urlscan.io logo urlscan.io
SecurityTrails logo

weirdorconfusing.com Open in urlscan Pro
3.70.101.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://weirdorconfusing.com/
Effective URL: https://weirdorconfusing.com/
Submission: On May 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 17 domains to perform 62 HTTP transactions. The main IP is 3.70.101.28, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is weirdorconfusing.com. The Cisco Umbrella rank of the primary domain is 644830.
TLS certificate: Issued by R3 on March 19th 2024. Valid for: 3 months.
This is the only time weirdorconfusing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 3.70.101.28 16509 (AMAZON-02)
10 2600:9000:225... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2600:1901:0:d... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 18.245.46.97 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 23.210.17.232 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.217.16.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 130.162.160.243 31898 (ORACLE-BM...)
62 22
11    3.70.101.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
weirdorconfusing.com
10    2600:9000:2250:9600:12:4abd:d340:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergient.com
3    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
eocampaign1.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
shapecomb.com
2    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:211e:9c00:14:2602:6e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.intergi.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:223f:2000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    18.245.46.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-97.fra56.r.cloudfront.net
impression-inferences-edge-prod.playwire.com
1    2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    23.210.17.232 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-17-232.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2606:4700:3032::6815:39f0 (United States)

ASN13335 (CLOUDFLARENET, US)
gallery.eo.page
3    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
Apex Domain
Subdomains		 Transfer
11 weirdorconfusing.com
weirdorconfusing.com — Cisco Umbrella Rank: 644830
425 KB
10 intergient.com
cdn.intergient.com — Cisco Umbrella Rank: 4376
130 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
146 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
450 KB
4 btloader.com
btloader.com — Cisco Umbrella Rank: 876
api.btloader.com — Cisco Umbrella Rank: 958
30 KB
4 shapecomb.com
shapecomb.com — Cisco Umbrella Rank: 173670
25 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 733
px.moatads.com — Cisco Umbrella Rank: 608
mb.moatads.com — Cisco Umbrella Rank: 848
44 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 159
171 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
8 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 914
1 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2533
302 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
182 KB
1 eo.page
gallery.eo.page — Cisco Umbrella Rank: 206008
2 KB
1 playwire.com
impression-inferences-edge-prod.playwire.com — Cisco Umbrella Rank: 8233
706 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 622
480 B
1 intergi.com
cdn.intergi.com — Cisco Umbrella Rank: 4810
132 KB
1 eocampaign1.com
eocampaign1.com — Cisco Umbrella Rank: 158241
31 KB
62 17
Domain Requested by
11 weirdorconfusing.com weirdorconfusing.com
10 cdn.intergient.com weirdorconfusing.com
cdn.intergient.com
5 fonts.gstatic.com fonts.googleapis.com
weirdorconfusing.com
4 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
4 shapecomb.com cdn.intergient.com
shapecomb.com
3 api.btloader.com btloader.com
3 www.google.com eocampaign1.com
www.gstatic.com
3 fonts.googleapis.com weirdorconfusing.com
client
2 ad-delivery.net weirdorconfusing.com
2 region1.google-analytics.com www.googletagmanager.com
2 securepubads.g.doubleclick.net cdn.intergient.com
securepubads.g.doubleclick.net
2 www.googletagmanager.com weirdorconfusing.com
www.googletagmanager.com
1 mb.moatads.com z.moatads.com
1 www.gstatic.com www.google.com
1 ad.doubleclick.net weirdorconfusing.com
1 gallery.eo.page weirdorconfusing.com
1 px.moatads.com weirdorconfusing.com
1 z.moatads.com cdn.intergient.com
1 btloader.com cdn.intergient.com
1 impression-inferences-edge-prod.playwire.com cdn.intergient.com
1 static.adsafeprotected.com weirdorconfusing.com
1 cdn.intergi.com cdn.intergient.com
1 eocampaign1.com weirdorconfusing.com
62 23

This site contains links to these domains. Also see Links.

Domain
docs.google.com
tholman.com
www.amazon.com
emailoctopus.com
Subject Issuer Validity Valid
*.weirdorconfusing.com
R3		 2024-03-19 -
2024-06-17		 3 months crt.sh
cdn.intergient.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
eocampaign1.com
GTS CA 1P5		 2024-04-24 -
2024-07-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
shapecomb.com
R3		 2024-04-26 -
2024-07-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
cdn.intergi.com
Amazon RSA 2048 M03		 2023-11-04 -
2024-12-01		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2024-04-25 -
2025-05-24		 a year crt.sh
*.playwire.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
btloader.com
GTS CA 1P5		 2024-04-14 -
2024-07-13		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
eo.page
E1		 2024-04-11 -
2024-07-10		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2024-04-05 -
2024-07-04		 3 months crt.sh
ad-delivery.net
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://weirdorconfusing.com/
Frame ID: BC98D1BE290189CFE99AFF12B888F030
Requests: 59 HTTP requests in this frame

Frame: https://cdn.intergient.com/pageos/1.10.44/iframe/iframe.html
Frame ID: 105B69B19F7CA9E5D548C1A09CD431C0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=vjbW55W42X033PfTdVf6Ft4q&theme=light&size=invisible&cb=fm97ptpnagph
Frame ID: 8F7A27E638528AE24225FA78CEA812B1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Frame ID: 70AA5FC7630B5482383F15E915BC8BFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Weird or Confusing

