macusquek.qlitrk.com Open in urlscan Pro
34.202.75.247 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicks.aweber.com/y/ct/?l=D_p2e&m=fxr6gpKxzUlzAw6&b=oXN3h6rJXJCBCwvwXciD9A
Effective URL:
http://macusquek.qlitrk.com/qlick/blocked
Submission: On November 11 via manual (November 11th 2020, 7:38:02 pm UTC) from US

Summary HTTP 46 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 34.202.75.247, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is macusquek.qlitrk.com.

This is the only time macusquek.qlitrk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	204.194.222.24 204.194.222.24	11810 (AWEBER-SY...) (AWEBER-SYSTEMS)
5 34	2606:4700:303... 2606:4700:3037::ac43:a240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3032::681b:a2ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
1 1	50.97.244.203 50.97.244.203	36351 (SOFTLAYER) (SOFTLAYER)
1 3	34.202.75.247 34.202.75.247	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
46	8

1 204.194.222.24 (Blue Bell, United States) 1 redirects

ASN11810 (AWEBER-SYSTEMS, US)
PTR: analytics.aweber.com

clicks.aweber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:3037::ac43:a240 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

link.kennycztan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kennycztan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.kennycztan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::681b:a2ef (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kennycztan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.97.244.203 (San Jose, United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: clkmg.com

www.clkmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.202.75.247 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-75-247.compute-1.amazonaws.com

macusquek.qlitrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	kennycztan.com 6 redirects link.kennycztan.com kennycztan.com track.kennycztan.com	976 KB
8	gstatic.com fonts.gstatic.com	100 KB
3	qlitrk.com 1 redirects macusquek.qlitrk.com	119 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	clkmg.com 1 redirects www.clkmg.com	635 B
1	doubleclick.net stats.g.doubleclick.net	84 B
1	aweber.com 1 redirects clicks.aweber.com	210 B
46	8

	Domain	Requested by
32	kennycztan.com	3 redirects kennycztan.com
8	fonts.gstatic.com	fonts.googleapis.com
3	macusquek.qlitrk.com	1 redirects kennycztan.com macusquek.qlitrk.com
3	fonts.googleapis.com	kennycztan.com macusquek.qlitrk.com
2	www.google-analytics.com	kennycztan.com
2	link.kennycztan.com	2 redirects
1	www.clkmg.com	1 redirects
1	track.kennycztan.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	clicks.aweber.com	1 redirects
46	10

This site contains links to these domains. Also see Links.

Domain
qliker.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-31` - `2021-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-28` - `2021-01-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://macusquek.qlitrk.com/qlick/blocked
Frame ID: E2A38D5FBABDFBB6F9109E1A89E1FC3C
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clicks.aweber.com/y/ct/?l=D_p2e&m=fxr6gpKxzUlzAw6&b=oXN3h6rJXJCBCwvwXciD9A HTTP 302
http://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 301
https://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 302
http://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry Page URL
https://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry/ Page URL
https://kennycztan.com/newgift HTTP 307
https://track.kennycztan.com/macusout091120 HTTP 302
https://www.clkmg.com/kennycztan/macusout091120 HTTP 302
http://macusquek.qlitrk.com/l/kennytan-091120 HTTP 302
http://macusquek.qlitrk.com/qlick/blocked Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

46
Requests

93 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

1210 kB
Transfer

2808 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://qliker.io/
Title: RETURN TO HOMEPAGE

Search URL Search Domain Scan URL

URL: https://qliker.io/free-trial
Title: FREE TRIAL

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicks.aweber.com/y/ct/?l=D_p2e&m=fxr6gpKxzUlzAw6&b=oXN3h6rJXJCBCwvwXciD9A HTTP 302
http://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 301
https://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 302
http://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry Page URL
https://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry/ Page URL
https://kennycztan.com/newgift HTTP 307
https://track.kennycztan.com/macusout091120 HTTP 302
https://www.clkmg.com/kennycztan/macusout091120 HTTP 302
http://macusquek.qlitrk.com/l/kennytan-091120 HTTP 302
http://macusquek.qlitrk.com/qlick/blocked Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://clicks.aweber.com/y/ct/?l=D_p2e&m=fxr6gpKxzUlzAw6&b=oXN3h6rJXJCBCwvwXciD9A HTTP 302
http://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 301
https://link.kennycztan.com/atg/go.php?c=flanaganswipe HTTP 302
http://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry

Request Chain 3

https://kennycztan.com/sorry HTTP 301
https://kennycztan.com/sorry/

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

sorry Show response
kennycztan.com/
Redirect Chain

https://clicks.aweber.com/y/ct/?l=D_p2e&m=fxr6gpKxzUlzAw6&b=oXN3h6rJXJCBCwvwXciD9A
http://link.kennycztan.com/atg/go.php?c=flanaganswipe
https://link.kennycztan.com/atg/go.php?c=flanaganswipe
http://kennycztan.com/sorry
https://kennycztan.com/sorry

212 B
750 B

48ms
48ms

Document
text/html

2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/sorry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d

