3kmfi6hp.lzh720.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://3kmfi6hp.lzh720.workers.dev/
Submission: On June 27 via api (June 27th 2024, 3:35:46 pm UTC) from US — Scanned from NL

Summary HTTP 114 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 25 IPs in 8 countries across 20 domains to perform 114 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 3kmfi6hp.lzh720.workers.dev.
TLS certificate: Issued by WE1 on June 12th 2024. Valid for: 3 months.

This is the only time 3kmfi6hp.lzh720.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6812:bb1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.214.103.41 13.214.103.41	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
14	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:80e::2016	15169 (GOOGLE) (GOOGLE)
1	69.192.160.238 69.192.160.238	16625 (AKAMAI-AS) (AKAMAI-AS)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	203.114.55.134 203.114.55.134	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	103.200.108.61 103.200.108.61	45530 (AGODA-TH-...) (AGODA-TH-AS-AP The Offices at Central World)
25	18.66.137.45 18.66.137.45	16509 (AMAZON-02) (AMAZON-02)
1	104.18.187.31 104.18.187.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1f::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
114	25

13 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

3kmfi6hp.lzh720.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bb1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.214.103.41 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-103-41.ap-southeast-1.compute.amazonaws.com

www.letsgojp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

3kmfi6hp.lzh720.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.238 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-238.deploy.static.akamaitechnologies.com

cdn0.agoda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.114.55.134 (Shinjuku, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)
PTR: 203x114x55x134.ap203.ftth.arteria-hikari.net

uh.nakanohito.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.200.108.61 (Netherlands)

ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH)

sherpa.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.137.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-137-45.fra60.r.cloudfront.net

d1grca2t3zpuug.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.187.31 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States) 1 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	workers.dev 3kmfi6hp.lzh720.workers.dev	167 KB
25	cloudfront.net d1grca2t3zpuug.cloudfront.net	3 MB
11	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	45 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	246 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 w.clarity.ms — Cisco Umbrella Rank: 7852 c.clarity.ms — Cisco Umbrella Rank: 1434	28 KB
6	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 122	236 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	164 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	5 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	414 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	167 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 10567	517 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	310 B
2	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125	282 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	768 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
1	agoda.com sherpa.agoda.com — Cisco Umbrella Rank: 251579
1	nakanohito.jp uh.nakanohito.jp — Cisco Umbrella Rank: 140145	11 KB
1	agoda.net cdn0.agoda.net — Cisco Umbrella Rank: 68552	3 KB
1	gstatic.com encrypted-tbn0.gstatic.com	2 KB
1	letsgojp.com www.letsgojp.com	525 B
114	20

	Domain	Requested by
27	3kmfi6hp.lzh720.workers.dev	3kmfi6hp.lzh720.workers.dev
25	d1grca2t3zpuug.cloudfront.net	3kmfi6hp.lzh720.workers.dev
11	cdnjs.cloudflare.com	3kmfi6hp.lzh720.workers.dev
8	pagead2.googlesyndication.com	3kmfi6hp.lzh720.workers.dev pagead2.googlesyndication.com
6	i.ytimg.com	3kmfi6hp.lzh720.workers.dev
5	connect.facebook.net	3kmfi6hp.lzh720.workers.dev connect.facebook.net
4	www.facebook.com	3kmfi6hp.lzh720.workers.dev
4	www.googletagmanager.com	3kmfi6hp.lzh720.workers.dev www.googletagmanager.com
4	cdn.jsdelivr.net	3kmfi6hp.lzh720.workers.dev cdn.jsdelivr.net
3	w.clarity.ms	www.clarity.ms
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	c.clarity.ms	1 redirects
2	www.google.nl	3kmfi6hp.lzh720.workers.dev
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	1 redirects www.googletagmanager.com
2	www.clarity.ms	3kmfi6hp.lzh720.workers.dev www.clarity.ms
1	c.bing.com	1 redirects
1	region1.google-analytics.com	3kmfi6hp.lzh720.workers.dev
1	sherpa.agoda.com	cdn0.agoda.net
1	uh.nakanohito.jp	3kmfi6hp.lzh720.workers.dev
1	cdn0.agoda.net	3kmfi6hp.lzh720.workers.dev
1	encrypted-tbn0.gstatic.com	3kmfi6hp.lzh720.workers.dev
1	www.letsgojp.com	3kmfi6hp.lzh720.workers.dev
114	23

This site contains links to these domains. Also see Links.

Domain
booking.letsgojp.com
hotels.letsgojp.com
air.letsgojp.com
michishop.letsgojp.com
www.facebook.com
www.instagram.com
www.youtube.com
www.letsgojp.com
hokkaido.letsgojp.com
tohoku.letsgojp.com
tokyo.letsgojp.com
hokuriku.letsgojp.com
chubu.letsgojp.com
osaka.letsgojp.com
chugoku.letsgojp.com
shikoku.letsgojp.com
kyushu.letsgojp.com
okinawa.letsgojp.com
www.letsgojp.cn
yoshidakoichi.letsgojp.com

Subject Issuer	Validity	Valid
lzh720.workers.dev WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
letsgojp.com Amazon RSA 2048 M02	`2023-11-15` - `2024-12-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
edgestatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.agoda.net GeoTrust RSA CA 2018	`2023-09-26` - `2024-09-25`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.nakanohito.jp JPRS Organization Validation Authority - G4	`2024-01-12` - `2025-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-05` - `2024-07-04`	3 months	crt.sh
agoda.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-30` - `2024-09-28`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.nl WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://3kmfi6hp.lzh720.workers.dev/
Frame ID: 0626E0210195BF03FC899DE56DAEB279
Requests: 109 HTTP requests in this frame

Frame: https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=TPrOdgqaWJh%2FJLKdpC%2B4sA%3D%3D&Language=zh-tw&Hg=339px&Wd=256px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=5983839665493&Cid=1921616
Frame ID: 9AD0FF818AA055C999E3ADE8B78087DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html
Frame ID: A4DAB227DBD764BAD06E0E8527700947
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5873959640692295&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719502541&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719502540869&bpp=3&bdt=15632&idt=302&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7951375075136&frm=20&pv=2&ga_vid=1806653053.1719502536&ga_sid=1719502541&ga_hid=952959823&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084788%2C42531706%2C95331695%2C95334511%2C95334525%2C95334573%2C95335887%2C95335897%2C31084184%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3872154829323865&tmod=1547738747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=620%2C620%2C620%2C620%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=403
Frame ID: F3BD17F3B5C1D1C7A243DC240C7BB452
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5873959640692295&output=html&h=70&slotname=8822470010&adk=3208568299&adf=3052806192&pi=t.ma~as.8822470010&w=825&abgtt=6&lmt=1719502541&format=825x70&url=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&fwrattr=true&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719502540872&bpp=2&bdt=15636&idt=425&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7951375075136&frm=20&pv=1&ga_vid=1806653053.1719502536&ga_sid=1719502541&ga_hid=952959823&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=2967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084788%2C42531706%2C95331695%2C95334511%2C95334525%2C95334573%2C95335887%2C95335897%2C31084184%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3872154829323865&tmod=1547738747&uas=0&nvt=1&fc=1920&brdim=620%2C620%2C620%2C620%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=431
Frame ID: 0B6E57DA49E398DF3C6B09788ACFF799
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A9F6EFBED444CF4CC657F4C64B94FEB3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

全國 | 樂吃購！日本

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

114
Requests

97 %
HTTPS

52 %
IPv6

20
Domains

23
Subdomains

25
IPs

8
Countries

4132 kB
Transfer

6354 kB
Size

18
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://booking.letsgojp.com/
Title: 行程體驗

Search URL Search Domain Scan URL

URL: https://hotels.letsgojp.com/
Title: 訂房比價

Search URL Search Domain Scan URL

URL: https://air.letsgojp.com/
Title: 機票比價

Search URL Search Domain Scan URL

URL: https://michishop.letsgojp.com/
Title: MiCHi SHOP

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/339425473734121
Title: 日本選物社團

Search URL Search Domain Scan URL

URL: https://www.facebook.com/letsgojp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/letsgojp_official/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCzfNj5-UEvxOBErW2S3_bSg

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/user
Title: 我的主頁

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/settings/profile
Title: 設定

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/about-us
Title: 關於樂吃購

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/logout
Title: 登出

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/

Search URL Search Domain Scan URL

URL: https://hokkaido.letsgojp.com/
Title: 北海道

Search URL Search Domain Scan URL

URL: https://tohoku.letsgojp.com/
Title: 東北

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/
Title: 東京

Search URL Search Domain Scan URL

URL: https://hokuriku.letsgojp.com/
Title: 北陸

Search URL Search Domain Scan URL

URL: https://chubu.letsgojp.com/
Title: 中部

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/
Title: 關西

Search URL Search Domain Scan URL

URL: https://chugoku.letsgojp.com/
Title: 山陽山陰

Search URL Search Domain Scan URL

URL: https://shikoku.letsgojp.com/
Title: 四國

Search URL Search Domain Scan URL

URL: https://kyushu.letsgojp.com/
Title: 九州

Search URL Search Domain Scan URL

URL: https://okinawa.letsgojp.com/
Title: 沖繩

Search URL Search Domain Scan URL

URL: https://www.letsgojp.cn/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/user/logout
Title: 登出

Search URL Search Domain Scan URL

URL: https://yoshidakoichi.letsgojp.com/
Title: 吉田部落格

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/667975/

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/656498/

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/667628/

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/666801/

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/666160/

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/tokyotokyo

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/coverstory3

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/nishikyushu

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/premium

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/letsgo_coupon

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/coverstory1

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/coverstory_nagasaki

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/nihongo

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/coverstory2

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/features/japan_anime

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/668227/

Search URL Search Domain Scan URL

URL: https://chubu.letsgojp.com/archives/608375/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/575582/

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/668188/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/667945/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/667497/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/627887/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/667421/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/667304/

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/667116/

Search URL Search Domain Scan URL

URL: https://chugoku.letsgojp.com/archives/617444/
Title: 樂關西去廣島回！5天4夜行程推薦：踩點世界遺產姬路城、嚴島神社，體驗機場住宿！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/661198/
Title: 購日本人都愛逛永旺「AEON 超市」！伴手禮、藥妝、自有品牌物美價廉，領取優惠券再享折扣！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/661206/
Title: 購【2024年最新】AEON 超市優惠券：使用方式、優惠內容與最新購物資訊一次看

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/653069/
Title: 樂東京池袋「太陽城」美食、角色咖啡廳推薦4選：三麗鷗、寶可夢、芝麻街、米菲兔，可愛大集合！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/663599/
Title: 購你用對牙膏了嗎？如何正確選擇牙膏？日本牙膏選購重點整理

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/650940/
Title: 住日本買房推薦使用「神居秒算」！全中文 APP、AR 擴增實境看房，在日本置產一點也不難！

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/652001/
Title: 購【有購物券】奈良購物推薦「永旺夢樂城大和郡山」：平價美妝零食、美食餐廳超齊全！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/656261/
Title: 購 2024累積「亞洲萬里通」里數攻略：會員限定日本購物賺三倍里數再送優惠券！

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=l2h4cJ9BWok
Title: 【難波站2分鐘】大阪高島屋必買推薦10個商品🔥高品質高CP值不買後悔！THREE、SHIRO、Ball & Chain、On、大阪購物｜日本旅遊・Japan 4K Vlog

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=2P7MFYy-43A
Title: 【2024大阪自由行】心齋橋、道頓堀の隱藏小店！固力果跑跑人，免P圖無人拍照點大公開✨流心蛋黃章魚燒、福八鯛魚燒、美國村玩具店、心齋橋藥妝店、麻婆豆腐拉麵｜日本旅遊・Japan 4K Vlog

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=UvDIKJDTxhg
Title: 【日本訂房教學】日本訂房網站哪個最便宜？Jalan、一休、agoda、Booking.com等7大訂房網一次解說

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=gQBf6jAtDik
Title: 開箱吉卜力公園2024新園區🔥魔女之谷一日遊攻略✨男神霍爾的家＆龍貓公車＆琪琪麵包店夢幻場景重現、魔女之家、最新門票指南｜愛知名古屋自由行・日本旅遊・Japan Vlog 4K