Page URL History Show full URLs

  1. http://weirdorconfusing.com/ HTTP 307
    https://weirdorconfusing.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

62
Requests

100 %
HTTPS

73 %
IPv6

17
Domains

23
Subdomains

22
IPs

4
Countries

1777 kB
Transfer

4692 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://weirdorconfusing.com/ HTTP 307
    https://weirdorconfusing.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
weirdorconfusing.com/
Redirect Chain
  • http://weirdorconfusing.com/
  • https://weirdorconfusing.com/
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
70fa3b71a823c6c238d913947b4d315710a43650a0546fc07e11f3cbe344d1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
7232
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
6666
content-type
text/html; charset=UTF-8
date
Sat, 11 May 2024 19:32:00 GMT
etag
"286d2587e52ddc620abbbd1debefef71-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HXMJ81WX5C3CC55H334DX7RZ

Redirect headers

Location
https://weirdorconfusing.com/
Non-Authoritative-Reason
HttpsUpgrades
ramp_config.js
cdn.intergient.com/1024872/74069/ 		34 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/1024872/74069/ramp_config.js
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
788b8b4244c723deb78c4984b19094202cc193851ac8facf964eb22a55e6c082

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:24:49 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
age
43631
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
n8XtZ4LRbJDetEeza-afIRfqbEpn0HXbLVEd17TWGw-E98OVPxveoA==
styles.css
weirdorconfusing.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weirdorconfusing.com/css/styles.css
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
4fa0da5166fb1a78e114e1ae8397aa32c3383e4a32e1d46a82e6dac6c481d045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ81XCMJSMEZG6HAT32GB8
date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
198810
cache-status
"Netlify Edge"; hit
etag
"5649c6aa9aac63834d69fd237bf1a22a-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1497
css2
fonts.googleapis.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
237c0786c80dda43a57d29b99d6f1248a2373e6cced0d15831106ec144faa20f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 May 2024 19:32:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 May 2024 19:32:00 GMT
long-drip.png
weirdorconfusing.com/assets/images/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/long-drip.png
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ81XCXBX5TBP0VS88VS8M
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
163804
cache-status
"Netlify Edge"; hit
etag
"bbfd06fe4c55fdd486540a36ce519d12-ssl"
content-type
image/png
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
89673
bd191654-7be0-11ed-bbe5-392bd510cd34.js
eocampaign1.com/form/ 		208 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8947e32801f71b12592bd30f5665fd57ed0b2c2bb1e786febf5cab70a62b55b1
Security Headers
Name Value
Content-Security-Policy default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-gW+eiRLL8vHACW561hFsLwGFK94=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-security-policy
default-src *;img-src 'self';font-src 'self' https://fonts.gstatic.com;style-src 'self' https://fonts.googleapis.com 'unsafe-inline';script-src 'strict-dynamic' 'nonce-gW+eiRLL8vHACW561hFsLwGFK94=' https: 'unsafe-inline';frame-src https://www.google.com/recaptcha/;base-uri 'none';object-src 'none';report-to main-endpoint;
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
reporting-endpoints
main-endpoint="http://eocampaign1.com/csp-report"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y5OpzQBOJHgQI3fBiKjqxnmP62gujIr1RiODYIt35fVcuyesS6ndU8jTSIpBAcsV%2BfwHiKAJ5dEuSSqT9MWFMxQiHMoWbqKxo0bgqMaMqU48ZdaBKTsyM6eOx4zGap0Le0kzoqcrLcLokwLuglQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, private
permissions-policy
camera=(), display-capture=(), geolocation=(), microphone=()
cf-ray
882497ac9a984d93-FRA
ramp_core.js
cdn.intergient.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/ramp_core.js
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
02d425787c1821753402ecbfca8a58517bd71c5fd443354f6fa7f37af0cbdf5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-lambda-function
us-east-1.pageos_production:416
cache-control
max-age=600, public, must-revalidate
x-amz-cf-id
KRsOQBQNWX-lYfASG_wr2n1ppqzd2LV7x7ErVcji32ZB96ykfrX5wg==
index.js
weirdorconfusing.com/js/ 		0
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://weirdorconfusing.com/js/index.js
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ81XVP0YZJHK4JGPAVMC3
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
158210
cache-status
"Netlify Edge"; hit
etag
"0144712dd81be0c3d9724f5e56ce6685-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
0
js
www.googletagmanager.com/gtag/ 		288 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7dd9c630cd0433bb1a72ba7d21e2dedfe2f593c2b61678867f55f5318de3e683
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99033
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 11 May 2024 19:32:00 GMT
amz-logo.svg
weirdorconfusing.com/assets/icons/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/icons/amz-logo.svg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/css/styles.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ81Z11E8ASK9WR3EP0E95
date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
198810
cache-status
"Netlify Edge"; hit
etag
"973513ef84232d339ed18854943288bd-ssl-df"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
1324
neILzCirqoswsqX9zoKmMw.woff2
fonts.gstatic.com/s/lobster/v30/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lobster/v30/neILzCirqoswsqX9zoKmMw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 19:27:02 GMT
x-content-type-options
nosniff
age
86698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33896