Request headers

:method: GET
:authority: kennycztan.com
:scheme: https
:path: /sorry
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da8c236e91a938dd52df3508cb7b857031605123460
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 11 Nov 2020 19:37:41 GMT
content-type: text/html
cache-control: no-cache, no-store
x-iinfo: 14-327386359-0 0NNN RT(1605123461444 4) q(0 -1 -1 1) r(0 -1) B10(4,314,0) U18
set-cookie: visid_incap_2386039=aAk9IDn2RHG09x+3YQ8nuIU9rF8AAAAAQUIPAAAAAAAGZRx0PgVpldR6wuOKa8TX; expires=Thu, 11 Nov 2021 16:33:53 GMT; HttpOnly; path=/; Domain=.kennycztan.com incap_ses_245_2386039=oW++FpBe9GQ+GhEFYGpmA4U9rF8AAAAA78ELX/zJlHtcgdpTBX9Q1g==; path=/; Domain=.kennycztan.com
cf-cache-status: DYNAMIC
cf-request-id: 065a696b320000062184b2d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eijjzToknAEXtrkK15Srah7a6C4k3Dqc8qHspY3eS41i68wlMbqR0weMqQ4BIr5n8fZ2AJFhxMU6o7AbNYZhsHKyI07sVvSkKYYcJuFFT7SSMIUh5FKAgrkXcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f0a78251c940621-FRA
content-encoding: br

Redirect headers

Date: Wed, 11 Nov 2020 19:37:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 11 Nov 2020 20:37:41 GMT
Location: https://kennycztan.com/sorry
cf-request-id: 065a696b00000016e68a920000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bE%2BgMBnFuY30W7xpQ5Q5zwNI4ED%2BEM%2F9lPxBkESnRl55eFRKovWVq2EhrNLiuZICC1gcC54ZhPLvqxL3sNlCcvVUJcVUfFSB0jBDV5nSjlGfRL4iNEZh7mH4IA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 5f0a7824cb5d16e6-FRA

GET
H2 200 _Incapsula_Resource Show response
kennycztan.com/ 164 KB
23 KB 50ms
50ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05cb26b1af973f36227f9257eb6a0f6aeabf44e50b9ea868cf5281808d217946

Request headers

Referer: https://kennycztan.com/sorry
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zBjtQNsTbEkDoZ7XOOM0yjWNJ432gUVonicCxwas%2BKZSqQv0gRIYdBwDH%2F1qzzUbSsLrzFSo3GdUs8Gt7oTp7U3hSQuptKsm598tPlaMV%2BvU6BAtqNMC9Zp8%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: no-cache, no-store
cf-ray: 5f0a78257da00621-FRA
cf-request-id: 065a696b680000062192bba000000001
x-robots-tag: noindex

GET
H2 200 _Incapsula_Resource
kennycztan.com/ 29 B
313 B 29ms
29ms XHR
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/_Incapsula_Resource?SWHANEDL=4034429842664336516,9323598040756771115,13660181525356806221,1393766
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kennycztan.com/sorry
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GCWKuiJJWJrXyAYZkmsAXqb7a9Cx0gO6J6frMzK981P73G5pMrafE2Dmg6uvmn1qnd%2FAF1YYFpA5WkVXFiM5OIbTu5bdF062LJVdZWhRttzIFIkJqw%2FcAVfXag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cache-control: no-cache, no-store
cf-ray: 5f0a7825eeff0621-FRA
content-length: 29
cf-request-id: 065a696bb60000062134322000000001
x-robots-tag: noindex

GET
H2

200

/ Show response
kennycztan.com/sorry/
Redirect Chain

https://kennycztan.com/sorry
https://kennycztan.com/sorry/

71 KB
22 KB

1669ms
1668ms

Document
text/html

2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/sorry/
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46c35066107a9e96f5aff32689dbd4dec5befbe8514eeb57718db94cbd206d27

