400 expires Mon, 15 Apr 2024 11:28:31 GMT
GET H3	200	download-DzI6Qn9m.js Show response www.natfrp.com/assets/	46 KB 24 KB	478ms 478ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/download-DzI6Qn9m.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0859d9479626ce940a3cfeaa736360c0aa1e0275c1bd9731db53a4742b30ff64 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-b8d0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dcd5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	index-DvxVElgt.js Show response www.natfrp.com/assets/	24 KB 12 KB	470ms 469ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/index-DvxVElgt.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4200649056e7019c16038bed30cb8cde0840319de38ba0327b83832261dcc1fd Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-607e" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dcf5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	DownloadFilled-DzcFbvyv.js Show response www.natfrp.com/assets/	496 B 711 B	424ms 423ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/DownloadFilled-DzcFbvyv.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c8fd3a9a65abe44f9443c3a88d0931c9b041b7aa5211f5cdd4b30e007dc01f3 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-1f0" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dd25d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	OpenInNewFilled-ZZMUN_OL.js Show response www.natfrp.com/assets/	582 B 775 B	558ms 556ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/OpenInNewFilled-ZZMUN_OL.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec470c16b81968ac23c006707ec1c807614981b16b34113a3fce8c1abd1674a4 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:31 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-246" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dd35d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:31 GMT
GET H3	200	headers-CGWzEZNm.js Show response www.natfrp.com/assets/	2 KB 1 KB	438ms 437ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/headers-CGWzEZNm.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1033379b74ddf38ac487f5b703130f63cf56d96eecdfa4098924931d4fd9a9ad Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-7a5" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dd55d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Thing-B71RI_fu.js Show response www.natfrp.com/assets/	4 KB 1 KB	403ms 402ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Thing-B71RI_fu.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8d26fa9d80272d105581850a035e277cff079edd7177cef021a87c164111f26 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-e9c" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dd95d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Grid-BMjY3HF2.js Show response www.natfrp.com/assets/	6 KB 3 KB	425ms 424ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Grid-BMjY3HF2.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a81dc1ed6359a0d718b71ff60fab12acbab4c048b2ca492ec2ed03ab69a63a49 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-1694" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6ddd5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	get-slot-Bk_rJcZu.js Show response www.natfrp.com/assets/	91 B 482 B	33ms 32ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/get-slot-Bk_rJcZu.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb7c4a6073868b80b32fa7abb22a2810b3059a7b257f2f70019350596285c69a Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status HIT last-modified Sun, 14 Apr 2024 08:28:43 GMT server cloudflare age 69604 etag W/"661b93bb-5b" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6de05d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Space-BRLjwSBZ.js Show response www.natfrp.com/assets/	3 KB 2 KB	419ms 418ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Space-BRLjwSBZ.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0c66b278369e73225d72b594aa52e2cb8198a021947e2f00d7617164b0df46b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-a2f" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6de25d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Avatar-D8Ui_Hm-.js Show response www.natfrp.com/assets/	6 KB 3 KB	427ms 427ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Avatar-D8Ui_Hm-.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af6ea9f3de49439077197ff3394d7a941998be73f2e70278ab48005910c021dc Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-1688" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6de55d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Tag-Bp7TSbSV.js Show response www.natfrp.com/assets/	10 KB 3 KB	438ms 438ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Tag-Bp7TSbSV.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e3f9a6ad06389d5470ef5dbc80f72042e32cdd66c3d1073f5d845c73a86cabf Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-270d" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6de65d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Time-CZmHPOOe.js Show response www.natfrp.com/assets/	58 KB 14 KB	1517ms 1516ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Time-CZmHPOOe.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef8de0a02425f65a27c7fd302a3b2d38e9ce074430a1be3c708a806780fe4390 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:31 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-e6df" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dea5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:31 GMT