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=I6CSnJP0Aps
Title: 開箱2024迪士尼新園區💫夢幻泉鄉Fantasy Springs超夢幻園內搶先看✨ #shorts #disney #disneyseatokyo #日本旅行 #日本必去 #日本自由行 #東京迪士尼

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=nC9OWGO113M
Title: 東京必拍！電車三線交會絕景🚃御茶之水《鈴芽之旅》取景地、電車景觀咖啡廳、排隊麵包店PLUSOUPLE、滑雪街、樂器街、神保町舊書街｜日本旅遊・Japan Vlog 4K

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/videos
Title: 看更多

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/379869/
Title: 松本清最高免稅10%OFF＋7％OFF 2024年10月31日為止

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/coupon/355805/
Title: 樂天免稅店購滿1萬日圓以上折1千日圓 2025年01月31日為止

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/1618/
Title: BIC CAMERA 最高免稅10%OFF＋7％OFF 2024年08月31日為止

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/288199/
Title: 唐吉訶德免稅10%OFF＋5％OFF 無有效日期

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/336446/
Title: 大國藥妝最高免稅10%OFF＋8％OFF 無有效日期

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/603299/
Title: SUNDRUG藥妝最高免稅10%OFF + 7%OFF 無有效日期

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/coupon/384218/
Title: 山田電機最高可享17%OFF 2025年03月31日為止

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/coupon/328552/
Title: 多慶屋最高可享78折 2025年04月30日為止

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/535150/
Title: 1 日本入境申請快速通關必看教學：Visit Japan Web填寫流程、QR code快速通關方法

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/552511/
Title: 2 日本「合利他命」系列原來有這些功效！什麼時候吃、怎麼選看這篇就懂！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/655436/
Title: 3 日本旅行遇到這些情況怎麼辦？事先下載日本叫車 APP「GO」！台灣香港門號綁定教學好方便

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/589107/
Title: 4 日本伴手禮都可入境台灣海關嗎？買食物、藥品、家電注意事項、禁帶物品整理

Search URL Search Domain Scan URL

URL: https://kyushu.letsgojp.com/archives/350621/
Title: 5 【2024九州福岡自由行】行程總整理！福岡機場進出，長崎、由布院、門司港、太宰府玩透透

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/666679/
Title: 6 躍上東京天際線的寶可夢們！晴空塔Ｘ動畫版《精靈寶可夢》暑期大型活動，6/25開跑！

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/579558/
Title: 7 新宿車站購物推薦「高島屋」：特色伴手禮、國際精品、美食美妝一次買齊！

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/504065/
Title: 8 2024大阪環球影城攻略！瑪利歐區域入場方法、10大園區必玩遊樂設施

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/394802/
Title: 9 關西自由行購物必逛「大阪高島屋」！直通南海難波站，美食伴手禮、美妝保養服飾一網打盡！

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/612693/
Title: 10 京都購物新地標「京都高島屋S.C.」：任天堂京都、京都蔦屋書店好逛好買，三嶋亭壽喜燒必吃！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/373881/
Title: 3 日本新紙鈔2024年7月3日發行：舊鈔還能用嗎？新鈔樣式、全新防偽技術一次看！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/570161/
Title: 6 2024最新！日本藥妝店必買藥品推薦15選：樂敦眼藥水、合利他命、Acnes25痘霜、太田胃散

Search URL Search Domain Scan URL

URL: https://shikoku.letsgojp.com/archives/347957/
Title: 8 【2024四國自由行】超完整攻略！瀨戶內小島、溫泉秘境玩透透，10日、7日、5日行程總覽！

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/20887/
Title: 9 【成田機場交通】東京旅遊必備：從成田機場到東京市區的交通方式大解析！

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/589628/
Title: 10 到日本玩可用「PayPay」掃碼付款了！街口支付、玉山Wallet、全支付APP跨境支付綁定全攻略

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/301458/
Title: 1 【2024東京自由行】新手必看第一次東京旅遊推薦行程、景點攻略整理

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/422983/
Title: 3 日本道謝時說「ありがとう」小心被白眼？旅遊前必背4句實用日語

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/1618/
Title: 4 【BicCamera優惠券2024】激省10%免稅＋最高7%折價券，買家電就到BicCamera

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/345942/
Title: 5 2024大阪自由行攻略：5天4夜行程規劃，精選必去景點

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/94083/
Title: 6 【河口湖交通】河口湖自由行必看，從東京前往河口湖的交通方式總整理！

Search URL Search Domain Scan URL

URL: https://tokyo.letsgojp.com/archives/94425/
Title: 7 【河口湖自由行】必去10大景點：超美逆富士、最新富士街道私房拍攝地公開！

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/302908/
Title: 9 【2024關西自由行】京都、大阪、奈良、神戶玩透透！推薦行程與景點總整理

Search URL Search Domain Scan URL

URL: https://www.letsgojp.com/archives/336446/
Title: 10 【2024大國藥妝優惠券】最高免稅10％＋8％OFF！必買日本藥妝都在這

Search URL Search Domain Scan URL

URL: https://kyushu.letsgojp.com/archives/498409/
Title: 1 九州福岡必買伴手禮17選：推薦明太子仙貝、小雞饅頭、甘王草莓夾心餅！

Search URL Search Domain Scan URL

URL: https://osaka.letsgojp.com/archives/499281/
Title: 2 2024大阪伴手禮必買15選，呼吸巧克力、ECHIRE奶油夾餡餅、551蓬莱肉包都超推薦

Search URL Search Domain Scan URL

URL: https://okinawa.letsgojp.com/archives/405500/
Title: 3 IG 爆紅的沖繩小希臘！「瀨長島」半日遊景點、美食、購物行程推薦

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 89

https://region1.analytics.google.com/g/collect?v=2&tid=G-28NXCDBGGK&gtm=45je46q0v884099413z879215829za200zb79215829&_p=1719502534981&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1806653053.1719502536&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719502536&sct=1&seg=0&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&dt=%E5%85%A8%E5%9C%8B%20%7C%20%E6%A8%82%E5%90%83%E8%B3%BC%EF%BC%81%E6%97%A5%E6%9C%AC&en=page_view&_fv=2&_ss=2&_c=1&tfd=12420&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1806653053.1719502536&dbk=12556298133447928708&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v884099413z879215829za200zb79215829&npa=1&tid=G-28NXCDBGGK&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%3F

Request Chain 106

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&RedC=c.clarity.ms&MXFR=15EA8D2051DA62CF3003998B55DA6C28 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&MUID=02AD18B37B166D521BC30C187ABC6CEE

114 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
3kmfi6hp.lzh720.workers.dev/ 131 KB
21 KB 1556ms
1394ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.2.6

Resource Hash

0284d8a2c7de89894c34485ab41316c57f1904b2f9181f3e077429d4d3c18f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 89a681b609316700-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 27 Jun 2024 15:35:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
region: www
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pg3AtnSUfbRKWcUPBcMVR0FCBMeEk4CwhERmT5WO5gfXOdt8LVlnKl6qj6EpKsCUxKltLRc%2FXaKbq%2BUFmr0OHhzBne2XwKbwZkbaAzhEelEqyURzCpevI71Sc3%2F1UvVv1KDkc6rFPytwezXnih8POyC%2FEixcrZvSq3Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.2.6

GET
H2 404 bootstrap.min.css
3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/css/ 0
0 482ms
445ms Stylesheet
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.005131
date: Thu, 27 Jun 2024 15:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4EtgM%2Fk06iWllSu2vVvLdWnZqpcGCKLmi%2BFeYZb4t9W6kIaAqaslPVLk7ClqQc5F1JFqMzurf3kKGq3CSUypnU3wa0qQaKJvaFDD5gzOhmdsBIv6R%2FGecttYKCh%2B2ELwaKU2FJKwwuddpcPgX7b54apVlbb8YPy1NwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: null
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-ray: 89a681bf5cef6700-AMS
alt-svc: h3=":443"; ma=86400
x-request-id: a2a1b1ec-1424-43ae-9457-ae82c4f11f58

GET
H2 403 all.css
3kmfi6hp.lzh720.workers.dev/assets/fontawesome/5.9.0/css/ 0
0 1897ms
1860ms Stylesheet
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/assets/fontawesome/5.9.0/css/all.css
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:27 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: RULE
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=846f1MPPUXNe%2BRBoApMhGZWbEL6M0Yms7gBM3IJNRYcJgXNb%2BtHpJozXtH1zNJ3yoBBjb7btu3W20o4CuH8jH%2Bh%2BHxun1%2B9dNx8ahLg317JoVgwJieIriMNF0mYZwIpfuSUiWrLwM4Pg87uknTHIx171GYaBIGoPBrY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89a681bf5cf16700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10
x-request-id: 3dcb4035f94833715606cc43763144c3

GET
H3 200 open-iconic-bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/open-iconic/1.1.1/font/css/ 9 KB
2 KB 111ms
38ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/open-iconic/1.1.1/font/css/open-iconic-bootstrap.min.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1972302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1632
last-modified: Mon, 04 May 2020 16:13:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f3b-24b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJRCu39F%2FDmlSzAOLylNKVza64j%2FIgoVMe%2FxKYsUek4mMp8OMXGg1fy5vZQ0uXCDqVys%2BwUvmfc7m8GO61wBNbRC0tAAa%2FsqCW1GXPYAxS5p3gnOLf7WZEQa6Gujljz1o4EsZBzn"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681bfaa8966d6-AMS
expires: Tue, 17 Jun 2025 15:35:25 GMT

GET
H3 200 jquery.bxslider.min.css
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/ 3 KB
1 KB 140ms
40ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fccf706e6186e617e0ab0ae98fef2bf4929635a4d9d30746563af6c4765b310

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 59
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 638
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-ba2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XDQZcb7T2qng2mZrSvykfiiFV4Wb22LKjQGMw%2F3P8gS6yeitmRj69UfjNJEY9K5XCcA8430rMHsoeLXkYhqVDnQog6UpHHGcTEQ7SvxFveZ%2FlvOYte052vHYn9dssFWjUwRON691"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681bfcd87b8be-AMS
expires: Tue, 17 Jun 2025 15:35:25 GMT

GET
H3 200 lightbox.min.css
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.1/css/ 2 KB
1 KB 108ms
37ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.1/css/lightbox.min.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1260192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 683
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DzkJMtPJdAxzQ4ZOeT262ZZ%2B8Ordq3MmCa9oMS8q%2BzuyP%2F2zpHh7Os7umgW8TOulnmbBMbxyGNirZ9UeBTfgEIkXOOOiTnVm0XqMuuR98a5p4IjtGWIuXTJ2X%2BUaco14e7uYGHkc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681bfaa8a66d6-AMS
expires: Tue, 17 Jun 2025 15:35:25 GMT

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/ 87 KB
12 KB 148ms
14ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4548866
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11979
x-served-by: cache-fra-eddf8230111-FRA, cache-lga21937-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"15a09-bhLh682YP4SOXCgKt3ZJ7rROdLw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQqIDO%2BPAprnQUizNxe%2FMjsf2L14qaSMT9xG2FGTjZ97WaOOl1LNBo%2FCDBFhiIDWOs2%2Fc20VAthZGjUxt8kiNxAuVkjgfBAOc53Zk1i4fv3FoDv23vZU9DNpqerTUdM%2FV7c152Y8e%2F0%2FEk7fFSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681bfe8516684-AMS

GET
H2 404 sweetalert.css
3kmfi6hp.lzh720.workers.dev/css/ 0
0 2230ms
2196ms Stylesheet
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/css/sweetalert.css
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 21 Nov 2022 07:35:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeGC6mmFgFiYhQF9v6cKpoVkoFiB4ARV1lQmw8W3hdrr8Im4I%2FoWu%2FlPuwXd6S4HUStjs%2FrAu8sR%2Ffx4TDuRPzeyUE32IA2Mj2HLBx%2BNoBzXpk0MVx1Kk%2BFCjuinuFcsZ595SFu1Oc339iX5rFn%2FdbhHrx5Kt55u704%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 89a681bf5cf46700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 404 191215.css
3kmfi6hp.lzh720.workers.dev/css/ 0
0 1065ms
1032ms Stylesheet
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/css/191215.css?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAb%2BonY2TvBkCA0434hVsmhzreEWO0kE4AB9lEHQ16hWfkmIQFYMe6At6ZHKpJvTp2Jn6zAvrBb%2ByYltsV3FyBv%2B8dySc0MdyJucV%2B5WgpQSyr17jr3tyMsXTpUakWYEYf2EW4Y3QPk5Pzrvxnu%2BuxObwrdVAhn2Y%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 89a681bf5cf56700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 403 header.css
3kmfi6hp.lzh720.workers.dev/css/ 0
0 1349ms
1316ms Stylesheet
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/css/header.css?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2yZOQlGiPcyHyIa%2FM8l3G2br93UC3O5OweHOAdXHttncLnV7GfMm0wPIwV3gSzTlippyBbvL8j1Vm0yTA8R5rONzUG%2BekKIRYiS6AKWXV2VxzOjVI58TawwgeUIvT9W6nbTh7N6%2FmdUNYxyAJ3Y9Jl9JiMnLC1EHo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 89a681bf5cf66700-AMS
alt-svc: h3=":443"; ma=86400
content-length: 39