Request headers

:method: GET
:authority: kennycztan.com
:scheme: https
:path: /sorry/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://kennycztan.com/sorry
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da8c236e91a938dd52df3508cb7b857031605123460; visid_incap_2386039=aAk9IDn2RHG09x+3YQ8nuIU9rF8AAAAAQUIPAAAAAAAGZRx0PgVpldR6wuOKa8TX; incap_ses_245_2386039=oW++FpBe9GQ+GhEFYGpmA4U9rF8AAAAA78ELX/zJlHtcgdpTBX9Q1g==; ___utmvc=tqxBD3MDfGJUCLighghovcUVbHJQRVgY4KQAgnvukSWzvFB4Bvt5OVLXbrwagfB+Ql7Gz/66T97so1CTSUekRR8l4Jm5M3MyJfCwj0ggLGHi82E87p1HKjYry8lJkMET6uvJDE4IGP6J7OyHrKzZKCZTTRQf98/vMxsCI6teLlTP0ouHWfqdR2T8YogpQTtBGIviqywvHBFfHWNlEV1EoViJjmxzPLqtSIltbpnI720ENQx3xJYzs+Alfocq7YLGdcgSpuk3fSz6G7CdNSbuEKaUAmZiR55zuRSMP/DVYwqr/hCL6Vm81MB+Acesd3t4QihRBHBAdWJntqa9r8NOH3cDBnjF6jPJZDMYClT/n2Brhg73ZJ4ALTVLFbXR68qZcVk2HQ1GYMdWYx4mK8NFgziRdE/2Zc2tpO5upNLPJ6Er3JEm7IJQpyOTnYtzhvikSJsUmaLFQDU27lxCeBAp99OfN67h4EmGRBUvSuNCMP6e9ytDZn6G8Anl1Pv9UdLWaaf35hnTSRUL4SDbbOfqlgkfdklQ6Foj2Ridop+dKSiXTfOiBwGuhwWgpoDBuCxKRsDt6jkGEKuXjjG8Uro9F6O5CWecUq+WrlyRpYBBWhrX5mttFLIooUJj/wq248XzAGaEEqa1yPxaOGASqbKiiuQzJ+WB6PopXKRBmWUMAmYC1/kLMYThP7gwLalWIDjvmvY2e61qHvifgsGcOnq5cw2Z+paulz37G4OMSD6fJTsSS3LtqkoEE35y0sGAbEKtlVmFQY4vrurZ03JxNrfgWkwodZcQYPTT7BR/nvWZucwR08I8SxqKDPCssdxgCOIKfzoBGp5pB6aMPIw8hNmR5GV9vl96Yz/xn80Q+CFKcTyGqYa8L/3TH4s04xLIdbnul5x5633vKq6IpVfLTCmcJH9tLQ7cvxO42Z82Hljd5OEmzYK3sA3a+dHTKEQhwgMClz51Sq/8ZnghhnVeLFYqXNRaOkCUMqF+6EMuFIJM44px6Ke1wJgUMbGSofhsREZTW/QICkSBl8qa40SMTge56If8U2SybaOAsPWasZAXkt6RhIXmPKqJAM+IboZqRjwwJ/m5VubaK162CNot24PoKwct45tsMybuPrSS21iuYE4Jz5fyN3ANkfaxySRure4KkAhcKAXbLLxEIGq4fQVtAAwNwI4iexOd64VAAnTw4sK7A5MBjjeJ2RCKrRGy1svX1ru/lYxBo2tkP/FscZiE//+/yHC3HDttq0SxI/0LynfFezl32S6dJ3uvoRV6auhnq5fCRTlZMuNEExM2noWgrRl0kldGTqX5wnzAcjVzDxFjAGWd3Py4eHwXNX8LFxWr6yQ4qPMAsPBur1Zs5WTNBKFng5dg0C/ut5EMPKk8RmNLQNFmunjsStN/h0iqB7Dktep0OJxz38RYCKQjk5d+7nB0y8JeciEP3IKpOXqhI8SeRQjG4QeuGl88n6+AzOFYEQtxwevWj5lk1Ar+ib3rekIg9EvNkzTs2HuhE5jPJI0U8SRIHYKVdi1Z/TFppdj37QJpf9JRvBkNVyHcqJgPo/iKzVMbqN7jwKin4jIHYXu8lAXAYYn7pqXPwXwwGT/ccA/MqfeUBvmpzUa0j83I3oFxbTL++UfdBIWCM1Bjz7TnZGQalA5OacJi1qvr580cFJQbTs/dKDRPmVFPv11ApnAxUL7YyhfFrfuNEw2NSe2n5a1B4QPNLgxi20JAxj+fjqmTPQTPqHRlAs1o0WxNGWtcok39oWO+CD3dyY7tyUXnU5q63/OAjSLUL3pYWf+0dNnIDkmkvRuM9foacN2Ti/9R0zPzxqPHkvLFnN8SqflCR2fZ29+YVsYge+uid2JJvCq46WgNhotTEg55Zo7XK9q8Ps4yFSIAYJhuG1Lk9brRFEysAI1VPtyufMv0cPi7UnsOgn06ZFnLJyQAIpifEHdNqOFOCa7/o1jDZ9PGS09vMyxkaWdlc3Q9MTM0OTc3LHM9N2ZhNjhjYTc5MDgwODdhZDc5OGM4YThhOTQ4MGFiOGU4MGEyNjA2MzhkYjM3YjdhOTg5YzdkODM4MThlOTVhNTk3YjI5ZTcwODQ3NDcxNzY=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kennycztan.com/sorry

Response headers

status: 200
date: Wed, 11 Nov 2020 19:37:45 GMT
content-type: text/html; charset=UTF-8
link: <https://kennycztan.com/wp-json/>; rel="https://api.w.org/", <https://kennycztan.com/?p=4308>; rel=shortlink
cache-control: max-age=300
expires: Wed, 11 Nov 2020 19:42:44 GMT
vary: Accept-Encoding
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sun, 25 Oct 2020 16:28:16 GMT
x-cdn: Incapsula
x-iinfo: 0-17431530-17431531 NNNN CT(119 127 0) RT(1605123463306 13) q(0 0 2 -1) r(3 16) U12
cf-cache-status: DYNAMIC
cf-request-id: 065a6972830000062191902000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FrIFKUVuzTOKb28wKKm4SwdMy6Z4%2Bh3qc5TnZCq%2F4hDI9fCKn0H%2BVNZ%2BnLrrpsEbtYnygS3jydv6zpgPPRArG3HuXBOs4jx5XDRBoVzPET6dczY6PPBae8Jchg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f0a7830d8f00621-FRA
content-encoding: br