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:01:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 19:27:02 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lobster&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 00:32:18 GMT
x-content-type-options
nosniff
age
68382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 May 2025 00:32:18 GMT
30-chicken-nugget-keychain-1.jpg
weirdorconfusing.com/assets/images/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-1.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ8210HB38J598GRNQX2CM
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
133583
cache-status
"Netlify Edge"; hit
etag
"5d7356d32efab7b681b4b3e8fb65df49-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
101411
30-chicken-nugget-keychain-main.jpg
weirdorconfusing.com/assets/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-main.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ82105XZ4C3QN7ZR5HW8V
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
133583
cache-status
"Netlify Edge"; hit
etag
"e5bad604f5874e2f76fbbafc3f0c966f-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
30318
30-chicken-nugget-keychain-2.jpg
weirdorconfusing.com/assets/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/30-chicken-nugget-keychain-2.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ821026QQ8KGMYTWNYZGJ
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
133584
cache-status
"Netlify Edge"; hit
etag
"b36661586acd72d396dee9ae9cfb082c-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
65134
29-tortilla-blanket-1.jpg
weirdorconfusing.com/assets/images/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/29-tortilla-blanket-1.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ8210ZGYNWZAJN2H3B6XV
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
133580
cache-status
"Netlify Edge"; hit
etag
"1ddc726b5bd23e33a3d5d24af960cf29-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
41530
29-tortilla-blanket-main.jpg
weirdorconfusing.com/assets/images/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/29-tortilla-blanket-main.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ8210NKJJQP1JK265AER9
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
133576
cache-status
"Netlify Edge"; hit
etag
"af93ba055ce609e4e99368481d368d00-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
32584
29-tortilla-blanket-2.jpg
weirdorconfusing.com/assets/images/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weirdorconfusing.com/assets/images/29-tortilla-blanket-2.jpg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nf-request-id
01HXMJ82107TXKX0SNV2Q8YG0T
date
Sat, 11 May 2024 19:32:00 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
114773
cache-status
"Netlify Edge"; hit
etag
"e730321a249dcbacbe0dff237ae4c400-ssl"
content-type
image/jpeg
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
63327
8902db7dfdb028f8e15f009328de668918b3e5.js
shapecomb.com/j/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shapecomb.com/j/8902db7dfdb028f8e15f009328de668918b3e5.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
5bf6d7a443a5102815a6557987142df96c85d30448901efeab23a1413b57d698
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
zstd
via
1.1 google
date
Sat, 11 May 2024 19:32:00 GMT
x-datacenter
gce-europe-west1
etag
"18c2c8464801e85b50406ebc2e397c66d82df718750282e9d5d025d336368a8d"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-vwz5
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1281866448
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e495542493c110f5a052803610682ff61fd864f582127acc7d83ae303c99c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30339
x-xss-protection
0
server
cafe
etag
544 / 19854 / 31083530 / config-hash: 18132992232683648774
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 11 May 2024 19:32:00 GMT
prebid.js.br
cdn.intergi.com/prebid/ 		517 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergi.com/prebid/prebid.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/1024872/74069/ramp_config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9c00:14:2602:6e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4694888192060d9c76853e91975d822483ea4e49a5f5862a04c2ec48cd939fa3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
.bgLU0oToLnk_5KeTETGeIYdj8VcPjcE
content-encoding
br
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
date
Sat, 11 May 2024 09:40:01 GMT
last-modified
Wed, 08 May 2024 13:47:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
35956
x-amz-server-side-encryption
AES256
etag
"a549219bf8fdd0fb8bf2fc47072ff907"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
134715
x-amz-cf-id
X5pPkz_egEZkCIeFhFbi2EIBbpVGYnIN8PQkU93x6gCRQTrsmiQa-g==
pageos.js
cdn.intergient.com/pageos/1.10.44/ 		399 B
778 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/pageos.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/ramp_core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ab32a26c83ce0dc44fdb771e2c17993734a11d4ea90159856ce04bde80635b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:21 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43360
etag
"8e684d05236a8f79adda050cdf35bdde"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
399
x-amz-cf-id
871nN9Bzki6hOzXN8I0k8U5nA3LlImCfQy5jtUjc5raqKYrWlUm4yg==
runtime.07f3ca608909275e875c.js
cdn.intergient.com/pageos/1.10.44/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fca79545021d2989e3d59dd9457c456b774d819cceb685e42a6e537ac9e29ea5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:21 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43360
etag
W/"da0d0cf8bf6ff56f10090d293d2c6aad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
czvz7vLgwWxnmsmspDjUIt8lAJigq7gv3b3ZGW1lbus1d-veA8KnwQ==
main.540a1fd973152b4549c7.js
cdn.intergient.com/pageos/1.10.44/ 		192 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/pageos.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa388e15074912a29f1c94379b429b2f5f35f1cb2ce69ef283924bfe4808d31