GET
H2 200 app.css
www.letsgojp.com/build/assets/ 629 B
525 B 1373ms
307ms Stylesheet
text/css 13.214.103.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.letsgojp.com/build/assets/app.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.214.103.41 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-214-103-41.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.25.4 /

Resource Hash

33b3c179d2d1d34cc3d59dd51e0a3b7949ff88fd42b7d9fd58d5f6f16f74c499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 07 Mar 2024 11:21:21 GMT
server: nginx/1.25.4
etag: W/"65e9a331-275"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
region: www
cache-control: max-age=86400
expires: Fri, 28 Jun 2024 15:35:26 GMT

GET
H2 200 swiper-bundle.min.css
cdn.jsdelivr.net/npm/swiper@11/ 18 KB
5 KB 148ms
16ms Stylesheet
text/css 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6689
x-jsd-version: 11.1.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5094
x-served-by: cache-fra-eddf8230090-FRA, cache-lga21941-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"47ff-d3a3yEz+9uIdA7uPkGvhHx1zZd4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzHl6T2zOuPkAM%2FjmUKACZd%2BF4dK6sY%2FflCzOplVsxFSBaQjY1pcNFt5BAKihuotWL2l9FrP4ZCSWrwvYh4M10cnVnTfglcs4b57Wg2bo7ogG3nX0Q9GjfGLobEqJt%2FVSvbcJJM8Tm2b1eXeoqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681bfe8546684-AMS

GET
H2 404 common.css
3kmfi6hp.lzh720.workers.dev/css/www/ 0
0 1261ms
1229ms Stylesheet
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/css/www/common.css

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTSUMX2f%2B%2FUAxNDMiCPk%2BVTRohy%2Fe%2FVT7GjUhyOLVpl8GtteJRiq73xff075ZkUNoIQCXRxrAdIzktFQySruWuDrgj264dsLYID%2FTW8sRDsI3MoRJM%2Fc9vpZdWFq3GfPGznTfBwNX%2BHXx8QDkfWrLIyiFfhxmGfcz%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
status: 404 Not Found
cf-ray: 89a681bf5cf96700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 403 popper.min.js
3kmfi6hp.lzh720.workers.dev/assets/ajax/popper.js/1.16.0/ 0
0 1343ms
1311ms Script
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/assets/ajax/popper.js/1.16.0/popper.min.js
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao7mYmSvWnBBg4MqoZtxmIMbhPGDC%2FJwB6fo%2BjE9b6MtfyGYkycq%2F2wOfWA6hPBsWa9JxmgGRaPRTzD1BbMcDskLKhIBXVVRInWB65i0n20b%2FgscrP50%2Fd57b5YC%2FeSnndMqCwzF%2FXvN%2FUFC7WS1O1aXQQXNs7%2BgmNw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 89a681bf5cfc6700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 404 jquery-3.4.1.min.js
3kmfi6hp.lzh720.workers.dev/assets/ajax/jQuery/ 0
0 9675ms
9644ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/assets/ajax/jQuery/jquery-3.4.1.min.js
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fle6Jl1KVIVmkc0RdRhZiQ3cOJLyJB0XyILPy8WDPlEiamG0t0hhfjiM%2FLU1bN6YxkoR2JH3qz%2FULjZXICJ0MzVqRiNPxQF5W8H1rLJBBU2MuGIKVkIS7JNKJN87J5jGmHRZYc3Uzht0Qr76aveo7npKpcl2LfL8isc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 89a681bf5cfd6700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 404 jquery-ui.min.js
3kmfi6hp.lzh720.workers.dev/assets/ajax/jquery.ui/1.12.1/ 0
0 2803ms
2772ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/assets/ajax/jquery.ui/1.12.1/jquery-ui.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cN2tzvL3jSZ4HmO8GdNs79h5DsCE3DcM08KmGHJhUqzdjPWB4f1kmYMYpGsFPVcDhB2sbXKEqPimFj2J9ggrL7%2FoZLAGwms3DtkHHFm1GqxJg%2BowmOubhvAsyHTvRdtlu6%2FqLx6bIE%2FOE6wUOvUXxxY99exzzY8g%2FgY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 89a681bf5cff6700-AMS
access-control-allow-headers: Origin, Content-Type, x-csrf-token, X-Auth-Token, Authorization, Accept,charset,boundary,Content-Length

GET
H2 404 bootstrap.min.js
3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/js/ 0
0 1266ms
1235ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/js/bootstrap.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TasCPR6XR0g1v%2F%2F7UUtvWklxoEVybogay0yh1o0F%2FTlc%2FaSen4UhkHULUTcT1AxgDy8nEmgzGXZGysWxgSsg8wgNG5jaMKGf3Pi1Ox2OA%2BLfCFLEUsSM73c0%2F2CZ6%2F3Yspydmz5TdETKH0tv0770ebXdziM0rKgv3KQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
status: 404 Not Found
cf-ray: 89a681bf5d006700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
106 KB 381ms
130ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64GCEN52K6

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5976059d2fbe31940193e8293a3f41cbae37d9bd0bb96f0cb92aa0fc29326447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 15:35:35 GMT

GET
H2 404 www_logo.png
3kmfi6hp.lzh720.workers.dev/images/common/ 3 KB
3 KB 1122ms
1091ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3kmfi6hp.lzh720.workers.dev/images/common/www_logo.png

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10a33b5c940e7bc600ea2810083d84e945b8f746e5c952ebde40407410169fba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:26 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-encoding: br
cf-cache-status: BYPASS
last-modified: Fri, 12 Oct 2012 06:17:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hh4tQFgys4TmtGGc1oFQSZMGqszWZbkmbjypak7mqc%2FzGjFqEeD28ViTD4hJVPJycDjOW1TzMY6QoeGyIc4dWyWOG18Rd5s%2BSECEZv4QvrmWngGWPMdHDC36YTzA51IA1tjfHqvsLROQ%2B59M69Gyy9hPsuGaWYLE4HI%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cdn-cache; desc=MISS, edge; dur=37, origin; dur=958, ak_p; desc="1719502525395_3090373279_7566881_99458_10940_1_6_15";dur=1
cf-ray: 89a681bf6d146700-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 404 www_logo_sp.png
3kmfi6hp.lzh720.workers.dev/images/common/ 128 KB
128 KB 2842ms
2811ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3kmfi6hp.lzh720.workers.dev/images/common/www_logo_sp.png

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

d018cc492f648e100eff984cf0ef04076ea46d20ec942b2adf80f96dd8f96f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KbXQxUk3pWdW%2B%2BuB38JtYU3flQ9IQv%2FFN2A8e994NWq1dpMNhcssRlbPQHtvbKjMa%2BkwKsO6g7Tsb3Fv%2BXb%2FYC75H77MoxySdsfoPeb%2FU0XFYfP14QYT26GoAMwoJaJ9sHB1p677hRq88LFKBJ63%2B2t72EUaTH1LP2w%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 89a681bf6d156700-AMS
access-control-allow-headers: Origin, Content-Type, x-csrf-token, X-Auth-Token, Authorization, Accept,charset,boundary,Content-Length

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 1 KB
2 KB 173ms
49ms Image
image/png 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQbok0K2W-O3IPUOHsyn36hS-oY-y6E4rbRhYJH9UsCRu_WqLaQ&s

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84febdb2f9ce2c37079083f9d1567f574c651770916f60c9888887cecbd3626c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:14:01 GMT
x-content-type-options: nosniff
age: 30085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1449
x-xss-protection: 0
last-modified: Sun, 08 Sep 2019 22:43:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 27 Jun 2025 07:14:01 GMT

GET
H3 404 close.svg
3kmfi6hp.lzh720.workers.dev/images/common/ 48 B
48 B 9698ms
9683ms Image
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3kmfi6hp.lzh720.workers.dev/images/common/close.svg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e607555792be807e430bd1a6110690a94397b6f987ea0ac9611d829cec96fc14

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebBplWopNcXxFDL2nsNh%2BZV2TGR3kqSGyj9wcXunD1waMak%2FGZbMYQD4Tp9IkGxeIAlHZVgpxLzsYgvvixNlc7WroKwbu%2FC6RnqtpTvsHeOt6JnJFIu0SpLU43o3y1k8ZhpHP318PQORJYpCo5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 89a681c768790b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/l2h4cJ9BWok/ 43 KB
44 KB 228ms
62ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/l2h4cJ9BWok/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4f539e5666e490cc2b529df673ae5f3f696ef8f6564b85f8ca5e27a0ec0e8f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44133
x-xss-protection: 0
server: sffe
etag: "1718969231"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:28 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/2P7MFYy-43A/ 45 KB
46 KB 123ms
59ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/2P7MFYy-43A/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8731f6e9ec61d1bb9858d809464e44f128971f0073cf73fd7d09e7af0770c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46480
x-xss-protection: 0
server: sffe
etag: "1718357883"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/UvDIKJDTxhg/ 38 KB
38 KB 152ms
90ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UvDIKJDTxhg/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04445587d61da2bf9455f0327b45ad8911825b760c4e0ef16ed781e00b250f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39021
x-xss-protection: 0
server: sffe
etag: "1718184797"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/gQBf6jAtDik/ 43 KB
43 KB 222ms
172ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/gQBf6jAtDik/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab50889b114b00e73fe79a109ce36b0b04ffd828bb0617b36f8c708ac4d615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44406
x-xss-protection: 0
server: sffe
etag: "1717764232"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/I6CSnJP0Aps/ 13 KB
13 KB 229ms
180ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/I6CSnJP0Aps/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb10f439dc8699784959403bd4edbd7ead41f5fc521fa95e16ecfc6e1451ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13043
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/nC9OWGO113M/ 53 KB
53 KB 180ms
133ms Image
image/jpeg 2a00:1450:4001:80e::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nC9OWGO113M/hqdefault.jpg

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

684af44d9f04a21830ad3467ad63567af7b85dc77fd59788b70c13b308626d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53787
x-xss-protection: 0
server: sffe
etag: "1717149645"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 27 Jun 2024 17:35:35 GMT

GET
H2 200 sherpa_init1_08.min.js Show response
cdn0.agoda.net/images/sherpa/js/ 11 KB
3 KB 80ms
25ms Script
application/javascript 69.192.160.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-238.deploy.static.akamaitechnologies.com
Software: Akamai Resource Optimizer /
Resource Hash: c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
last-modified: Wed, 05 Jun 2024 04:26:47 GMT
server: Akamai Resource Optimizer
x-dc: SIN
etag: W/"5dada82a80c2d31:0"
x-cache-status: MISS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=520641
timing-allow-origin: *
content-length: 2896
expires: Wed, 03 Jul 2024 16:12:49 GMT