Redirect headers

status: 301
date: Wed, 11 Nov 2020 19:37:43 GMT
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
location: https://kennycztan.com/sorry/
x-cdn: Incapsula
x-iinfo: 5-198976263-198976265 NNNN CT(119 126 0) RT(1605123461555 33) q(0 0 3 -1) r(4 17) U11
cf-cache-status: DYNAMIC
cf-request-id: 065a696bd6000006214c97d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8WWJOwnDSjVQuxtCfhWur2g454FDIO%2FoRfZGNOUDRgdRtIwCQaByenqDGD0AdpfVFsUQ5WCPYD2e8f3bQXBFH7ypwqFJVT5ZvxIxR4jJVBlAlUt1LzTVldwLLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5f0a78262f9d0621-FRA

GET
H2 200 _Incapsula_Resource
kennycztan.com/ 1 B
306 B 24ms
24ms Image
text/plain 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kennycztan.com/_Incapsula_Resource?SWKMTFSR=1&e=0.0007724858979110127
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://kennycztan.com/sorry
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:42 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v%2FoK%2B0ab0%2BVYO8lwQTu9gD%2FBq%2FxnUPiy7%2FlW%2BKaN6CyGKPT8%2FDCPffk%2FC8yKqj6V2DQEXB4uF%2F216CXMLTOHE79Iqlaw5CcV9rLkCbVuVSnk8p95tUTRX3yD%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
status: 200
cache-control: no-cache, no-store
cf-ray: 5f0a78264ff60621-FRA
content-length: 1
cf-request-id: 065a696bee00000621761eb000000001
x-robots-tag: noindex

GET _Incapsula_Resource
kennycztan.com/ 0
0

GET
H2 200 base.css
kennycztan.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/ 700 B
646 B 37ms
31ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/thrive-visual-editor/landing-page/templates/css/base.css?ver=2.5.8.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 14-327387406-0 0CNN RT(1605123464984 7) q(0 -1 -1 -1) r(0 -1)
cf-request-id: 065a697914000006214c333000000001
last-modified: Tue, 01 Sep 2020 05:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9Qvfd%2Bg%2B1rdK3pOkiBN2mz7PTWHIOZNUyOeDPwyQr%2BrgRWJQdZCdr5EREiyTNrF2aBUAu%2BbzlQfG68nXBAX4PwwqMBG8Ll4uLIKoA8%2FUmgtfJSg%2BlpNkMi25jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2242033
cf-ray: 5f0a783b59680621-FRA
expires: Mon, 07 Dec 2020 18:24:57 GMT

GET
H2 200 style.min.css
kennycztan.com/wp-includes/css/dist/block-library/ 29 KB
5 KB 33ms
28ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 10-330015829-0 0CNN RT(1605123465331 4) q(0 -1 -1 0) r(0 -1)
cf-request-id: 065a697914000006215fb7a000000001
last-modified: Sat, 18 May 2019 08:44:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RY7LC9lZHff881fU2eo26LoEjF9OkbJqPm7AmEORnOV34L0Br1dobb%2BK56cD%2F2fM9ZH4TEtlLKCa%2BfCbUOyvCemRzgDjLnU%2FykDIFR%2FSQ%2BSHuxA3j7VcMXsHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1579773
cf-ray: 5f0a783b59690621-FRA
expires: Mon, 30 Nov 2020 02:27:18 GMT

GET
H2 200 thrive_flat.css
kennycztan.com/wp-content/plugins/thrive-visual-editor/editor/css/ 634 KB
65 KB 51ms
45ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/thrive-visual-editor/editor/css/thrive_flat.css?ver=2.5.8.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b47087f6a82a55a8805d26bc51d40700d34ea823d10dd01889dc5cfc76816764

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 12-195910390-0 0CNN RT(1605123465345 5) q(0 -1 -1 5) r(0 -1)
cf-request-id: 065a6979140000062174066000000001
last-modified: Tue, 01 Sep 2020 05:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JB%2FisWTw1j1yRs6m6DJj2K%2FLRNC9j6AmPaSPK95zGO5%2BHZZqyd%2BvLi3JHpG62WfGBsevfppWK5vbYBrjvJVgLlp63NZrSY2m0OPAvZPwZO0QkCIWGdNGd4HNFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1129688
cf-ray: 5f0a783b596b0621-FRA
expires: Tue, 24 Nov 2020 21:25:53 GMT

GET
H2 200 style.css
kennycztan.com/wp-content/themes/twentyseventeen/ 81 KB
15 KB 58ms
53ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/themes/twentyseventeen/style.css?ver=5.2.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52979920b758273d9b08cceffd10db0ff487ccc9a4bc2cb62c2df5390ced8a82

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 5-249969497-0 0CNN RT(1605123465350 6) q(0 -1 -1 0) r(0 -1)
cf-request-id: 065a6979290000062176389000000001
last-modified: Tue, 29 May 2018 09:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wm4sIOU1tlELC6GkxDO%2Fa3MqTuFvjHqdUWgHB9xFTw6zC%2FRd0QzyrElJbcpsoTz5Uc0oh2N24Or2YNJZSqs1frh7RJcBqgbIonGyxM3WF%2Fxmb%2B5XGwbv5LGsaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1579774
cf-ray: 5f0a783b596d0621-FRA
expires: Mon, 30 Nov 2020 02:27:19 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
675 B 21ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Requested by