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:21 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43360
etag
W/"ccf2278713414d6d1c9ecd1284863087"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
FUxibb46JN31EcYUX2eza5PufZLPKL_wXxCzJItRqrbk0IKoxMGYZw==
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
155b1500b4aa29e1792a74f93f0e621640572a776f5b05988265c39a2fdc7445
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86516
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 11 May 2024 19:32:00 GMT
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LJX3N3MESX&gtm=45je4580v897220874za200&_p=1715455920051&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=318420374.1715455920&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715455920&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=251
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LJX3N3MESX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 11 May 2024 19:32:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weirdorconfusing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adspot_id=ad_300x250_6922349
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 10 May 2024 15:49:45 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
99736
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ovuvrqHi2dDoEwzRNUltXdyhUjeFAmofFKJ5CmMCGboKp6-MSwnljQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/ 		453 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 16:47:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
9854
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144939
x-xss-protection
0
server
cafe
etag
1759730024324250755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 11 May 2025 16:47:46 GMT
videoCard.5ed8eb34c11835040def.js
cdn.intergient.com/pageos/1.10.44/ 		559 B
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/videoCard.5ed8eb34c11835040def.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:22 GMT
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43359
etag
"6880c1609e3243c11c7b4f1285e14d89"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
559
x-amz-cf-id
HVH9M9dDBS_qaCWslK9EeiFcSaTI99BRZzxdiAwRzgXC85S4wauFzQ==
iframe.html
cdn.intergient.com/pageos/1.10.44/iframe/ Frame 105B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/iframe/iframe.html
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://weirdorconfusing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
43366
cache-control
public, max-age=31536000
content-length
498
content-type
text/html
date
Sat, 11 May 2024 07:29:15 GMT
etag
"3f502424ce5bd411fe4d6149ffb9a39b"
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
via
1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
x-amz-cf-id
u-f_GjmPIIKnhQLH6qEgIlPTqggFMpnEfGWf5lcCUw3F499kLL1sQQ==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
batchHandler.4c3be6daddfefd896cd2.js
cdn.intergient.com/pageos/1.10.44/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/batchHandler.4c3be6daddfefd896cd2.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ebcda6faea34bc0d04dd1f2383167341a863f8b80e01c8eb33b98b95f18c16f9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:22 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43359
etag
W/"8c8496f6d16c2b01d0402bd95af903dc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
t2jvx4AtQULa65dLpYo2E_sjVTxWlkPA-4RvCiBbn0tghq9yG-cx2g==
gdpr.67979b9dcc23304ee655.js
cdn.intergient.com/pageos/1.10.44/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/1.10.44/gdpr.67979b9dcc23304ee655.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/runtime.07f3ca608909275e875c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
089f12de226200daa189d5bf5b73422e1c286b169b990242569037337707aab9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:22 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Fri, 10 May 2024 14:27:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43359
etag
W/"f95a9c4b1bc61653121ead19347b6490"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
dPLOOpaAM1T2QiKtQZT3jbaUhgRt0vglo3P_xwi9eVXOt1ikX--u3g==
GDPR
impression-inferences-edge-prod.playwire.com/websites/74069/v1/Sat/15/desktop/Chrome/ 		2 KB
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://impression-inferences-edge-prod.playwire.com/websites/74069/v1/Sat/15/desktop/Chrome/GDPR
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-97.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
fcb1aa4b8a837bb97c28b697017b5d2f104d961a534af34c18b9281de4129b1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:04:11 GMT
content-encoding
br
via
1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P9
age
1669
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=3600, public, must-revalidate
x-amz-cf-id
YFSdXWAZOa2YMXP99mP3vh2wtUPtvH0vYEevjPt1BzQy9ZG2ZiIJoA==
tag
btloader.com/ 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5150306120761344&upapi=true
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33dc16cec227bea7b4f1754b7f5162fae7fd11398b09cf70fcca14501dba586f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 11 May 2024 19:28:07 GMT
server
cloudflare
age
132
etag
"3885b07b1d0687f4b325cac9eda84117"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
882497ae48599a41-FRA
content-length
29656
moatheader.js
z.moatads.com/playwireprebidheader597261727146/ 		114 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/main.540a1fd973152b4549c7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-17-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 11 May 2024 19:32:00 GMT
content-md5
cjVIG7ARlfXfN5VfA9ykBA==
storage-tier
Standard
content-length
43167
opc-meta-btime
2024-04-22T05:23:36Z
opc-meta-mtime
1713763416
last-modified
Mon, 22 Apr 2024 21:18:38 GMT
opc-request-id
iad-1:-4ebG5yseKHcAwhH53ui4N4NhuQnI2G9WQ8GLJTvfbkptXQHazLVPZR85mYsIcwD
x-api-id
native
etag
8a97064e-7cbc-429e-85f5-49f78753ed29
vary
Accept-Encoding
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
content-type
application/x-javascript
version-id
404e9696-0589-4a6d-8258-efd500705153
access-control-allow-origin
*
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-encoding,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-meta-btime,opc-meta-mtime,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
cache-control
max-age=28317
access-control-allow-credentials
true
accept-ranges
bytes