GET
H3 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 26ms
26ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 598148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ncez1b26cdk2q1fhwD2PMmcdSVStBldChyiFe0ExQHIp9ATlf6XOI4V6oLke2TYGyizE5TjdlpFP0mEkT%2FTeBGhXaGNvZ4huRnFacqr8CfGHlDsEbp2m7xuvbHbNYFDX4hPYDPZT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d369ff66d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 handlebars.min.js Show response
cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.0/ 78 KB
20 KB 24ms
24ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/handlebars.js/4.7.0/handlebars.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02efaeb27023f58a5c29e8bd23c53fe0fb46bbfbd844a2fbbb9327866c8a8dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 19840
last-modified: Mon, 04 May 2020 16:10:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e72-13880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jIW%2F7Iv7%2BdU1NKrLpo7ZnZbXv6TfDeTRd8papLJyV35FHOGRPd12J6kfl3ftiS%2B9GI5STt3W8Om%2BZQ7uo73xwT2d3m4tEBtvrsDHK0yNotLJTDHASIXTyY3FnXPXfXuAYbidGDS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d39a2a66d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 remodal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/remodal/1.1.0/ 8 KB
3 KB 36ms
36ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/remodal/1.1.0/remodal.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2277
last-modified: Mon, 04 May 2020 16:15:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fbf-1e7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6sSgpaHJyAz0EuzQaPdegdCOMBF%2F56RgR2YDH1RTFahS%2FVtQ2y0YbSfUsTi1SpnE8Z0nZfQ6GQ7wal4%2F6qPzOPghzfq%2FdJW0rVIXVwDMeZ6cvrZBTd5PHvTm5jdahsTGk0%2Ft%2FVh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d3da9a66d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 jquery.bxslider.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/ 23 KB
6 KB 29ms
29ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bxslider/4.2.12/jquery.bxslider.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1205315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5394
last-modified: Mon, 04 May 2020 16:09:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e1e-5bf7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96s6mZqCHBMWQCkbFj0DBmWW643OWkieVxeX4SnXvxCfzAld%2Fa5vietqsmu7jSmMHd2E92E%2FwfjIdp1EdjBz%2FtXMivIBBFS9KwqXcoO5qgm%2BtW1ae2G%2FswJt7jY3hLS6PhGo%2Fpv0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d41ad966d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 lightbox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.1/js/ 9 KB
3 KB 24ms
24ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lightbox2/2.11.1/js/lightbox.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad2b29586a7f8026ea07f23acc86dd7ed4f32132aaca9c1f0ae60d35d963792

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2919487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2503
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-2528"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n5QAdEtHSQxAkDaRTpS665S44IX5ZRsIyUe7chohKAheCFR8CL0JjtJ4GGBTrEkBSIQJEjrWy8rN0Lc6FdcmR2dym%2BFdyXg8SKMoeAStx6ijuaNBtEOkeCI4%2FKsf3KO%2BKqOUV7j4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d44b1b66d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/ 8 KB
4 KB 25ms
25ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/lazysizes.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1795952
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3150
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60641588-1ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TABDjs%2FF7GtEa15BZmMPJc6s%2B85BuBOhEs0%2FESeSaPyAtmDctGTmMtj8NkNpFR%2FGgwkCEGKO7l1rjyDum3EzZ0mMTII%2FTPpFI17b%2BBLMSd5kb3P2Gq972fVqKW3rI1PEO6O%2FdNp4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d47e01b8be-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 ls.unveilhooks.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ 2 KB
1 KB 24ms
24ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.3.2/plugins/unveilhooks/ls.unveilhooks.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1795250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 677
last-modified: Wed, 31 Mar 2021 06:24:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60641588-750"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XS%2FXA6RKdByjtNZe6t6ap7UaRrENc6lEB9c2kIXNOcPxxuD%2FJnanlK%2BqiZlJGB6zdJUDj3UZoNv68SIPM6EfWUCjKL%2BFcxyztXsCJozy3YQ5%2BvBJsmFQlOItDtJBX7MoCc1EivKu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d4ae33b8be-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 200 sprintf.js Show response
cdnjs.cloudflare.com/ajax/libs/sprintf/1.0.3/ 8 KB
2 KB 25ms
25ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sprintf/1.0.3/sprintf.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9904b0d448280bfdfcb0329bdac995883033597727404f9c058d051d9174b7c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8281132
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1741
last-modified: Mon, 04 May 2020 16:16:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fda-1fb0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yF8lc%2FPTia1JCMPUaE2Q4k%2BnCI2VnXRaP%2F5pBfllN5LH3o4oPZjXH7H0KtifyfvWb1VpD9BWHDT2y8q1YvihOPPJRonzJua2DEsP14r6R%2FxXKJ1yBN6Dizu5lIucfknfEdF7oCxB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681d4cb9666d6-AMS
expires: Tue, 17 Jun 2025 15:35:28 GMT

GET
H3 404 jquery.query-object.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 453ms
453ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/js/jquery.query-object.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:29 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 5f6_HTTP.404,5f6_PGSRP,5f6_404,5f6_URL.d7c98296ca20ff5ed623ad52fb35b78f,5f6_
alt-svc: h3=":443"; ma=86400
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DIcdL3NkC%2Fg63jZUnraMpCV0MzKRUNvujQ3FOg7rBsTFOpYzrGFHB1Z89DZ8o0uFl2Y0xNJNomt5Gl4ve8naMQxLxXbC%2FUiDvDdGn39a2ICJggsGmpnvIvvjoZfg%2BaLJ5sXCfW5eAsBieSoMLsU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 89a681d4fe3f0b5a-AMS
link: <https://candylife.tw/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 403 sweetalert.min.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 1174ms
1173ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/sweetalert.min.js
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:30 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLswdxhZU%2BuXEMXCtO33DHPf%2Byw%2B0SB9h1%2BCFa3Ct5I27z4PsbMOhhpT8LKBDvZ82yqY%2Br1Z7VV7G9L9vOnLRgwFwmRGsgKiNahWp0ooUQS2K9AXcgryzNNd8apiiGLINVrGG4i77qjaZYm2etY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 89a681d7c9560b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery.calendar.js Show response
3kmfi6hp.lzh720.workers.dev/js/ 42 KB
8 KB 821ms
820ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/js/jquery.calendar.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5da4467e1a2b3338708849d1de1bd59866653b905d6e243d0c8045653923c5cc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:31 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
content-security-policy: default-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: origin
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCQL1%2BEqRU5W180xI5KMueYG288O4gMCNfXVRDOu7KxlQDTVpiw%2B4l6zq6Z6HoUOapb8njUu0E7JUWDKfejpHjdiBskXi9kBRPIVn4ogGZHjMHuee3jj1ObqC%2FNe2UexgaSEoA6eqPMplonAykI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private
cf-ray: 89a681df29560b5a-AMS
expires: 1 days

GET
H3 404 letsgojp.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 9586ms
9586ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/letsgojp.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=feTsQhZc4WkQQbT5vMTS8gpENpfXWt2E4TCK3h6sQ6lU6ccLTjGiM%2FCK7PdO3Adm6cdUSk%2FtGb1ibrR2TGCiD6be3fbcAXKU0gUHoJe8v%2Bs0aqQpfOnP%2FEK4%2BwkGe9IAMnUCsLlCljKSDofp3lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 89a681e44f130b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 403 init.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 718ms
711ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/init.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: RULE
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IyqdQLUp1%2Fh%2FSRYeQuF2JPgCUo6Yp5FdVycyLCZOfmkQ%2BQrPJCgtPAaBdZEYQHKjXOq6BApfr2%2F4dx4o%2Bc4Qozd5Xuk8OGlVq7mU1ZQ%2FB2rYef7x6dZWvD0DMdrvAXI1%2FpVKZr6WtUb7%2BgLA4qw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 89a681fbb9820b5a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10
x-request-id: 8f19181619c4ad006c625f9423455ac9

GET
H3 404 191216.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 1064ms
1040ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/191216.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:36 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLKjn9PTW5%2FtIUTBHMtuxkMX0ix3CHu44418TqljaUviUZ8RlEE9soWcQyoAPxHePt4wkNw1Nein3Hz557BY82duRONKAoKnn7NpBttGj%2BP%2FHnoYCqE9AWeJBte0AXoNtKLlfo%2F4hXrcL6Uz9Rs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 89a681fbd9c00b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 common.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 962ms
918ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/js/common.js?240627

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=faBbmOwgkVxwOdFP03JN7HJGV6nS87epET4LwQTMllGMPU7mEq2tqAXrScTCcLnyxhGmgY4lDELkmnfEMZS1HkJCTxFpqGkjuxLWep%2Fl84VpqK%2BKJhVrK5%2Fo1z2V1q69uB%2Bxpv%2FVv3HsUiiKDjM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
cf-ray: 89a681fbf9e10b5a-AMS
access-control-allow-headers: Origin, Content-Type, x-csrf-token, X-Auth-Token, Authorization, Accept,charset,boundary,Content-Length

GET
H3 403 category.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 2226ms
2176ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/category.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xvzXbAZJ47UmeZrmJWBsj%2F7jKHE6E%2FDC6UGrXUof55hiXpOiICzWtvTBWGQxC%2BAy2nA5XCkgA%2FPCizR7tK5%2FLg9Xc1T9%2FZUC3L7mK87X0kPdpDq89yHzEbC7nr01%2BPd7MpG7E%2FmkHaCKbr%2BtFD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 89a681fc09ed0b5a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 39

GET
H3 403 post.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 245ms
193ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/js/post.js?240627

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9m%2FcxLwIjhlETI2Wor4sHWGZa8Uzur1YAtzqWql6b6qUBBnxuusDAj79%2FlkUmMvQN95spNKZMMLBgls85iCliwr5MesKeJH1WRqYJSRPfU5YF5f6kb64Vk4EekIsmSgf9jXwVIv1eseR305Ed1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719502535067_3090373303_8263871_29_8284_1_7_15";dur=1
cf-ray: 89a681fc09f10b5a-AMS
alt-svc: h3=":443"; ma=86400
mime-version: 1.0
expires: Thu, 27 Jun 2024 15:35:35 GMT

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@11/ 147 KB
39 KB 94ms
25ms Script
application/javascript 2606:4700::6812:bb1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@11/swiper-bundle.min.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bb1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7878
x-jsd-version: 11.1.4
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 39386
x-served-by: cache-fra-etou8220075-FRA, cache-lga21924-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"24baf-SvYRfRJkVC7ONCBpuA5fO4KwFAk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I192h303EcpatBc6yVlpeoWbIbmaPrYgQwlRWVFBoNTqveK8B5YahLGeIccLXA7vAAJKDieokVcs8Hvk9ho3EWE1nVoIUC7faiOe%2FizXSt86ZeDxmGeAg4QP6h575f%2BoI0RuvxwSmP%2BfZqYN4Gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681fc1e1f6684-AMS

GET
H3 403 home.js
3kmfi6hp.lzh720.workers.dev/js/www/ 0
0 424ms
369ms Script
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/www/home.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: gzip
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLdysaZIpi7KVQEooEvdyvzre5SJMR91DmI7UoKMaw6NIjKnpTqym5n%2Fc2yzEFlohXGjFLd2bX9JNAbmm0rUXAlViQ0IS1DPMaHNkguZHGlG7Az5IvIQgbPrGd%2FK0FDM1Y2COqm8EgW086O%2B8Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
cf-ray: 89a681fc1a050b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 home.js
3kmfi6hp.lzh720.workers.dev/js/ 0
0 2151ms
2096ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://3kmfi6hp.lzh720.workers.dev/js/home.js?240627
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:37 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Next.js
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wlw47i24%2F9eyVnb7kTD4CUKlvWMhDhvfeF770AFkkvBTmnMEhkpfYU8ZQ4HYXR22te0EQ3xQhyDEABaAZL35hBeFOe9CQQnmdLOhoEzAnRLwNHiK1D3q0etAxVEcl4pI8Gnrd5SWNyhl%2BeSt2pM%3D"}],"group":"cf-nel","max_age":604800}
content-language: zh
content-type: text/html; charset=utf-8
cf-ray: 89a681fc1a060b5a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 home.js
3kmfi6hp.lzh720.workers.dev/js/travelguide/ 0
0 562ms
507ms Script
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/js/travelguide/home.js?240627

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDfAN4Xwq8z4k5G64Mt9NRLX2aG0jFdEZtEdB56Yb6LTdAYogPetgeYHQH9M8U%2FW3Ni2VGo92o63%2FvB7wTqf2URZ5QJESSg1x4jxtvTTLWGJ7VEiIZba9CiCs5o8ISB64W4imiC40BYoAPcunQg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 89a681fc1a070b5a-AMS
link: <https://cotton.pink/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
52 KB 149ms
88ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873959640692295

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

cceffdeed5dab9faf19c77b7f32a68eb0ec62120a822a31facf40a237a92f549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52702
x-xss-protection: 0
server: cafe
etag: 14259751003568211741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 27 Jun 2024 15:35:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 261 KB
92 KB 284ms
56ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K9JJB45

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28dd23a0060ca1b7780868a4fe1b192c0ffe28fc2a0cefb9e88adfb937d6ee44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94282
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Jun 2024 15:35:35 GMT

GET
H/1.1 200
OK uh.js Show response
uh.nakanohito.jp/uhj2/ 32 KB
11 KB 1121ms
261ms Script
application/javascript 203.114.55.134
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://uh.nakanohito.jp/uhj2/uh.js
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 203.114.55.134 Shinjuku, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS: 203x114x55x134.ap203.ftth.arteria-hikari.net
Software: nginx /
Resource Hash: 402070c3de712beee07622762669e4c6aa00d7ac8ba6e83d477e3e39a0b42444

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 27 Jun 2024 15:35:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 May 2024 06:24:50 GMT
Server: nginx
ETag: W/"66596d32-7e3b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=10800
Connection: close
Cache_Control: public
Expires: Thu, 27 Jun 2024 18:35:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 182ms
0ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1e80623b01a72e8e7fda7bd768c6542f65f58f9667fbe8efe0c688084f6cd907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 15:35:35 GMT
content-md5: UomVHrNt+JrrntTtbJdAlA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1297, tbw=2808, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug: hUFjSohxjdAOUABZOZgEHw4ATmvgkm/n3rHIZI55kdnh9+mvUY6nhnSk/Du4pEDzdABTuDd2S0eeAJNQvscqUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: d71a43db4c34d7902d45eee9d8edf21f
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "96071cac84b262fbfdfe06e3a026e5bf"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 27 Jun 2024 15:52:04 GMT

GET
H/1.1 200
OK SimpleSearchWidget
sherpa.agoda.com/SherpaRender/ Frame 9AD0 0
0 106ms
32ms Document
text/html 103.200.108.61
AGODA-TH-AS-AP Th...