Host: kennycztan.com
URL: https://kennycztan.com/sorry/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b828e3a3e82cfdaa297838da882635ea336e80ee5985a530735ebc27e200dd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 19:24:31 GMT
server: ESF
date: Wed, 11 Nov 2020 19:37:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Nov 2020 19:37:45 GMT

GET
H2 200 style.css
kennycztan.com/wp-content/themes/minimal-2017/ 6 KB
2 KB 34ms
29ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/themes/minimal-2017/style.css?ver=5.2.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039c9c0b428cfdf3659080ffffe82890c82ae2ed282f2e2e188baa1115372462

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 3-185847057-185826709 2CNN RT(1605123465143 4) q(0 0 0 0) r(0 0) U18
cf-request-id: 065a69791500000621a9248000000001
last-modified: Tue, 29 May 2018 09:53:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=atNSxyv1BmM889r43SEu3XuOWC307hzCAAJEGDCl0qyUh4Jvc22fmStagiSp44if3ozeECf80NKeY5PB4e0sJQ05yukGGbiyLV8VOZH0xiPeb0ggwVY7ffdHMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=1800058
cf-ray: 5f0a783b596e0621-FRA
expires: Wed, 02 Dec 2020 15:38:42 GMT

GET
H2 200 default.min.css
kennycztan.com/wp-content/plugins/optimizePressPlugin/lib/assets/ 395 KB
52 KB 56ms
51ms Stylesheet
text/css 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/optimizePressPlugin/lib/assets/default.min.css?ver=2.5.13
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d523a3d1c1de051b11ecc17709cdf490fd2c4caf10f13417e2c74569ad6d79fd

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 7-70245409-0 0CNN RT(1605123465076 6) q(0 -1 -1 0) r(0 -1)
cf-request-id: 065a6979150000062180312000000001
last-modified: Wed, 24 Apr 2019 15:05:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TijcDwy6aRCm5Zpi%2BjJ4sWXw56VPY5%2BMiOCXAySaAQ7PfFmvQ0bxLB2QhcvmUX2xxLwctIOdX1IffNWI7S412z4tAnK3XC3SIneHE%2Bd51mybgtDd7rBakTEX4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2283138
cf-ray: 5f0a783b596f0621-FRA
expires: Tue, 08 Dec 2020 05:50:03 GMT

GET
H2 200 jquery.js Show response
kennycztan.com/wp-includes/js/jquery/ 95 KB
32 KB 37ms
33ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 3-109605318-109599974 2CNN RT(1605123464504 4) q(0 0 0 0) r(0 0)
cf-request-id: 065a697915000006214e8a6000000001
last-modified: Wed, 22 May 2019 01:37:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r7ElRGHG9Eha%2BoK96vhGspSFcz4RSrQ4trMx0gm62nYEDG7TY2IJEavS9wfG9iIrbLYtVmYL%2Bcd%2BkCa0lJNqKcRMiaYUdO9VimrA75iegXH2zkIzd69qq9Tuvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20364
cf-ray: 5f0a783b59710621-FRA
expires: Thu, 12 Nov 2020 01:17:08 GMT

GET
H2 200 jquery-migrate.min.js Show response
kennycztan.com/wp-includes/js/jquery/ 10 KB
4 KB 34ms
29ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 7-107194520-107188273 2CNN RT(1605123465175 5) q(0 0 0 0) r(0 0)
cf-request-id: 065a69791500000621ac35b000000001
last-modified: Tue, 20 Sep 2016 18:48:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fZ4wt4b8pBCVUjt7fObzzLhR7KayFVYlil2vfUiEdp40qsK9%2BvrUPMUQlQjkpGbTzwQ7%2B1Bs46R33H4caqxya7qB6n2F%2FnCVrDYiZJnx374qygWaxCr8J9EeyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20365
cf-ray: 5f0a783b59720621-FRA
expires: Thu, 12 Nov 2020 01:17:10 GMT

GET
H2 200 op-jquery-base-all.min.js Show response
kennycztan.com/wp-content/plugins/optimizePressPlugin/lib/js/ 51 KB
15 KB 47ms
43ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/optimizePressPlugin/lib/js/op-jquery-base-all.min.js?ver=2.5.13
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8cf0021767c285eadfc3a92caf0f0201e64db6f788fea544ee534623a682e3

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 0-84419218-84416816 2CNN RT(1605123464855 13) q(0 0 0 0) r(0 0)
cf-request-id: 065a697915000006215ba92000000001
last-modified: Wed, 24 Apr 2019 15:05:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=purpJ64%2FEyNigCu5mlWsfMnxJybeDQ5%2BTs9dVEXQ2VvVrMDZJJe8ofsOJEPSIZn2l5pZJ1zhyE8Oq2bRBcysfrqjao9b5rVFPWe83S4SI9rjue2Sll%2Bs6Dt1Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20364
cf-ray: 5f0a783b59730621-FRA
expires: Thu, 12 Nov 2020 01:17:08 GMT