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-17-232.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 11 May 2024 19:32:00 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 11 May 2024 19:32:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RF3445PVZM&gtm=45je4580v9102397036za200&_p=1715455920051&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=318420374.1715455920&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715455920&sct=1&seg=0&dl=https%3A%2F%2Fweirdorconfusing.com%2F&dt=Weird%20or%20Confusing&en=ramp_js&_fv=1&_ss=1&_ee=1&ep.pageview_id=1715455920051&tfd=403
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RF3445PVZM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 11 May 2024 19:32:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://weirdorconfusing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ 		761 B
456 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 May 2024 18:47:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 May 2024 19:32:00 GMT
api.js
www.google.com/recaptcha/ 		1 KB
985 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit
Requested by
Host: eocampaign1.com
URL: https://eocampaign1.com/form/bd191654-7be0-11ed-bbe5-392bd510cd34.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13d1f7f580b4dead1e0c76cbbd3ec5cf449eac819c6714c24dcec5071c4db14c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 11 May 2024 19:32:00 GMT
154013155
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/154013155?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405080101/pubads_impl.js?cb=31083530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82b89c84c6578d93c09ed0d924e1ee3e6bbccfc8f0452c29e2dd10e699f7e916
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-97LFmqVu-0ekIfoB5GxyOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-97LFmqVu-0ekIfoB5GxyOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmII1JBiOHnrNtNFID7vdIfpOhAbaDxnsgBiia8vmbSAOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAnPTvPGsJEBd1X2CtAuKdiy-wHgTiVUcusG4C4vbPF1hnAvF39ous_4FYiIdjQ___jWwCK858-suopJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGJgamCpZ2AcX2AAAE2_TPs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
aws-sdk-kinesis.min.js.br
cdn.intergient.com/pageos/js/libs/ 		227 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.intergient.com/pageos/js/libs/aws-sdk-kinesis.min.js.br
Requested by
Host: cdn.intergient.com
URL: https://cdn.intergient.com/pageos/1.10.44/batchHandler.4c3be6daddfefd896cd2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9600:12:4abd:d340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 07:29:23 GMT
content-encoding
br
via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 19:02:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
age
43358
etag
"575b9635960fa1d9b7ba4dafe1d2e7f5"
x-cache
Hit from cloudfront
content-type
text/javascript
accept-ranges
bytes
content-length
57858
x-amz-cf-id
LZ5Q5M604JjQ6YKXVxyckx8p4LFOuRoxgh8rC1kS3FsNle7gnQy58A==
otto.svg
gallery.eo.page/tentacles/icons/v1/powered-by/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gallery.eo.page/tentacles/icons/v1/powered-by/otto.svg
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:39f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
x-amz-version-id
null
via
1.1 abf5199c76a5a64063b4cf8863f823aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS1-P2
age
411
content-encoding
br
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 04 Dec 2020 17:25:12 GMT
server
cloudflare
etag
W/"72cefcb1dfdc4a35d5899af8e6f9f06c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIILp6ScK5RNkqS2RLCbPSiDMViz2AaZnSVoj68UTgmE6kwrHuSv3Dzvvp2lTNHIvx50t78oLWKur%2B%2Byx%2BeNizUouY%2FfGx9aGYbwGcCVKI0%2FS7%2F23ikS006HM0Uy9ySFrIT9sOoXMv1IDNRfccw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
882497af3a679744-FRA
x-amz-cf-id
-IavqH9zedl5LpKYvWFDXNiDj4gJMoxNYYCo-eJVW3rmKcMUKjvN_g==
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 08:00:23 GMT
x-content-type-options
nosniff
age
387097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 08:00:23 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 11 May 2024 19:32:00 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1499149
x-guploader-uploadid
ABPtcPqLF_nsU44AaRYQZvip2rnoLIgml-a62QjrWNYp6HOPjUpnOrFLIfAkZZ3izgLuAKfQ6SPlwPgTzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7qeU2t8P68ZQcauYJRE%2FlQXesv2uv%2FCCkJr6Ib%2BWlMV%2FqaKW3rqf9sUGUqyYtfKCF5HdVjqsXnMXk%2BquU8xJE%2Fvfdii0FX1%2B2pcWugl5HZO3I1Zw5To33%2F8X2uCAN6OgyZvi1SdiIlsjwLI5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
882497af3e7737d7-FRA
expires
Wed, 24 Apr 2024 11:16:00 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 04:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 May 2024 04:17:34 GMT
px.gif
ad-delivery.net/ 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7297172048959206
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1499149
x-guploader-uploadid
ABPtcPqLF_nsU44AaRYQZvip2rnoLIgml-a62QjrWNYp6HOPjUpnOrFLIfAkZZ3izgLuAKfQ6SPlwPgTzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSpoZDVW2ax%2F8O2rQvpmZf4JVNkf%2F0VinGUnav2BNmBiNPc5O6Tf%2FbKfP%2BWjWrWVj7axxmBBInDoZDu0YF0LOKiPugHxtC74EfMumYGTEve1VsvyKysRMUA5oS510kVuy%2F%2Bm6dpCbzw2AFVhMA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
882497af3e7a37d7-FRA
expires
Wed, 24 Apr 2024 11:16:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 		505 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=loadRecaptchaForbd1916547be011edbbe5392bd510cd34&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 13:16:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206091
x-xss-protection
0
last-modified
Sun, 05 May 2024 20:00:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 May 2025 13:16:15 GMT
v2
mb.moatads.com/yi/ 		347 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!b.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M2f%2B%7BK%24%3D!%2509.aS%3B4oD%7D%60%3Fjc!L2LmqMs%3Cex1bxNTK7%2BuCTpY%3CZ.T%5B%2B%22gbzbSSr1r4YvKUntB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C5%2C747835005%2C1%2C2%2C0%2Cprobably%2Cprobably&rb=1-0zMqFj9Dn56pt3vTHy8YEBQPW0156EeByXc57Q1SGx6aR8yd21jqQxERbTEBDlFeSDk%3D&rs=1-Z9pXKgt%2BRfoJWg%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=100&qd=100&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fweirdorconfusing.com%2F&pcode=playwireprebidheader597261727146&rx=460556332653&callback=MoatNadoAllJsonpRequest_77927109
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/playwireprebidheader597261727146/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
7297362cdd10196cea12964ef428ae3dc792ff35f494d2dee26c4b34cbcc7726