General

Check archive.org

Show headers Download Go to

Full URL

https://sherpa.agoda.com/SherpaRender/SimpleSearchWidget?&ReferenceKey=TPrOdgqaWJh%2FJLKdpC%2B4sA%3D%3D&Language=zh-tw&Hg=339px&Wd=256px&OverideConf=false&Layout=SquareCalendar&MobOptimized=true&Ver=1.04&crt=5983839665493&Cid=1921616

Requested by

Host: cdn0.agoda.net
URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-expose-headers: ag-correlation-id
ag-correlation-id: 7ebff92b-1416-4c49-87f3-ce4370f8b62d 7ebff92b-1416-4c49-87f3-ce4370f8b62d
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 27 Jun 2024 15:35:34 GMT
strict-transport-security: max-age=2592000
transfer-encoding: chunked
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-address: mesh-7c96b4d968-pnt24
x-envoy-upstream-service-time: 13

GET
H2 200 desserttart24cheese01-860x581.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 106 KB
107 KB 128ms
26ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/desserttart24cheese01-860x581.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eafb5c0d2bb96551fb8c78c697fcbd09a6c61d71cc312e37f33fdc671792b8af

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WqwLq0I_pvzzKWP8rkNiEVOKBxel1H0m
date: Thu, 27 Jun 2024 09:33:37 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 11:29:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 21719
x-amz-server-side-encryption: AES256
etag: "13fad3d378b7e1bdfc84d257a66df118"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 108562
x-amz-cf-id: hmVfB8u1st9tb80_LKiqU5IsS1zP_PtZXlM_l_KgimWhC-la5_oH8Q==

GET
H2 200 torii01-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 104 KB
104 KB 206ms
105ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/torii01-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d774fd412720f96f9b10bfbc6f8a624b0817830f08e76a233b2c9c486f400183

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 8aHAZrNOiq2_cB9Ya7xp09AMi8rqUddY
date: Thu, 27 Jun 2024 14:42:01 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Jun 2024 06:02:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 3215
x-amz-server-side-encryption: AES256
etag: "36c05a5c4f7ced825406e07f08f06402"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 106108
x-amz-cf-id: c_NgVgf_Evwwh92B8UtqXSL2PZcFeAWrghyDN_KHMZi6sKN-5rhsOQ==

GET
H2 200 fubaya1-860x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 76 KB
77 KB 282ms
189ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/fubaya1-860x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 319d14473c98d0ec6ba24e556637b0fcdb329f12fe9e8b667031b818a576795e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 1iXuA25ynUJjtt_Up7sPLyXq.tb6Ozdk
date: Wed, 26 Jun 2024 22:52:42 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Sun, 23 Jun 2024 12:16:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 60174
x-amz-server-side-encryption: AES256
etag: "9aa8c9ef88dafd4e71aa7e73fa4ce5b8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 78230
x-amz-cf-id: sbroBAuwMEm6V1izS1A86FjAglinXOSncC923z5Uk8T5daER6qY7UA==

GET
H2 200 masyotakuhai24gcmc01-1271x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 230 KB
230 KB 198ms
106ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/masyotakuhai24gcmc01-1271x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2ac2274a9830ef3b470492b7ab002a56d4c47b107845bba5d6c9ec2d791e54b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: d5E4qR8tResMmyMqE3a6rNFyrHZZ_iV5
date: Thu, 27 Jun 2024 13:17:30 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jun 2024 08:12:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 8286
x-amz-server-side-encryption: AES256
etag: "a4c98067f29246b50f68bf9f8dd3f592"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 235040
x-amz-cf-id: l-ochDk6WuzuaDxiqQhN5P9THJfe64QukZ1QthpUH4tR6NDQ0a6flA==

GET
H2 200 connan24test01-952x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 104 KB
104 KB 197ms
106ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/connan24test01-952x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f96828b10a018bdae320de3f171def7f275b54c51e9ef6228449f75c0b10c3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wYs2lQozTuwqjSSTfLWZTelfwP1Ug7WX
date: Thu, 27 Jun 2024 03:05:36 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2024 23:42:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 45000
x-amz-server-side-encryption: AES256
etag: "1398c37bb8abaad9d52ea89c6175d091"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 106346
x-amz-cf-id: hxiYT0EItsuNTAGz4x0VHNSgJQNa1nasbqgcSuFO5AzpVsPSDMBNCg==

GET
H2 200 buzzlightyearsastroblastersl01-888x500-888x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 170 KB
170 KB 183ms
96ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/buzzlightyearsastroblastersl01-888x500-888x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eab062479f26cf6048dd38d41397a872ff22e8add5dd86f1f4b3df40cb41c94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 11:03:21 GMT
x-amz-version-id: Ov7vrr9DSV1xOEXyfetXu.VAULO9dVR8
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jun 2024 10:24:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 16335
etag: "33ac6cc3e3195a9f1a77534829f92fe3"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 173796
x-amz-cf-id: PV0o8-M3f028ILjG5bjD_cohXEvh79rCEGXmsJ-biHkbmLPaHbiRCQ==

GET
H2 200 gltocbuspg01-255x170.jpg
d1grca2t3zpuug.cloudfront.net/2023/11/ 17 KB
17 KB 180ms
95ms Image
image/jpeg 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2023/11/gltocbuspg01-255x170.jpg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2d4f2831372c19927f2f612fba669cc50709707a85b686841c50a92a1989709

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: uXyjRvRd8dKSjTSyRaR5em8cyr7FiDWo
date: Thu, 27 Jun 2024 14:06:10 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Thu, 09 Nov 2023 05:40:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 5365
x-amz-server-side-encryption: AES256
etag: "01161a987329cb14be45de94c36233dc"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 17229
x-amz-cf-id: -KkD0KMMoEcHZKIl3OmMyCmN5duchPPb1yJFqZU_QmnRlEPSX0BCWQ==

GET
H2 200 202406fireworks_02-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 189 KB
189 KB 181ms
97ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/202406fireworks_02-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52fc54f6f0e38e4e1d967644428583dd4d46bb86684bc5ce9255e525a5753658

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:53:12 GMT
x-amz-version-id: 3vWOFWOOU97k5rIJw81USSET0kDGualJ
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Thu, 13 Jun 2024 05:15:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 45744
etag: "e3998791ec6f0d9c0933df5cbb650330"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 193052
x-amz-cf-id: ow58FTWfpOyOZ8ovpylg_smRSyy_AHnGce2YHu8VnjUAGB1vFsxNiA==

GET
H2 200 1gundamnextfuturepv03-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 67 KB
67 KB 202ms
118ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/1gundamnextfuturepv03-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ad27760f1009442350c0eb3608071039ccddd1666981f3d063a46c0bbc8789f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: YBrdmNDx1_Q8O9.oiZvA0P61JicLAkuR
date: Thu, 27 Jun 2024 10:14:28 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 06:57:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 19268
x-amz-server-side-encryption: AES256
etag: "5c468907f3c79279a79fc14316ce7fda"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 68472
x-amz-cf-id: w2UgLEf05mn7tG3tRYVCNC4dN6RX5NfZS8s1j9MdPuhUMVOvoDalSg==

GET
H2 200 1dragonquest24yokohama02-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 116 KB
117 KB 203ms
119ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/1dragonquest24yokohama02-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 26186c970700f8b9f6abc3c2f754549330d81f97ee303a8520f2ef9e4a15eea1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ZYBN95c2ixqGwl4_S3lgqpIn5_YXl4H3
date: Thu, 27 Jun 2024 08:31:19 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 10:06:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 25457
x-amz-server-side-encryption: AES256
etag: "cd9cb57725e17c96a5469728a2a19cf8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 118762
x-amz-cf-id: V55KLyFj7TR5mIxUGqlO45piPrCZNOxu6ToovpEW3ny7ymlRgplizw==

GET
H2 200 princehotelhalloween01-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 115 KB
115 KB 206ms
122ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/princehotelhalloween01-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31e7f11ed08f459ea61df454caf8b29620ac7e85b79e5ffdae97507da29d3a8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GfjEVIaaHqxUNsI.ovjsVNcgjgso0Z0O
date: Thu, 27 Jun 2024 10:17:23 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Sat, 22 Jun 2024 06:30:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 19093
x-amz-server-side-encryption: AES256
etag: "5a3bb3b92b25a128c776d04e74a518d0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 117260
x-amz-cf-id: chj6Voncf21k4seOnZze6pI0m55ef_8YPzBlXJumrsu5v97pM9Juvg==

GET
H2 200 1955tokyobayoshinohc01-255x170.jpg
d1grca2t3zpuug.cloudfront.net/2024/01/ 15 KB
15 KB 222ms
138ms Image
image/jpeg 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/01/1955tokyobayoshinohc01-255x170.jpg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ce85289ef4edfbc4670ef307cbb02f203cadb70db45d86e9945543d9536d8be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wGN_QWPho322RJ55VSChoTp5ICuZUbP.
date: Wed, 26 Jun 2024 23:46:34 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 02:59:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 56942
x-amz-server-side-encryption: AES256
etag: "19cb767b607e5d0ad18a946ab6d933a3"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 15384
x-amz-cf-id: K152XyC5KfDv0wq8tZazMgFkSrAg0NdUbvzdbz1W5TgGpTOzkUKFBA==

GET
H2 200 s_D8-870x506.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 118 KB
118 KB 235ms
153ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/s_D8-870x506.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fafb0164bac94bb7f4b72506ea3e052909cd8bc973bda02cc6bc6b42ba9eb996

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4Vr86ZtpcN1s87evvGjCVBD8D8Zl.S2K
date: Thu, 27 Jun 2024 12:53:38 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 08:45:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 9718
x-amz-server-side-encryption: AES256
etag: "4a3f2dd9562e9cd6e347f1d1165a4786"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 120382
x-amz-cf-id: STV8tBI_H_oZXoN2upCBy_jreGhDV0izynZxIxzD1QSkxXYkW-vovQ==

GET
H2 200 hdmain-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 150 KB
151 KB 219ms
137ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/hdmain-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d03a3cbf4e29f71da02c4ed1865b9887291f4e51785dcd6dd509b464a9ca87

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GPvfaQRtlqpQExijVt3BsuqN9aoS2g7q
date: Thu, 27 Jun 2024 10:41:30 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jun 2024 05:44:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17646
x-amz-server-side-encryption: AES256
etag: "f71f24ed30e7d8dc91fca69ea531e61d"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 153830
x-amz-cf-id: mJ32vdAIb0HqaBvrtC3TQWVPg3tnxlSCUgrifj_zQ90hUYEyhEJzmg==