GET
H2 200 frontend.min.js Show response
kennycztan.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 60ms
57ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.12.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 2-63407658-63396096 2CNN RT(1605123465201 3) q(0 0 0 0) r(0 0)
cf-request-id: 065a69791600000621a5b7b000000001
last-modified: Tue, 01 Sep 2020 05:34:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o5JFudGRVXbVemiQuRclyM8h%2Bl%2F%2BA14rQMU6Miylt6oFSPTVnIkgyk4GYmx3ADe61kw2xnau9WZzFCLcuFyWKzhncL5%2B%2FlV6zJZr2hBfzRd8debK%2B94sqKmgdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=20364, public
cf-ray: 5f0a783b59740621-FRA
expires: Thu, 12 Nov 2020 01:17:09 GMT

GET
H2 200 moxie.min.js Show response
kennycztan.com/wp-includes/js/plupload/ 87 KB
27 KB 32ms
28ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/plupload/moxie.min.js?ver=1.3.5
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76ef78f23be04bbb49a83253e2517851eb1dc2f4345eaeaa4dafadc40a33175e

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 8-123748522-123745972 2CNN RT(1605123465332 4) q(0 0 0 0) r(0 0)
cf-request-id: 065a6979160000062197372000000001
last-modified: Thu, 16 Nov 2017 03:51:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8339lIeDDWQbiLhA%2B2M9pQSmiwUNzTIP4IgwU%2BD9QTN7AbHrRvkfbgLuvvHQ3yCXReNE4OrQkaR28fgTDPfhTg8SxeRFpPr69P7N%2B2%2Fu5L9kKlnHiZRG7jOdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20363
cf-ray: 5f0a783b59760621-FRA
expires: Thu, 12 Nov 2020 01:17:08 GMT

GET
H2 200 plupload.min.js Show response
kennycztan.com/wp-includes/js/plupload/ 15 KB
6 KB 30ms
27ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/plupload/plupload.min.js?ver=2.1.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8972f83af6969622e9c255e462d71816019bcdeedea426f688c2b56f276d186

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 4-269639456-269638648 2CNN RT(1605123465067 3) q(0 0 0 0) r(0 0)
cf-request-id: 065a697916000006218405b000000001
last-modified: Thu, 16 Nov 2017 03:51:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2BlwH%2B61h6mmp8Gme29dSwJq0XmsMd3MO0YQBjhlsj0%2FaWcaNPViqQ7dTw5bVFVUUUcjdO2J5HqMeOoBeNJJS9BIKLAsVMuQgVifSAgP121Cz6Gc7etqPFgWaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20364
cf-ray: 5f0a783b597a0621-FRA
expires: Thu, 12 Nov 2020 01:17:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
680 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin

Requested by

Host: kennycztan.com
URL: https://kennycztan.com/sorry/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82c84fc009ff0bb8f590af83ee1c0416f5905ebace92f638bca5900d1c751989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 19:37:45 GMT
server: ESF
date: Wed, 11 Nov 2020 19:37:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Nov 2020 19:37:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kennycztan.com
URL: https://kennycztan.com/sorry/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1317
date: Wed, 11 Nov 2020 19:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 11 Nov 2020 21:15:48 GMT

GET
H2 200 wp-emoji-release.min.js Show response
kennycztan.com/wp-includes/js/ 13 KB
5 KB 539ms
538ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/wp-emoji-release.min.js?ver=5.2.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b58ca72232ff84e6c4e6a60cb232275c70b361aa4253caa1ad290c82488e709

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:46 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 9-165020535-165018226 2VNN RT(1605123465401 5) q(0 0 0 8) r(5 5)
cf-request-id: 065a69795c000006217a814000000001
last-modified: Sat, 18 May 2019 08:44:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0fFCOhOSwoHfGp9UJCq4CDjJgtFo9eWsau84BXRT71b0u5euKadZWuN3CD2dUNme5mIhK%2B8iTes%2BbWVxmNjHFAr9LhihEp0shjxaK2vCgsQ2ClU2EhudhJ3z8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=21600
cf-ray: 5f0a783bcb280621-FRA
expires: Thu, 12 Nov 2020 01:37:45 GMT

GET
H2 200 beach-2836300.jpg
kennycztan.com/wp-content/uploads/2019/07/ 499 KB
500 KB 43ms
42ms Image
image/jpeg 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kennycztan.com/wp-content/uploads/2019/07/beach-2836300.jpg
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf18784df1f80cb7db4a33d704eb5b18933106afd6bc96b52502eee41ca282f2

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 10-98984574-0 0CNN RT(1605123464608 4) q(0 -1 -1 9) r(0 -1)
content-length: 510975
cf-request-id: 065a69797c0000062187178000000001
last-modified: Tue, 30 Jul 2019 14:51:45 GMT
server: cloudflare
etag: "13466031"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HXZfRDt304E69y0LeED2y4%2F9fYVA9hpDzKkBJxp3p4C6cslSF7GSmBeXWerYXpNHKDDfupXmp8kGcaKpY%2B%2BUGmcHx5tkCHlyfgZa5GoQR2aWBf0fzrcrpzjgdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=26028808, public
accept-ranges: bytes
cf-ray: 5f0a783bfbaa0621-FRA
expires: Thu, 09 Sep 2021 01:51:12 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 13ms
13ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-100084665-1&cid=497027347.1605123466&jid=1965150586&gjid=991846157&_gid=74073676.1605123466&_u=YGBAgUABCAAAAE~&z=329960123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Nov 2020 19:37:45 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://kennycztan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1216802210&t=pageview&_s=1&dl=https%3A%2F%2Fkennycztan.com%2Fsorry%2F&ul=en-us&de=UTF-8&dt=Sorry-%20gift%20redeemed%20-%20Your%20Motivational%20Journey&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=1965150586&gjid=991846157&cid=497027347.1605123466&tid=UA-100084665-1&_gid=74073676.1605123466&z=2058861850