GET H3	200	use-locale-pXpRzz5L.js Show response www.natfrp.com/assets/	8 KB 3 KB	452ms 451ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/use-locale-pXpRzz5L.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3e830530f0996dc9366db8856ea60394d88e22593471f87b07b947061fda517 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-2172" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6dec5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H3	200	Code-DXog7H82.js Show response www.natfrp.com/assets/	5 KB 2 KB	1239ms 1238ms	Script application/javascript	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/Code-DXog7H82.js Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26b6b87fdd45514a90f1be9c0a14cbd44ec21701371a5335e4c6c366f5873d50 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer Origin https://www.natfrp.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:31 GMT content-encoding br cf-cache-status MISS last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-14fc" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6ded5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:31 GMT
GET H3	200	download-B-wGvJ_A.css www.natfrp.com/assets/	499 B 617 B	421ms 420ms	Stylesheet text/css	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/assets/download-B-wGvJ_A.css Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab564dafb9ff3564b63a8e5758297d3db2e3ad5ced0c22ab4d3829c84a6f5570 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-1f3" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b905b6def5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:30 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	245 KB 87 KB	22ms 21ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8J7ZV0WDV5&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-156685489-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c1bfba1ba7816b167cfc08747c6a02fc4822338c44ce76412b22953c440ec1c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:30 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 88778 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 15 Apr 2024 11:23:30 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	43ms 11ms	Script text/javascript	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-156685489-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 15 Apr 2024 09:38:42 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6288 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 15 Apr 2024 11:38:42 GMT
GET H3	200	favicon.ico www.natfrp.com/	69 KB 24 KB	27ms 26ms	Other image/x-icon	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 403a057371076f6ad68f5f0ce22cbd0cdb6a770aeca3fc61ccc23370d5e787df Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:31 GMT content-encoding br cf-cache-status HIT last-modified Thu, 26 Aug 2021 10:11:14 GMT server cloudflare age 81941 etag W/"612768c2-1137e" x-frame-options SAMEORIGIN vary Accept-Encoding content-type image/x-icon cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b90620d2e5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:31 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	36ms 36ms	XHR text/plain	2a00:1450:4001:809::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1067018673&t=pageview&_s=1&dl=https%3A%2F%2Fwww.natfrp.com%2Ftunnel%2Fdownload&dp=%2Ftunnel%2Fdownload&ul=de-de&de=UTF-8&dt=%E8%BD%AF%E4%BB%B6%E4%B8%8B%E8%BD%BD%20%7C%20SakuraFrp&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABAAAAACAAI~&jid=470907437&gjid=967757876&cid=1544017979.1713180211&tid=UA-156685489-1&_gid=994171797.1713180211&_r=1&gtm=457e44a0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=155599400 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.natfrp.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 245 B	85ms 25ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8J7ZV0WDV5&gtm=45je44a0v9123963102za200&_p=1713180210019&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1544017979.1713180211&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1713180212&sct=1&seg=0&dl=https%3A%2F%2Fwww.natfrp.com%2Ftunnel%2Fdownload&dt=%E8%BD%AF%E4%BB%B6%E4%B8%8B%E8%BD%BD%20%7C%20SakuraFrp&dp=%2Ftunnel%2Fdownload&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3449 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8J7ZV0WDV5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.natfrp.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	92ms 26ms	Ping text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8J7ZV0WDV5&cid=1544017979.1713180211&gtm=45je44a0v9123963102za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8J7ZV0WDV5&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.natfrp.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	80ms 35ms	Image image/gif	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8J7ZV0WDV5&cid=1544017979.1713180211&gtm=45je44a0v9123963102za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1822403711 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	251 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e02679787ba55827b3bb728289c6c21eebbc70a76c916eb7ac6abbaa6cfdb85a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	648 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d5eb1c8e68daf624dd631d3eee42ca4109da77fd48e115a89a8a0c429ed05de8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	620 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea88212bf6d6da23652f49b596dd21a48e126a647edaaaf78791940ceafad4d9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	unix-Zw9lxZ_J.svg www.natfrp.com/assets/	67 KB 14 KB	1519ms 1519ms	Image image/svg+xml	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.natfrp.com/assets/unix-Zw9lxZ_J.svg Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9090095100cde752a8a0f4c42ffb7cf78727fe89e6082b80b3429b01e14cbd76 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/tunnel/download Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:33 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 15 Apr 2024 07:25:30 GMT server cloudflare etag W/"661cd66a-10bd9" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml cache-control public, max-age=315360000 permissions-policy interest-cohort=() cf-ray 874b9065f8eb5d7e-FRA alt-svc h3=":443"; ma=86400 expires Thu, 13 Apr 2034 11:23:33 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 387969220ff5546eca51de8886433a2ce9e5dd7e076d6e77ca14009885b5cf94 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	clients Show response www.natfrp.com/cgi/v4/system/	10 KB 3 KB	1266ms 1266ms	XHR application/json	104.18.16.215 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.natfrp.com/cgi/v4/system/clients Requested by Host: www.natfrp.com URL: https://www.natfrp.com/assets/index.prod-Cwna020F.