GET
H2 200 twxex1-870x506.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 72 KB
72 KB 206ms
124ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/twxex1-870x506.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab29087a2a33b289dba5f3918d9c0c5613db055a0eb76835f5f0311dca275612

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 2SwegEx5oLFo8kT1oXSCr1U8MHos4k39
date: Thu, 27 Jun 2024 04:01:07 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Thu, 20 Jun 2024 10:26:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 41669
x-amz-server-side-encryption: AES256
etag: "959d9a57a9f36039ce5b1a45e7ef98e9"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 73492
x-amz-cf-id: M-Fw8nPn5KNnWaVYEkFK5bH8H2a_Nikhon4Nq5YFYVAr2WU-pym2wQ==

GET
H2 200 MAIN1-255x170.jpg
d1grca2t3zpuug.cloudfront.net/2023/12/ 16 KB
16 KB 203ms
121ms Image
image/jpeg 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2023/12/MAIN1-255x170.jpg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dabb278a0795149322bb265525f7057e821a0899534ec9fce70304eb8d11e2ae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:59:23 GMT
x-amz-version-id: W2C3Fb9yLkNUtU06_kP1lcXvzn3q__cL
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Dec 2023 12:11:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 27373
etag: "3978e607e39187af74a3ba831f4ea0d6"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 16387
x-amz-cf-id: BOpfrJZPzNtuUShgSdy-nvpN73f5m0csSQnqUPItjBfk_kDOM2WxHA==

GET
H2 200 aeonma1-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 93 KB
94 KB 220ms
138ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/aeonma1-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0693f01b98168a47583ce9fa04c172d17800970d683d573b1293421b6a78dd7e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: VtgFslVCfepTgVXx2NI1RpGw1Ph0sAWN
date: Thu, 27 Jun 2024 03:12:02 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Sat, 01 Jun 2024 11:02:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 44688
x-amz-server-side-encryption: AES256
etag: "d6d6ac26a83a9934069208f12324a5cd"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 95242
x-amz-cf-id: fFlzzX1ojwJkDF24zkY4zB-Iivr7jdYN9QZTpUy0GlYsBmP3tgY8jQ==

GET
H2 200 aeontop2new-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 96 KB
96 KB 270ms
189ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/aeontop2new-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 551f602e45ed17931c4876b6171a213e5ac88015972c3e27c786026c746295fd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: SBM2P0_EWUQgZb4EbrkNw34sZjKR..Kt
date: Thu, 27 Jun 2024 03:12:02 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Sat, 01 Jun 2024 11:32:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 44688
x-amz-server-side-encryption: AES256
etag: "843a88e980a9cb44cb80595938aa91f4"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 98062
x-amz-cf-id: M_Ko0elqoWcp-UW9VHlyZbZfmLFLRwIW_dS2VAuR8C4WnuXxjtRNbQ==

GET
H2 200 sunshine_cafe-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/04/ 189 KB
189 KB 271ms
189ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/04/sunshine_cafe-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 61817ec52c0fcdb2b51599cd5a21bec5c098dfc3f421180cc8ba82a4713ee660

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: qZ6D62vtCl5wwwwJI3E9eeoisbICohEd
date: Thu, 27 Jun 2024 01:55:31 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Mon, 29 Apr 2024 08:24:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 50655
x-amz-server-side-encryption: AES256
etag: "0df4cdff4911d45546e811251419e547"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 193170
x-amz-cf-id: eq7LKFtmdrs9-LUCdRjHxOil52tB33OcyQrbhwJQkFuAOrdmOmhkkg==

GET
H2 200 hamikakicoverr-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 57 KB
57 KB 271ms
190ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/hamikakicoverr-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2183e8b22437d03eac71559cdcc071cdf2a060caf23cd98c6b8c996112dd1a24

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wKWtbX6HqP.ZlL3bbAeLfzPL.Y9rjgZN
date: Thu, 27 Jun 2024 06:50:17 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 06:30:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 31519
x-amz-server-side-encryption: AES256
etag: "348c269ed409662b575509a7af502b2a"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 58092
x-amz-cf-id: U1TTo_v132vLR32XTL3artwbymq90nyaEmr2d5WURKo2hyEryztSVg==

GET
H2 200 appdl-pc-tc-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/06/ 62 KB
63 KB 324ms
243ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/06/appdl-pc-tc-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a85a58d1da5cd345d0bde1ddf4454238cb94c4d292d7a372d2904b2c39029943

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fmX_YENLZshj5XjV_7rv8DFXi36Ja9jw
date: Thu, 27 Jun 2024 08:23:19 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 11 Jun 2024 05:52:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 25937
x-amz-server-side-encryption: AES256
etag: "4e855ee46af30b29c8bc1cbce34a3be2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 63838
x-amz-cf-id: 5SQPt1Loo1VmyyBSXL2vZggoxnMvMbP8orC6DqdkQJUGZR_wv8a4qw==

GET
H2 200 aeonmallyamatokooriyamac34-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/05/ 98 KB
98 KB 324ms
243ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/05/aeonmallyamatokooriyamac34-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7847a3121a4275db8cc003c4cd23d5b74b35edde3a67782f104b9987f59bdf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: yj9ZKsyBhNhxMkf2zckku9d9GQVwyLmL
date: Thu, 27 Jun 2024 08:40:05 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 30 Apr 2024 23:14:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 24931
x-amz-server-side-encryption: AES256
etag: "4a17d28511561dd80db7038b19a40f50"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 100222
x-amz-cf-id: vDYh1kAF7LSdKwxV0PS6EpuGlwqS8nNNqXoCt1Ws49YCy7ydfzfmhw==

GET
H2 200 plane-870x500.webp
d1grca2t3zpuug.cloudfront.net/2024/05/ 33 KB
33 KB 326ms
246ms Image
image/webp 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2024/05/plane-870x500.webp
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a07eb5743b19d8dbac30b35ad6b527a1b773e0ff9982eb507f3cdd871e8a55c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: wIr9B_1qNwgzFkQ0y7nuTuQEiE7th91a
date: Thu, 27 Jun 2024 02:43:22 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2024 02:46:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 47258
x-amz-server-side-encryption: AES256
etag: "fb033ea7a548c7695af3d7e36e63ef65"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 33434
x-amz-cf-id: QlZSPSgkQOTRntYQiKJQl5iBseQWN94RXiTExgq4-o6_nq53h203SA==

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/ 110 KB
111 KB 64ms
42ms Font
font/woff2 104.18.187.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.187.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.9.1/font/bootstrap-icons.css
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4501117
x-jsd-version: 1.9.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 112440
x-served-by: cache-fra-eddf8230095-FRA, cache-lga21920-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"1b738-OihLBhh3Hynajra+kA6ZQ5JT3OA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wr%2F%2BOTfRrDZfnhCS3QqtrMCfrs8WGJdqd3g%2Bx8fgDZY9HiojzvKfvbayB1V69JCSg2SMMUAe7J0mYIpGf6MvuD68UzP4n5Vba0CCXF70%2FnFHuPM6zq5Lmdbr%2FpN4cqBIpY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a681fe98b56706-AMS

GET
H2 200 cl_tsb_202309tcvb021rewsize.jpg
d1grca2t3zpuug.cloudfront.net/2023/10/ 99 KB
100 KB 540ms
524ms Image
image/jpeg 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2023/10/cl_tsb_202309tcvb021rewsize.jpg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9aa3f8237b513bfd811bb98ed7f75cd2072a19d5bdcb3d956021ebb00831b4cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .73QrLm3EfE322GPKOIYjLznKKhLHwqf
date: Thu, 27 Jun 2024 03:01:38 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Wed, 25 Oct 2023 07:05:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 45238
x-amz-server-side-encryption: AES256
etag: "dfb723f359344cd2adb4d98b6f786d49"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 101791
x-amz-cf-id: kODU0Fx9V9t-W_gdj_PkOX1CwqIk4Vxi-G3tMXAhel3l2yx3EfO0XQ==

GET
H2 200 co_tsb_202005disney.jpg
d1grca2t3zpuug.cloudfront.net/2020/05/ 240 KB
240 KB 542ms
526ms Image
image/jpeg 18.66.137.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1grca2t3zpuug.cloudfront.net/2020/05/co_tsb_202005disney.jpg
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.137.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-137-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71a5ef00ccd215ca83504b0455f3c392153e2aed522f87d1f0a1f707bb404b50

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: WfLiaiEV5kX2HB2izUAMuFHyTZutlnxM
date: Thu, 27 Jun 2024 15:04:44 GMT
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Sep 2021 08:43:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1851
etag: "e778d8d91d8fedd25322400a5685a7e8"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=3600
accept-ranges: bytes
content-length: 245538
x-amz-cf-id: R2pab0cRdHsVhYXoYh0bwHVgjAevlEmeL7AgzMl2pXmPYYR7qrPD_w==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 299 KB
86 KB 185ms
23ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fc532938bf7c2811ba0d79629de4ddaa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

5fc3b1a0ab956b6b11194fa58ac379cfbab2339c0312e724399ced13e6708bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Origin: https://3kmfi6hp.lzh720.workers.dev
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jun 2024 15:35:35 GMT
content-md5: aYAICsjgWo5kVLyPjoVigQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87599
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=4, c=4, mss=1232, tbw=9371, tp=15, tpl=4, uplat=0, ullat=-1
x-fb-debug: rDSN2/jZ64nWzahIfDuSpyDk34fhy1bl0bwAfWY2N+wCY/af75wESb8cjJqndihnKaQ1aTPFP1q6N1IrZ4pifA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 34e896e4b953e0e0bb952c7bc8e2c876
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "ccc057a49eaa4ed7bdb6818b32efe1ac"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jun 2025 12:06:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 335 KB
109 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-28NXCDBGGK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9JJB45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11f1f623d2b3dbda5d54a245701c679e91aa64c2481ea3933a00113f056f8a77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111510
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 15:35:35 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 221 KB
58 KB 33ms
27ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Jun 2024 15:35:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58251
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=28, rtx=0, c=21, mss=1297, tbw=6638, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: CNkBjl0uFWgapcmwPipjqlDEBNodUq0DeolmGAtM7nONkMvKdIuj1eKreaDJ0ST9/HXPW/OA9KQkIPPmg2QcaQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 kgxhpn7ck2 Show response
www.clarity.ms/tag/ 637 B
1003 B 392ms
108ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/kgxhpn7ck2?ref=gtm2
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 38501a13cb34ecc55e85bfdd1513a1d518a95450e7bb06fc2859e9e7fdff1821

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Thu, 27 Jun 2024 15:35:35 GMT
x-azure-ref: 20240627T153535Z-178b74c5885b9lrgwv3rp8qzag000000043000000000g5s2
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
106 KB 65ms
63ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-64GCEN52K6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9JJB45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c4e1e1b1bf8946931a493dff85eab08f5076c1350637d532709b0f5700561e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108593
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 27 Jun 2024 15:35:35 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 110ms
0ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-64GCEN52K6&gtm=45je46q0v9104208013za200zb79215829&_p=1719502534981&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1806653053.1719502536&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719502535&sct=1&seg=0&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&dt=%E5%85%A8%E5%9C%8B%20%7C%20%E6%A8%82%E5%90%83%E8%B3%BC%EF%BC%81%E6%97%A5%E6%9C%AC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=12116&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64GCEN52K6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3kmfi6hp.lzh720.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
264 B 137ms
25ms Ping
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-64GCEN52K6&cid=1806653053.1719502536&gtm=45je46q0v9104208013za200zb79215829&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-64GCEN52K6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3kmfi6hp.lzh720.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
409 B 249ms
86ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-64GCEN52K6&cid=1806653053.1719502536&gtm=45je46q0v9104208013za200zb79215829&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2106444416

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 655193631862529 Show response
connect.facebook.net/signals/config/ 58 KB
12 KB 189ms
188ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/655193631862529?v=2.9.159&r=stable&domain=3kmfi6hp.lzh720.workers.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

4769e2c01bd23a87bfaf9f5ffcabf3c4a91a7c594d4669cc8dac96b9b3637d4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Jun 2024 15:35:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=26, rtx=0, c=23, mss=1232, tbw=4333, tp=9, tpl=0, uplat=161, ullat=0
pragma: public
x-fb-debug: emnKebpR3ayEXpsI+GIalNLmpNbpEg9Yo/zaAK7DzQd0TwT0WfbMbLAg4/lRzvcIGGo0kC7lJfzkw+YtIply0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-28NXCDBGGK&gtm=45je46q0v884099413z879215829za200zb79215829&_p=1719502534981&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1806653053.1719502536&dbk=12556298133447928708&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v884099413z879215829za...