Requested by

Host: kennycztan.com
URL: https://kennycztan.com/sorry/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Nov 2020 10:17:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33588
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sorry-1138680_1920-768x576.jpg
kennycztan.com/wp-content/uploads/2019/11/ 127 KB
127 KB 44ms
41ms Image
image/jpeg 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kennycztan.com/wp-content/uploads/2019/11/sorry-1138680_1920-768x576.jpg
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab98e23365f67f5569c3468bf58e4c1996756584d5865b8c8f3b3241c42b23b

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 3-150024106-0 0CNN RT(1605123464895 11) q(0 -1 -1 0) r(0 -1)
content-length: 129912
cf-request-id: 065a6979920000062174071000000001
last-modified: Fri, 08 Nov 2019 09:28:46 GMT
server: cloudflare
etag: "03644024"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2QxGIDUrENLmtqPZxJfpzo3c%2F0xyux91cNLYK%2FeOiItoC0O7eqWE9nodITTpdkS0YnEB26htz%2B%2Fj7MZMvzmzWQDC96u%2F%2FvaTq8X6Ak1%2B4PZvqbxxjg%2BfpvvwQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=26028808, public
accept-ranges: bytes
cf-ray: 5f0a783c1c0f0621-FRA
expires: Thu, 09 Sep 2021 01:51:12 GMT

GET
H2 200 imagesloaded.min.js Show response
kennycztan.com/wp-includes/js/ 8 KB
3 KB 47ms
44ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9de4fee7b8b7ea60fbffaa6dfd453f04d8720ca4bb8c1604bcd9321a410e21d1

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 11-153933922-153933924 2CNN RT(1605123464693 9) q(0 0 0 0) r(0 0)
cf-request-id: 065a69799400000621340ee000000001
last-modified: Sat, 18 May 2019 08:44:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lmp9W%2FkuCx2Eyy9IGdib2s3FuOeSRyDd5Nwmm3xkx1%2FoVaXpCk%2BvSOFWT%2FxjEA%2Ft8NmDBx8yepiuKtAgSA8XkCzvdxqu6K1nUKR0qHDxsPcnmsxM%2F4K16eRKzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=20365, public
cf-ray: 5f0a783c1c090621-FRA
expires: Thu, 12 Nov 2020 01:17:09 GMT

GET
H2 200 masonry.min.js Show response
kennycztan.com/wp-includes/js/ 28 KB
8 KB 32ms
30ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481775697a210ecddb9f82c87ff23dd2a8a9f2476fea3bff4dabb97fd41cdae1

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 10-313237045-313231503 2CNN RT(1605123465285 4) q(0 0 0 1) r(0 0)
cf-request-id: 065a697992000006213f99f000000001
last-modified: Sat, 18 May 2019 08:44:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HyG0ODuc1O%2BPAOwi2L9vhlDEMxDsXjp%2FaWHzXM2l6IPK%2FLNViCCoRnIqSes1JJc%2FrceKpsWjMvxzY6mzFJrCc9cVzZqK7lBgbMvfhnIBsSmWrsEP9iJRt5xQqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20365
cf-ray: 5f0a783c1c0c0621-FRA
expires: Thu, 12 Nov 2020 01:17:10 GMT

GET
H2 200 jquery.masonry.min.js Show response
kennycztan.com/wp-includes/js/jquery/ 2 KB
906 B 53ms
51ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ec460d72ba1b696348776c4c8185740f96de88903fff4bdf42301ef725babe

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 5-280802995-280800841 2CNN RT(1605123465133 11) q(0 0 0 3) r(0 0)
cf-request-id: 065a697992000006218f1ff000000001
last-modified: Tue, 20 Sep 2016 18:48:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=29tbG5%2FZgD%2BCBg68ebZRZCClf5qJEVQwo%2FGUqrLjoSsr7imrNFEcUqtKZBizriAe7NykLtN0S4rl1RraEq8V840KgOp%2FT5u9Ddy6ERCCM%2Fo3db9jceZuNVsMLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20366
cf-ray: 5f0a783c1c0d0621-FRA
expires: Thu, 12 Nov 2020 01:17:11 GMT

GET
H2 200 frontend.min.js Show response
kennycztan.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/ 184 KB
49 KB 52ms
51ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.8.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0138598f93aeadd883c9c443c1a46ce6019cfa75c0645e953a39e4d7b4444eb

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 10-135970199-135969209 2CNN RT(1605123465437 8) q(0 0 0 1) r(0 0)
cf-request-id: 065a6979b4000006218406b000000001
last-modified: Tue, 01 Sep 2020 05:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LTyerSbIUnscH0Qk8nhZWICFTgUQ5y6D4tBBZPoBO5H5we6AV%2FZdl4GAoLqIt0eo3qXvOy0ATcP2ErKnnuuh6AJD6uVhLM0UnbsiqNxejThbE9fxb98pn8ErsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20366
cf-ray: 5f0a783c4c790621-FRA
expires: Thu, 12 Nov 2020 01:17:11 GMT