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
server
istio-envoy
etag
"4f84efe46d49dc3ae841f1be2b2d9c99bee77769"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
43
timing-allow-origin
*
content-length
347
country
api.btloader.com/ 		37 B
162 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country?o=5150306120761344
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
pv
api.btloader.com/ 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=d99SbL9GWP&w=5109211052113920&o=5150306120761344&cv=2.1.44-1-g797e4b1&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fweirdorconfusing.com%2F&sid=GyDiQAf0Wk&pm=true&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5150306120761344&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 11 May 2024 19:32:00 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
AGSKWxUPpdwMZfPeTR3QAgAgcpPneIugIc5Daz9USS8jQ48ju0N4Qn3TN1c0YLpBetiyAzGsa973EGP1yWG5jLtdBxwcvjFT9ssYuDJB9nyqEnDu0_eQV0292A3y91Fa0bKyKAJJJPq95w==
fundingchoicesmessages.google.com/f/ 		634 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUPpdwMZfPeTR3QAgAgcpPneIugIc5Daz9USS8jQ48ju0N4Qn3TN1c0YLpBetiyAzGsa973EGP1yWG5jLtdBxwcvjFT9ssYuDJB9nyqEnDu0_eQV0292A3y91Fa0bKyKAJJJPq95w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1NDU1OTIwLDc2OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbS8iLG51bGwsW1s4LCJhVWRtYUlqRDNqVSJdLFs5LCJkZSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDNdLG51bGwsNV0iXSxbMTksIjEiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMzx4Y2cn823kWaNLHhQW6izPhJecA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dcb4ff341f9e68f68a9d7ea934f37418df5ef5d6ccf7bf562bd5f87bceae8427
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gFJeCD_yh6Tgz86U1PoIrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 19:32:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-gFJeCD_yh6Tgz86U1PoIrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjqtDikmJw1ZBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Xf2i6z_gbjM8SJrHRAL8XBs6P-_kU1gR9u07cxKGkn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUXxRgZGJgamBpZ6BsbxBQYALcJKMw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8F7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6&co=aHR0cHM6Ly93ZWlyZG9yY29uZnVzaW5nLmNvbTo0NDM.&hl=de&type=image&v=vjbW55W42X033PfTdVf6Ft4q&theme=light&size=invisible&cb=fm97ptpnagph
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uZPfybA42w5xFaH3ZUPlNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://weirdorconfusing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-uZPfybA42w5xFaH3ZUPlNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 May 2024 19:32:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
54823ed0741b783899502a5a147b1079aeeb487
shapecomb.com/submit/aa72fe2a8981c79/ 		303 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shapecomb.com/submit/aa72fe2a8981c79/54823ed0741b783899502a5a147b1079aeeb487
Requested by
Host: shapecomb.com
URL: https://shapecomb.com/j/8902db7dfdb028f8e15f009328de668918b3e5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f15ad86949c86e897c2dd0cc59df3b19e589c7e7ba2e75e8df92d9da24cf2d4a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 11 May 2024 19:32:00 GMT
via
1.1 google
x-buildnumber
1281866448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weirdorconfusing.com
x-hostname
fen-hoothoot-europe-west1-spot-vwz5
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 11 May 2024 19:31:59 GMT
e91a1fea7ca1d05c47d2f6a1954b646058f107cf4
shapecomb.com/4a943f111afed/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shapecomb.com/4a943f111afed/e91a1fea7ca1d05c47d2f6a1954b646058f107cf4
Requested by
Host: shapecomb.com
URL: https://shapecomb.com/j/8902db7dfdb028f8e15f009328de668918b3e5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 11 May 2024 19:32:00 GMT
via
1.1 google
x-buildnumber
1281866448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weirdorconfusing.com
x-hostname
fen-hoothoot-europe-west1-spot-vwz5
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 11 May 2024 19:31:59 GMT
css
fonts.googleapis.com/ 		109 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo:400,500|Arimo:400,500|Bitter:400,500|EB+Garamond:400,500|Lato|Libre+Baskervill|Libre+Franklin:400,500|Lora:400,500|Google+Sans:regular,medium:400,500|Material+Icons|Google+Symbols|Merriweather|Montserrat:400,500|Mukta:400,500|Muli:400,500|Nunito:400,500|Open+Sans:400,500,600|Open+Sans+Condensed:400,600|Oswald:500|Playfair+Display:400,500|Poppins:400,500|Raleway:400,500|Roboto:400,500|Roboto+Condensed:400,500|Roboto+Slab:400,500|Slabo+27px|Source+Sans+Pro|Ubuntu:400,500|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyK3kmh64KbRKVCDfZg-urz2R_hUA/m=web_iab_tcf_v2_wall_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 11 May 2024 19:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 11 May 2024 19:32:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 May 2024 19:32:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 00:50:53 GMT
x-content-type-options
nosniff
age