0
0

77ms
63ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1806653053.1719502536&dbk=12556298133447928708&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v884099413z879215829za200zb79215829&npa=1&tid=G-28NXCDBGGK&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%3F
Requested by: Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0xb4b0d59fc719e763","source_keys":["1"]},{"key_piece":"0xd25f11caabb95575","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"12556298133447928708","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["784237065"],"5":["06-27","06-26","06-25"]}}
date: Thu, 27 Jun 2024 15:35:36 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:36 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1806653053.1719502536&dbk=12556298133447928708&dma=1&dma_cps=sypham&en=page_view&gtm=45je46q0v884099413z879215829za200zb79215829&npa=1&tid=G-28NXCDBGGK&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 514
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
46 B 29ms
27ms Ping
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-28NXCDBGGK&cid=1806653053.1719502536&gtm=45je46q0v884099413z879215829za200zb79215829&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-28NXCDBGGK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://3kmfi6hp.lzh720.workers.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 87ms
85ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-28NXCDBGGK&cid=1806653053.1719502536&gtm=45je46q0v884099413z879215829za200zb79215829&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=612683526

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 73ms
71ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kgxhpn7ck2?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:36 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240627T153536Z-178b74c5885b9lrgwv3rp8qzag000000043000000000g5tm
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: b2eca4f8-601e-0050-4227-c6ec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 255836075068216 Show response
connect.facebook.net/signals/config/ 30 KB
5 KB 210ms
209ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/255836075068216?v=2.9.159&r=stable&domain=3kmfi6hp.lzh720.workers.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C39%2C33%2C134%2C14%2C48%2C180%2C179%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C119%2C219%2C154%2C111%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

12a88002510ea6938da70a7ee73f45dfcc3ee48791c3b9bfa8564c6df3f441fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Jun 2024 15:35:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=35, mss=1232, tbw=19357, tp=24, tpl=0, uplat=183, ullat=0
pragma: public
x-fb-debug: h+JUprKd6FVPF2a3Hh3eddwBg63i41E0UlFAWZZZfKHjY5ZpiKnN3a8H0d30Yjv4/13DOn0AIxwzs0sS2x7lgQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 73ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=655193631862529&ev=PageView&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&rl=&if=false&ts=1719502536212&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719502536210.91943237393040153&ler=empty&cdl=API_unavailable&it=1719502535964&coo=false&tm=1&rqm=GET

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1297, tbw=2814, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Jun 2024 15:35:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 242ms
192ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=655193631862529&ev=PageView&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&rl=&if=false&ts=1719502536212&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719502536210.91943237393040153&ler=empty&cdl=API_unavailable&it=1719502535964&coo=false&tm=1&rqm=FGET

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xbd39ab7b9e686e17","source_keys":["1","2"]},{"key_piece":"0xd19e6279a36558ad","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 27 Jun 2024 15:35:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385207159399585204", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=3133, tp=-1, tpl=-1, uplat=169, ullat=0
pragma: no-cache
x-fb-debug: wtlLSTw/5RL9Haprukn9cuWO7OVhaUjZ0dLvtrl/KH+uwveyDtIYkZv2Y6vur8K9Qs0yUmZktkcC/BBOd/Nk5Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385207159399585204"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 314ms
111ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://3kmfi6hp.lzh720.workers.dev
Date: Thu, 27 Jun 2024 15:35:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 23ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=255836075068216&ev=PageView&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&rl=&if=false&ts=1719502536455&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719502536210.91943237393040153&ler=empty&cdl=API_unavailable&cs_est=true&it=1719502535964&coo=false&tm=1&rqm=GET

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=6366, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Jun 2024 15:35:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 60ms
60ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=255836075068216&ev=PageView&dl=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&rl=&if=false&ts=1719502536455&sw=1600&sh=1200&v=2.9.159&r=stable&ec=0&o=4126&fbp=fb.2.1719502536210.91943237393040153&ler=empty&cdl=API_unavailable&cs_est=true&it=1719502535964&coo=false&tm=1&rqm=FGET

Requested by

Host: 3kmfi6hp.lzh720.workers.dev
URL: https://3kmfi6hp.lzh720.workers.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x382e552cdcc0536c","source_keys":["1","2"]},{"key_piece":"0x78526de94508b73a","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 27 Jun 2024 15:35:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7385207158884946599", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=12, mss=1297, tbw=6547, tp=-1, tpl=-1, uplat=37, ullat=0
pragma: no-cache
x-fb-debug: mfukKUe/0juyGuDZNSHure0ne+risWnb7hipiK3GTbbZ4J04Uhi4qHKYWX6IpxV3T6uYW+Hou/voWwc7eXLcWA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7385207158884946599"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 366ms
238ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://3kmfi6hp.lzh720.workers.dev
Date: Thu, 27 Jun 2024 15:35:36 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ 93 KB
32 KB 114ms
64ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873959640692295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

781ccf7d768994ff64892da3a2ff26e30915d53c0e1ce97256b5e67112b66604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33226
x-xss-protection: 0
server: cafe
etag: 16477052120701245086
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 27 Jun 2024 15:35:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/ 425 KB
143 KB 143ms
94ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5873959640692295&plah=3kmfi6hp.lzh720.workers.dev&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873959640692295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f10b7cf0314c1df6ebf546743f8dd9bddb6157efedb7b8f747c9ed2ca9b57ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146821
x-xss-protection: 0
server: cafe
etag: 678665288502307174
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 27 Jun 2024 15:35:40 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 174ms
174ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5873959640692295
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/ Frame A4DA 0
0 150ms
52ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/html/r20240618/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5873959640692295&plah=3kmfi6hp.lzh720.workers.dev&aplac=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 71863
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4164
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 26 Jun 2024 19:37:58 GMT
etag: 9187630395144177108
expires: Wed, 10 Jul 2024 19:37:58 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame F3BD 0
0 135ms
94ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5873959640692295&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719502541&plat=3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~27_15~29_10&aiixl=30_6~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719502540869&bpp=3&bdt=15632&idt=302&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7951375075136&frm=20&pv=2&ga_vid=1806653053.1719502536&ga_sid=1719502541&ga_hid=952959823&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084788%2C42531706%2C95331695%2C95334511%2C95334525%2C95334573%2C95335887%2C95335897%2C31084184%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3872154829323865&tmod=1547738747&uas=0&nvt=1&fsapi=1&fc=1920&brdim=620%2C620%2C620%2C620%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=403

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jun 2024 15:35:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 403 ads
pagead2.googlesyndication.com/pagead/ Frame 0B6E 0
0 118ms
112ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5873959640692295&output=html&h=70&slotname=8822470010&adk=3208568299&adf=3052806192&pi=t.ma~as.8822470010&w=825&abgtt=6&lmt=1719502541&format=825x70&url=https%3A%2F%2F3kmfi6hp.lzh720.workers.dev%2F&fwrattr=true&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719502540872&bpp=2&bdt=15636&idt=425&shv=r20240618&mjsv=m202406240101&ptt=9&saldr=aa&abxe=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7951375075136&frm=20&pv=1&ga_vid=1806653053.1719502536&ga_sid=1719502541&ga_hid=952959823&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=2967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31084788%2C42531706%2C95331695%2C95334511%2C95334525%2C95334573%2C95335887%2C95335897%2C31084184%2C95335291%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3872154829323865&tmod=1547738747&uas=0&nvt=1&fc=1920&brdim=620%2C620%2C620%2C620%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&nt=1&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=431

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jun 2024 15:35:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&RedC=c.clarity.ms&MXFR=15EA8D2051DA62CF3003998B55DA6C28
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&MUID=02AD18B37B166D521BC30C187ABC6CEE

42 B
442 B

31ms
31ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&MUID=02AD18B37B166D521BC30C187ABC6CEE
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:40 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:35:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C149C164D6D4F40A56B3EC512571618 Ref B: DUS30EDGE0805 Ref C: 2024-06-27T15:35:41Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=32A2DB3DD5794F7DABB9952BFBD2EB4D&MUID=02AD18B37B166D521BC30C187ABC6CEE
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 90ms
89ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240618&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

30a9f3d480d80bdc37edefda44fec0b4c5d42f44e977688d007bb37c4cfe291b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12506
x-xss-protection: 0

GET
H3 526 favicon.ico
3kmfi6hp.lzh720.workers.dev/ 7 KB
7 KB 1174ms
1173ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://3kmfi6hp.lzh720.workers.dev/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed363f1324b19c74172ba4ad88e22fa50a56b036f5d852f9914243b81357fe53

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:42 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2B6GaZp%2B9ikJluB3JAB1CLe0lwkoUII1hmoLbGoDkf99RoCqjlmkvfrl2fpjeXo3L%2Fjb8Z8J%2FU%2Ba1naijW02cuqpLhHqU4iXfjtlWA3zQJLl5CpdSCqi%2FGCPq%2BwQEyzBQgulze93HCMVPa%2B11Xw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 89a682246ff00b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 170ms
57ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 15:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 27 Jun 2024 15:35:41 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A9F6 0
0 77ms
22ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://3kmfi6hp.lzh720.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 31897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jun 2024 06:44:04 GMT
expires: Fri, 27 Jun 2025 06:44:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 296ms
103ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://3kmfi6hp.lzh720.workers.dev/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://3kmfi6hp.lzh720.workers.dev
Date: Thu, 27 Jun 2024 15:35:43 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240618&jk=3872154829323865&bg=!xsWlxYrNAAb64txl2uI7ADQBe5WfOD-sv8nOiIPW2t0Kw0AUf8_SPHpdhHCdEOZBCsbLvvDl9zuzWnm79w8kB796FtqPAgAAAJpSAAAAB2gBB34ANV2MyvjKfifbTfctZogI2qgAgVp2wSoW-_NwHYLx7fHXHn8w4YGBALlsM8O4SFmJRFPAZ1p_CgBi_S2DjHD-wKOM7vJLPVQokSjaL25-Hc0U3vaDnBRIZXPf7OWmEFZEh9NViLhFynp_Xzoo0MMQQqotHsiDFeMgP9mFoyyzG46sjpWonp6-002jIkLIGFhccvMjltqzKYxTfS6ZAusSGRQjMa7k3xCXzwUTemo_3ZpB_HXlZzcoNrYUwIQdUHsLuWH0dTm-YVWKAgPtfOaUE4iyFKdz0PuP4r_KiPYmCQrDLEtsZy-j1wIERVfvP3hG-7B1Qv3EH0Sn2k1EU78DqIGSbPoxb2gwKqx2XS-SaD9gAeDBxy2S_yTTPU2EzuL4d7w6q8anC9GSE4UhKZX4oQhyn8_h5VonRlx2lhCdLYskwrX6X-sKnj9N-4P3PfJ3KXEyO3IPFeXdHetGjZC434xTuZgawmnYXhgy9Yo82PK-xsDfnpzAWhc-iazFW0di-jc_-e4kXtgS3g50aqNus1d_n-KyCHxRA5l9Lwy67bJ_wxcsZXePg9mg4no2hBL5aqS4rEhl6O0rxqAcvldh9QKRB90p930oA0_mQNv_wk5ztnAmsNVlWuYb3E6_j-iiTKUXVaX_h3IwW9lnV91l9kuo-R6JNY2fD9rhydl-3PS4h-Y6naYl57aNhfIitl8ElOgyrGbO8mza5KLwDPg1oFSNBHIQhOqn88QXcJQikcdhD6NEAl4NQ9bZvh0-7JbAoKNJIyZLu_t7c1pRtSYLefDuBxB2S62dCc0E7nxa3d0GaZI9LRg4Hm87dE0ib4gOZv6T5yfDLL9yuIJGz5ZFdH4WJEffEfHykRoIhEj3_GZogurjle3vl9Vyi-5ebBx-YMSNwDF9_nEPAcTs9o7mmJWDz95Dtjs6VbSK9RDBKED5F49dvI7drTIdpJS99iVadJtjiubDu0UzkVEd4XB29DXTF1QRXGmUPmVFawbqOBUpe2GCfOULyXJEO9Fmr1Q4KHF-5xK_cS-QDIcIy96HDuwYL7B67GbTY4V5UB3RTEKyhL5zrIsNpe0BviAuCA3TPrvETHMFESJwgnmaEhl_LTwax5a2gAwUTKG92_vIaKkPS8KagA6K_bKqeQVdmykt4-1ocy4mPneLPo_Pb0rnZFRMn4ORfHOVkH9-vsU7ArZomhybAMyxA1o