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.16.215 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0edc8054d5b046726d0c2ff0c596567e7b8f6716b6d2f59e3c3e5dc91cd632d Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Accept application/json, text/plain, */* Referer https://www.natfrp.com/tunnel/download Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 11:23:33 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare x-frame-options SAMEORIGIN content-type application/json permissions-policy interest-cohort=() cf-ray 874b9065f8fc5d7e-FRA alt-svc h3=":443"; ma=86400
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 349 B	54ms 24ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-156685489-1&cid=1544017979.1713180211&jid=470907437&gjid=967757876&_gid=994171797.1713180211&npa=1&_u=aEBAAUAAAAAAACAAI~&z=1353003498 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-platform "Win32" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Mon, 15 Apr 2024 11:23:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.natfrp.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	74ms 31ms	Image image/gif	142.250.184.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-156685489-1&cid=1544017979.1713180211&jid=470907437&npa=1&_u=aEBAAUAAAAAAACAAI~&z=58858453 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	36ms 36ms	Image image/gif	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-156685489-1&cid=1544017979.1713180211&jid=470907437&npa=1&_u=aEBAAUAAAAAAACAAI~&z=58858453 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://www.natfrp.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Mon, 15 Apr 2024 11:23:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ object| __cssrContext boolean| __VUE__ boolean| __vite_is_modern_browser object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.natfrp.com/	1970-01-20 19:54:26	Name: _gid Value: GA1.2.994171797.1713180211
			.globalslb.net/	1969-12-31 23:59:59	Name: _cfuvid Value: Fg4qGIqpyYbFWWolIORH_SM1I94p0aOq5NjfXO_uiYY-1713180211508-0.0.1.1-604800000
			.natfrp.com/	1969-12-31 23:59:59	Name: _cfuvid Value: SvJicdFH7gHb1GSqzrUpRN8MmQSy1cifqWhWR9arf14-1713180211969-0.0.1.1-604800000
			.natfrp.com/	1970-01-20 19:53:00	Name: _gat_gtag_UA_156685489_1 Value: 1
			.natfrp.com/	1970-01-21 05:29:00	Name: _ga_8J7ZV0WDV5 Value: GS1.1.1713180212.1.0.1713180212.60.0.0
			.natfrp.com/	1970-01-21 05:29:00	Name: _ga Value: GA1.1.1544017979.1713180211

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://www.natfrp.com/tunnel/download Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gravatar.globalslb.net
region1.analytics.google.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.natfrp.com
104.18.16.215
142.250.184.228
142.250.186.35
2001:4860:4802:32::36
2606:4700::6812:10d7
2606:4700::6812:245
2a00:1450:4001:809::200e
2a00:1450:4001:81d::2008
2a00:1450:400c:c07::9b
0859d9479626ce940a3cfeaa736360c0aa1e0275c1bd9731db53a4742b30ff64
1033379b74ddf38ac487f5b703130f63cf56d96eecdfa4098924931d4fd9a9ad
26b6b87fdd45514a90f1be9c0a14cbd44ec21701371a5335e4c6c366f5873d50
387969220ff5546eca51de8886433a2ce9e5dd7e076d6e77ca14009885b5cf94
403a057371076f6ad68f5f0ce22cbd0cdb6a770aeca3fc61ccc23370d5e787df
4200649056e7019c16038bed30cb8cde0840319de38ba0327b83832261dcc1fd
4e3f9a6ad06389d5470ef5dbc80f72042e32cdd66c3d1073f5d845c73a86cabf
7c8fd3a9a65abe44f9443c3a88d0931c9b041b7aa5211f5cdd4b30e007dc01f3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bdefd86233c7371df4d4ac61961850e93c2b8304261c85bd2c8f705b41ce36b
9090095100cde752a8a0f4c42ffb7cf78727fe89e6082b80b3429b01e14cbd76
a627afc4f3dfeafdc58989adc7dccaceeb966f32ce4c061bdd6ada1d829b3b4b
a81dc1ed6359a0d718b71ff60fab12acbab4c048b2ca492ec2ed03ab69a63a49
ab564dafb9ff3564b63a8e5758297d3db2e3ad5ced0c22ab4d3829c84a6f5570
af6ea9f3de49439077197ff3394d7a941998be73f2e70278ab48005910c021dc
c0edc8054d5b046726d0c2ff0c596567e7b8f6716b6d2f59e3c3e5dc91cd632d
c1bfba1ba7816b167cfc08747c6a02fc4822338c44ce76412b22953c440ec1c7
cb7c4a6073868b80b32fa7abb22a2810b3059a7b257f2f70019350596285c69a
cd475846b5d6c5e0e7b790fd55c1ca83610a63675229557f73cd50188c2826e7
d5eb1c8e68daf624dd631d3eee42ca4109da77fd48e115a89a8a0c429ed05de8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02679787ba55827b3bb728289c6c21eebbc70a76c916eb7ac6abbaa6cfdb85a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e830530f0996dc9366db8856ea60394d88e22593471f87b07b947061fda517
e5257baaa1cd1184ba7678b56b9d163df9a256b5072377ad7efd9c31ccf9aef6
e8d26fa9d80272d105581850a035e277cff079edd7177cef021a87c164111f26
e906765906fd455f8c6b916a9b168c04a0683bc37906e164fbd165e8fddd38be
ea88212bf6d6da23652f49b596dd21a48e126a647edaaaf78791940ceafad4d9
ec470c16b81968ac23c006707ec1c807614981b16b34113a3fce8c1abd1674a4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8de0a02425f65a27c7fd302a3b2d38e9ce074430a1be3c708a806780fe4390
f0c66b278369e73225d72b594aa52e2cb8198a021947e2f00d7617164b0df46b
f191fec7cebf0c46dc0df9de919fbf386891d133ff7fe0e79f1cf415caea84b3
faa31d59125ea8a13f09031f0d4cdc036e09d8e354f896ff4d20dff8107a3bc0