412868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 00:50:53 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: weirdorconfusing.com
URL: https://weirdorconfusing.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://weirdorconfusing.com/
Origin
https://weirdorconfusing.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 07:46:06 GMT
x-content-type-options
nosniff
age
387955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 19:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 May 2025 07:46:06 GMT
AGSKWxXuml5MxBeAAnxKM-8Kuorbhd1wTNKKWEPdMLeBBKkD95f3v--kq8qPEfaV93z-okQHo1SoWMBnfCKWOz3UEyEpdVPJOtnBCgc-DkaEqwie-CEjXSoB_uPRCAqJ5IbV-wiMYTycTw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuml5MxBeAAnxKM-8Kuorbhd1wTNKKWEPdMLeBBKkD95f3v--kq8qPEfaV93z-okQHo1SoWMBnfCKWOz3UEyEpdVPJOtnBCgc-DkaEqwie-CEjXSoB_uPRCAqJ5IbV-wiMYTycTw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMzx4Y2cn823kWaNLHhQW6izPhJecA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CA8RbSFESaeoMOhKYV4DBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 May 2024 19:32:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-CA8RbSFESaeoMOhKYV4DBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0ZBicEqfwRoCxELcHBv7_29kE2i4e0VXySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYmBpY6hmYxxcYAACV2yI5"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://weirdorconfusing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXuml5MxBeAAnxKM-8Kuorbhd1wTNKKWEPdMLeBBKkD95f3v--kq8qPEfaV93z-okQHo1SoWMBnfCKWOz3UEyEpdVPJOtnBCgc-DkaEqwie-CEjXSoB_uPRCAqJ5IbV-wiMYTycTw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXuml5MxBeAAnxKM-8Kuorbhd1wTNKKWEPdMLeBBKkD95f3v--kq8qPEfaV93z-okQHo1SoWMBnfCKWOz3UEyEpdVPJOtnBCgc-DkaEqwie-CEjXSoB_uPRCAqJ5IbV-wiMYTycTw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMzx4Y2cn823kWaNLHhQW6izPhJecA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-twMBJJ0IFqzv5uT9Jcgn5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 11 May 2024 19:32:01 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-twMBJJ0IFqzv5uT9Jcgn5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0pBicEqfwRoCxELcHBv7_29kE_jw54WGkktSfmF8cn5eSWpeiW5iSrEuiF2UmVRakl-Ewk4tA6nIyU9Pz8xLjzcyMDIxMDWw1DMwjy8wAADIgSLl"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://weirdorconfusing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 70AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=vjbW55W42X033PfTdVf6Ft4q&k=6LdYsmsUAAAAAPXVTt-ovRsPIJ_IVhvYBBhGvRV6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9yovJ-XnqafLxnWRU3WGdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://weirdorconfusing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-9yovJ-XnqafLxnWRU3WGdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 11 May 2024 19:32:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
5d2865a77e8d53ccf265d5f04ced1615bf0253b6301e74f9294e98
shapecomb.com/ 		2 B
339 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://shapecomb.com/5d2865a77e8d53ccf265d5f04ced1615bf0253b6301e74f9294e98
Requested by
Host: shapecomb.com
URL: https://shapecomb.com/j/8902db7dfdb028f8e15f009328de668918b3e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://weirdorconfusing.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Sat, 11 May 2024 19:32:01 GMT
via
1.1 google
x-buildnumber
1281866448
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://weirdorconfusing.com
x-hostname
fen-hoothoot-europe-west1-spot-vwz5
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Sat, 11 May 2024 19:32:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ramp string| _pwGA4PageviewId object| dataLayer function| gtag object| _pwTycheAB object| pwKinesisCreds number| cmpVersion boolean| tycheSampling number| tycheSamplingRate string| tychePath boolean| rampSampling number| rampSamplingRate string| rampPath boolean| rampMinimal number| _pageViewSR boolean| _pageViewSampling boolean| _adImpressionSampling number| _adImpressionSR object| _pwLogger boolean| excludeMoat string| _pwKassandraVer boolean| _pwUserInCA number| _pwFpSampling string| _pwUserCC string| _pwUserContentEncoding object| pwEdgeFlags object| pwEdgeYieldOptions object| PageOS object| tyche function| admiral object| googletag object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkpageos function| 4dm1r11545242527 object| ggeac object| google_js_reporting_queue object| pageos object| __core-js_shared__ object| core object| __pwpbjs__ object| _pbjsGlobals object| regeneratorRuntime function| loadRecaptchaForbd1916547be011edbbe5392bd510cd34 undefined| google_measure_js_timing object| googlefc object| __bt object| __bt_intrnl object| __bt_tag_d object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _xamzrequire object| AWS undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_77927109 boolean| Moat#EVA object| moatPrebidApi boolean| __bt_already_invoked object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NTBiODRhZTA3MTliYzg1Y2xvYWRlcl9qcw== string| NTBiODRhZTA3MTliYzg1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| recaptcha object| closure_lm_706880