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
3kmfi6hp.lzh720.workers.dev/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gox1hpiz3jdpx0spdhl3ufl4
.agoda.com/	1970-01-21 06:23:58	Name: agoda.user.03 Value: UserId=1bdcf1dc-3ccc-4c4b-90ee-bed5e15d6a30
.lzh720.workers.dev/	1970-01-20 23:47:58	Name: _gcl_au Value: 1.1.2021983553.1719502536
.lzh720.workers.dev/	1970-01-21 07:14:22	Name: _ga_64GCEN52K6 Value: GS1.1.1719502535.1.0.1719502535.60.0.0
.lzh720.workers.dev/	1970-01-21 07:14:22	Name: _ga Value: GA1.1.1806653053.1719502536
www.clarity.ms/	1970-01-21 06:23:58	Name: CLID Value: 6cc03b9c8fd84830a546f63c86573a7c.20240627.20250627
.lzh720.workers.dev/	1970-01-21 07:14:22	Name: _ga_28NXCDBGGK Value: GS1.1.1719502536.1.0.1719502536.60.0.0
.region1.google-analytics.com/	1970-01-20 23:47:58	Name: ar_debug Value: 1
.lzh720.workers.dev/	1970-01-20 23:47:58	Name: _fbp Value: fb.2.1719502536210.91943237393040153
.lzh720.workers.dev/	1970-01-21 06:23:58	Name: _clck Value: 1hz8g3c%7C2%7Cfmz%7C0%7C1639
.lzh720.workers.dev/	1970-01-20 21:39:48	Name: _clsk Value: hvkgo8%7C1719502536680%7C1%7C1%7Cw.clarity.ms%2Fcollect
.bing.com/	1970-01-21 06:59:58	Name: MUID Value: 02AD18B37B166D521BC30C187ABC6CEE
.c.bing.com/	1970-01-20 21:48:27	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:59:58	Name: SRM_B Value: 02AD18B37B166D521BC30C187ABC6CEE
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:59:58	Name: MUID Value: 02AD18B37B166D521BC30C187ABC6CEE
.c.clarity.ms/	1970-01-20 21:48:27	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:38:23	Name: ANONCHK Value: 0

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/css/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/css/191215.css?240627 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/images/common/www_logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/css/www/common.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/bootstrap/4.4.1/js/bootstrap.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/ajax/popper.js/1.16.0/popper.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/css/header.css?240627 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/fontawesome/5.9.0/css/all.css Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/css/sweetalert.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/ajax/jquery.ui/1.12.1/jquery-ui.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/images/common/www_logo_sp.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/jquery.query-object.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/sweetalert.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/assets/ajax/jQuery/jquery-3.4.1.min.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://3kmfi6hp.lzh720.workers.dev/ Message: Refused to execute script from 'https://3kmfi6hp.lzh720.workers.dev/assets/ajax/jquery.ui/1.12.1/jquery-ui.min.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/post.js?240627 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/www/home.js?240627 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/travelguide/home.js?240627 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/init.js?240627 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/common.js?240627 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/191216.js?240627 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/images/common/close.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/home.js?240627 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/category.js?240627 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/js/letsgojp.js?240627 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://3kmfi6hp.lzh720.workers.dev/ Message: Refused to execute script from 'https://3kmfi6hp.lzh720.workers.dev/js/common.js?240627' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
recommendation	verbose	URL: https://3kmfi6hp.lzh720.workers.dev/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://3kmfi6hp.lzh720.workers.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 526 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3kmfi6hp.lzh720.workers.dev
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdn0.agoda.net
cdnjs.cloudflare.com
connect.facebook.net
d1grca2t3zpuug.cloudfront.net
encrypted-tbn0.gstatic.com
i.ytimg.com
pagead2.googlesyndication.com
region1.analytics.google.com
region1.google-analytics.com
sherpa.agoda.com
stats.g.doubleclick.net
tpc.googlesyndication.com
uh.nakanohito.jp
w.clarity.ms
www.clarity.ms
www.facebook.com
www.google.nl
www.googletagmanager.com
www.letsgojp.com
pagead2.googlesyndication.com
103.200.108.61
104.17.24.14
104.18.187.31
13.214.103.41
13.74.129.1
142.250.186.66
157.240.251.9
18.66.137.45
188.114.96.3
2001:4860:4802:34::36
203.114.55.134
23.96.124.156
2606:4700::6812:bb1f
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:803::2008
2a00:1450:4001:806::200e
2a00:1450:4001:80e::2016
2a00:1450:4001:828::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c1f::9c
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
69.192.160.238
0284d8a2c7de89894c34485ab41316c57f1904b2f9181f3e077429d4d3c18f48
02efaeb27023f58a5c29e8bd23c53fe0fb46bbfbd844a2fbbb9327866c8a8dd3
04445587d61da2bf9455f0327b45ad8911825b760c4e0ef16ed781e00b250f9c
049fc6f9efb2edb41dad8912d91053c8d7c11e903d22e19a3e67fd86db9be4c4
0693f01b98168a47583ce9fa04c172d17800970d683d573b1293421b6a78dd7e
0ad2b29586a7f8026ea07f23acc86dd7ed4f32132aaca9c1f0ae60d35d963792
10a33b5c940e7bc600ea2810083d84e945b8f746e5c952ebde40407410169fba
11f1f623d2b3dbda5d54a245701c679e91aa64c2481ea3933a00113f056f8a77
12a88002510ea6938da70a7ee73f45dfcc3ee48791c3b9bfa8564c6df3f441fe
1ce85289ef4edfbc4670ef307cbb02f203cadb70db45d86e9945543d9536d8be
1e80623b01a72e8e7fda7bd768c6542f65f58f9667fbe8efe0c688084f6cd907
1f96828b10a018bdae320de3f171def7f275b54c51e9ef6228449f75c0b10c3a
2183e8b22437d03eac71559cdcc071cdf2a060caf23cd98c6b8c996112dd1a24
26186c970700f8b9f6abc3c2f754549330d81f97ee303a8520f2ef9e4a15eea1
28dd23a0060ca1b7780868a4fe1b192c0ffe28fc2a0cefb9e88adfb937d6ee44
30a9f3d480d80bdc37edefda44fec0b4c5d42f44e977688d007bb37c4cfe291b
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
319d14473c98d0ec6ba24e556637b0fcdb329f12fe9e8b667031b818a576795e
31e7f11ed08f459ea61df454caf8b29620ac7e85b79e5ffdae97507da29d3a8f
33b3c179d2d1d34cc3d59dd51e0a3b7949ff88fd42b7d9fd58d5f6f16f74c499
38501a13cb34ecc55e85bfdd1513a1d518a95450e7bb06fc2859e9e7fdff1821
3d9120fa621da6d613c1698b7014ec6bdf4620366e8f2b7b547059f4b6f6272b
402070c3de712beee07622762669e4c6aa00d7ac8ba6e83d477e3e39a0b42444
4769e2c01bd23a87bfaf9f5ffcabf3c4a91a7c594d4669cc8dac96b9b3637d4c
4fccf706e6186e617e0ab0ae98fef2bf4929635a4d9d30746563af6c4765b310
52fc54f6f0e38e4e1d967644428583dd4d46bb86684bc5ce9255e525a5753658
551f602e45ed17931c4876b6171a213e5ac88015972c3e27c786026c746295fd
5976059d2fbe31940193e8293a3f41cbae37d9bd0bb96f0cb92aa0fc29326447
5a07eb5743b19d8dbac30b35ad6b527a1b773e0ff9982eb507f3cdd871e8a55c
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5da4467e1a2b3338708849d1de1bd59866653b905d6e243d0c8045653923c5cc
5fc3b1a0ab956b6b11194fa58ac379cfbab2339c0312e724399ced13e6708bcd
61817ec52c0fcdb2b51599cd5a21bec5c098dfc3f421180cc8ba82a4713ee660
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
684af44d9f04a21830ad3467ad63567af7b85dc77fd59788b70c13b308626d9b
6ad27760f1009442350c0eb3608071039ccddd1666981f3d063a46c0bbc8789f
71a5ef00ccd215ca83504b0455f3c392153e2aed522f87d1f0a1f707bb404b50
7731d577c5dfa5f38e9bf82dedae51174c9ddd4d3d4668eea9d1e51d6ce13d66
781ccf7d768994ff64892da3a2ff26e30915d53c0e1ce97256b5e67112b66604
7eab062479f26cf6048dd38d41397a872ff22e8add5dd86f1f4b3df40cb41c94
84febdb2f9ce2c37079083f9d1567f574c651770916f60c9888887cecbd3626c
9904b0d448280bfdfcb0329bdac995883033597727404f9c058d051d9174b7c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aa3f8237b513bfd811bb98ed7f75cd2072a19d5bdcb3d956021ebb00831b4cf
9cdb10f439dc8699784959403bd4edbd7ead41f5fc521fa95e16ecfc6e1451ed
a85a58d1da5cd345d0bde1ddf4454238cb94c4d292d7a372d2904b2c39029943
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab29087a2a33b289dba5f3918d9c0c5613db055a0eb76835f5f0311dca275612
ac20020d60a9fd5cc8874aec07e8a940233d5c1bcef0735ed1f35239ae2ccacd
b2ab50889b114b00e73fe79a109ce36b0b04ffd828bb0617b36f8c708ac4d615
b41c65a254473fdb8cb0414a564fa193ffde90e9573a2c4b2afc9ee56d964797
b7847a3121a4275db8cc003c4cd23d5b74b35edde3a67782f104b9987f59bdf5
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825
c2d4f2831372c19927f2f612fba669cc50709707a85b686841c50a92a1989709
c4e1e1b1bf8946931a493dff85eab08f5076c1350637d532709b0f5700561e22
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
cceffdeed5dab9faf19c77b7f32a68eb0ec62120a822a31facf40a237a92f549
d018cc492f648e100eff984cf0ef04076ea46d20ec942b2adf80f96dd8f96f50
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d4f539e5666e490cc2b529df673ae5f3f696ef8f6564b85f8ca5e27a0ec0e8f8
d774fd412720f96f9b10bfbc6f8a624b0817830f08e76a233b2c9c486f400183
dabb278a0795149322bb265525f7057e821a0899534ec9fce70304eb8d11e2ae
de1805522e8bde4516893684590f431b5bc8716638f3b9cdbf4e987767e61a65
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d03a3cbf4e29f71da02c4ed1865b9887291f4e51785dcd6dd509b464a9ca87
e607555792be807e430bd1a6110690a94397b6f987ea0ac9611d829cec96fc14
e6792bc2356c88d7cacf7351d64da1e7eaade694b9485daef7f4c84f5844968c
eafb5c0d2bb96551fb8c78c697fcbd09a6c61d71cc312e37f33fdc671792b8af
ed363f1324b19c74172ba4ad88e22fa50a56b036f5d852f9914243b81357fe53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
f10b7cf0314c1df6ebf546743f8dd9bddb6157efedb7b8f747c9ed2ca9b57ede
f2ac2274a9830ef3b470492b7ab002a56d4c47b107845bba5d6c9ec2d791e54b
f8731f6e9ec61d1bb9858d809464e44f128971f0073cf73fd7d09e7af0770c80
fafb0164bac94bb7f4b72506ea3e052909cd8bc973bda02cc6bc6b42ba9eb996

3kmfi6hp.lzh720.workers.dev Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

97 %HTTPS

52 %IPv6

20 Domains

23 Subdomains

25 IPs

8 Countries

4132 kBTransfer

6354 kBSize

18 Cookies

100 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

3kmfi6hp.lzh720.workers.dev Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

97 %
HTTPS

52 %
IPv6

20
Domains

23
Subdomains

25
IPs

8
Countries

4132 kB
Transfer

6354 kB
Size

18
Cookies

114 HTTP transactions
0 data transactions