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ9Knh2K79TGxWzXNdJPLcMeKeiD3E7obmDzHlcga2OUcZ-bajc_FJZ_9RGkwzqbN4e1KJRy7Vbdv0MlX_oqUr0
.weirdorconfusing.com/ Name: _ga_LJX3N3MESX
Value: GS1.1.1715455920.1.0.1715455920.0.0.0
.weirdorconfusing.com/ Name: _ga
Value: GA1.1.318420374.1715455920
weirdorconfusing.com/ Name: usprivacy
Value: 1---
.weirdorconfusing.com/ Name: _ga_RF3445PVZM
Value: GS1.1.1715455920.1.0.1715455920.0.0.0
.weirdorconfusing.com/ Name: _awl
Value: 2.1715455920.5-b1d3aec653eeb3366818545fb70698e0-6763652d6575726f70652d7765737431-0

2 Console Messages

Source Level URL
Text
other warning URL: https://weirdorconfusing.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://weirdorconfusing.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
ad.doubleclick.net
api.btloader.com
btloader.com
cdn.intergi.com
cdn.intergient.com
eocampaign1.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gallery.eo.page
impression-inferences-edge-prod.playwire.com
mb.moatads.com
px.moatads.com
region1.google-analytics.com
securepubads.g.doubleclick.net
shapecomb.com
static.adsafeprotected.com
weirdorconfusing.com
www.google.com
www.googletagmanager.com
www.gstatic.com
z.moatads.com
130.162.160.243
130.211.23.194
172.217.16.134
18.245.46.97
2001:4860:4802:34::36
23.210.17.232
2600:1901:0:d733::1
2600:9000:211e:9c00:14:2602:6e80:93a1
2600:9000:223f:2000:8:48e:53c0:93a1
2600:9000:2250:9600:12:4abd:d340:93a1
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700:3032::6815:39f0
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a06:98c1:3120::3
3.70.101.28
02d425787c1821753402ecbfca8a58517bd71c5fd443354f6fa7f37af0cbdf5f
04fcb3b36a8a7bdccb4d6d19f659416dbea46e4599303c362b95cc36b079c1ce
089f12de226200daa189d5bf5b73422e1c286b169b990242569037337707aab9
0b9385e02eb700e334675403ba0822637003fbeb50583f18a4a4a9121e4f7b60
13d1f7f580b4dead1e0c76cbbd3ec5cf449eac819c6714c24dcec5071c4db14c
155b1500b4aa29e1792a74f93f0e621640572a776f5b05988265c39a2fdc7445
1e64f93311de0c01089d0454a51c5987a6b64b9a4af28cd348ea79f3435dc1c5
237c0786c80dda43a57d29b99d6f1248a2373e6cced0d15831106ec144faa20f
33dc16cec227bea7b4f1754b7f5162fae7fd11398b09cf70fcca14501dba586f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4694888192060d9c76853e91975d822483ea4e49a5f5862a04c2ec48cd939fa3
49fc0234fad60121e36dd546751351adebebf231f27c8d8d105de0ffe33cb96e
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
4fa0da5166fb1a78e114e1ae8397aa32c3383e4a32e1d46a82e6dac6c481d045
5bf6d7a443a5102815a6557987142df96c85d30448901efeab23a1413b57d698
5e495542493c110f5a052803610682ff61fd864f582127acc7d83ae303c99c71
70fa3b71a823c6c238d913947b4d315710a43650a0546fc07e11f3cbe344d1a0
7297362cdd10196cea12964ef428ae3dc792ff35f494d2dee26c4b34cbcc7726
788b8b4244c723deb78c4984b19094202cc193851ac8facf964eb22a55e6c082
795041923e6338abe450ff9524ef70fd40432f278f32c9c35cdbb08239574fb1
7ab32a26c83ce0dc44fdb771e2c17993734a11d4ea90159856ce04bde80635b4
7dd9c630cd0433bb1a72ba7d21e2dedfe2f593c2b61678867f55f5318de3e683
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82b89c84c6578d93c09ed0d924e1ee3e6bbccfc8f0452c29e2dd10e699f7e916
843f652c087bc9b665a72a705eadd1b7e8b345bd29594c6279ee4f8469506607
84d39219097d5843cfbeb6d6f0efd56a801a083ed76c64cd6d210b282051e2a5
8947e32801f71b12592bd30f5665fd57ed0b2c2bb1e786febf5cab70a62b55b1
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96558e390c183a6863c241276e8ae76116bb91307ab8a591f9dfdf1fa33df9d1
98ca4d5ca29397716a5bc48489630804f94f516f5b488e1956fbb8bf2e2c5228
997e7f6c4136b962cec732d922735900aaa874e3e19b7a8ddd277ada23605451
a05e091bc7b165349b0d661e55560b20a3307f5a7b8ddf62bb2369fbd6c1f039
b120dd71699f10ee1f28a2e428a5d128cb4052aede3a35cdf0170b90a82e514f
b41e0020ff5a4bec857828c37b9a425a5e0024aac1fb1519dd9cf4562f0681ee
c849a2d9a07b6401ec0711ba57479eb94efee5c4ee60035c4dcd94a841066968
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa388e15074912a29f1c94379b429b2f5f35f1cb2ce69ef283924bfe4808d31
d155f8240398ac0ab359d9bbd1c18156e57a15bfc8a161f39bf9b4b4ec7ff37e
d8757ae1d42d691b7e3724f390785c0c99e804b2e4187eec4bf4602fac69d376
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcb4ff341f9e68f68a9d7ea934f37418df5ef5d6ccf7bf562bd5f87bceae8427
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ebcda6faea34bc0d04dd1f2383167341a863f8b80e01c8eb33b98b95f18c16f9
f15ad86949c86e897c2dd0cc59df3b19e589c7e7ba2e75e8df92d9da24cf2d4a
fb40edd1d0456a9eb9d6f10769233a1ac96aa841465b007eb2739c3b580d8351
fca79545021d2989e3d59dd9457c456b774d819cceb685e42a6e537ac9e29ea5
fcb1aa4b8a837bb97c28b697017b5d2f104d961a534af34c18b9281de4129b1a