GET
H2 200 skip-link-focus-fix.js Show response
kennycztan.com/wp-content/themes/twentyseventeen/assets/js/ 426 B
543 B 31ms
31ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/themes/twentyseventeen/assets/js/skip-link-focus-fix.js?ver=1.0
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 9-76659578-76646166 2CNN RT(1605123465433 4) q(0 0 0 0) r(0 0)
cf-request-id: 065a6979b00000062165a2a000000001
last-modified: Tue, 29 May 2018 09:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KBUPcMSVApVSOFbl35uwLRIGrnsiuyn5xDltDxN4hSSRcenr7Z0GmLiCQ%2F6STbkSNvONr0QEm5povh1PBG%2BVsxes3OZrVfVg3DwyXbwwa5GubmP6HkXlYmTsag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20365
cf-ray: 5f0a783c4c7c0621-FRA
expires: Thu, 12 Nov 2020 01:17:10 GMT

GET
H2 200 global.js Show response
kennycztan.com/wp-content/themes/twentyseventeen/assets/js/ 5 KB
2 KB 39ms
38ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/themes/twentyseventeen/assets/js/global.js?ver=1.0
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7e83b556ae746f1cac9136d2ad6a3d33cafe4b56fa4af0133bc9960f7af41d4

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 3-83438502-83438177 2CNN RT(1605123465507 7) q(0 0 0 0) r(0 0)
cf-request-id: 065a6979bc000006213ca00000000001
last-modified: Tue, 29 May 2018 09:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=464mw0iuTAlmM1KWiIz5WUL6dhWbhIktQKlqevEWHAUMY30E8JGK9WgMOaGhz%2FChzW1EkMOFcV00tok%2BP7ra3%2FybrNWoLJFRnUDi5%2FaA%2Bn2mOBXg5KyZ7gnunA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=20366, public
cf-ray: 5f0a783c5cb00621-FRA
expires: Thu, 12 Nov 2020 01:17:11 GMT

GET
H2 200 jquery.scrollTo.js Show response
kennycztan.com/wp-content/themes/twentyseventeen/assets/js/ 3 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b12cf36d40b54cab9ad0dec5a9e4d935f3f01a8c01a0b8a722ee58d278d940b

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 0-110723616-110723418 2CNN RT(1605123465500 4) q(0 0 0 1) r(0 0)
cf-request-id: 065a6979bd00000621ae987000000001
last-modified: Tue, 29 May 2018 09:53:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IwyI01JFmDJ7S3ihVyk0ZJs23YkWYroQzPHuuToWoaNJ0796GiXnCDvjLp1ekpBGP%2FsFFEcX9VLg%2Fz81HZA55JDkzPa0OZpym0ol1%2BXbdv4JuUrcRpMmFRoYTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20366
cf-ray: 5f0a783c6cbb0621-FRA
expires: Thu, 12 Nov 2020 01:17:11 GMT

GET
H2 200 frontend.min.js Show response
kennycztan.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/ 3 KB
1 KB 34ms
33ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-content/plugins/thrive-visual-editor/thrive-dashboard/js/dist/frontend.min.js?ver=2.3.0.2
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 5-262256480-262213905 2CNN RT(1605123464943 8) q(0 0 0 -1) r(0 0)
cf-request-id: 065a6979c700000621a134a000000001
last-modified: Tue, 01 Sep 2020 05:34:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=REpEH0B0zKjc%2FxZh5nr9yydwPWyVwE1Nmd2JDIDd8SK9gZwruDLa7s9rtBBm280EA5aCoZYgLiNKNabUbrzwZCz93c21DIwT%2BGMyWDGsi3%2FPy00io1r%2BjsvqaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20366
cf-ray: 5f0a783c6cd80621-FRA
expires: Thu, 12 Nov 2020 01:17:10 GMT

GET
H2 200 wp-embed.min.js Show response
kennycztan.com/wp-includes/js/ 1 KB
1015 B 30ms
29ms Script
application/javascript 2606:4700:3037::ac43:a240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kennycztan.com/wp-includes/js/wp-embed.min.js?ver=5.2.9
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/sorry/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://kennycztan.com/sorry/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 11 Nov 2020 19:37:45 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cdn: Incapsula
status: 200
x-iinfo: 10-98984581-98978791 2CNN RT(1605123464692 7) q(0 1 1 -1) r(1 1)
cf-request-id: 065a6979d10000062147241000000001
last-modified: Mon, 24 Dec 2018 04:11:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tJXPeqLfDgH6BZzjVZBVNKvjHxWZY7wGquOVHZ66h8wbQ2dswbRJBXb4PhyY3hPnnNuYUs%2FSRXTZM6E9cxLUiyGz5P79XBimEQqIBEb6dayR5QiwZ%2BuBWzmogQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=20366
cf-ray: 5f0a783c8d040621-FRA
expires: Thu, 12 Nov 2020 01:17:10 GMT

GET
H2 200 5aU19_a8oxmIfJpbERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v11/ 9 KB
9 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfJpbERySjRhc9V0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4e294d541e0ac9f07c7f1a3433f3653da436f4ed90d538a73657a2836c24b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://kennycztan.com
Referer: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 15:55:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:44 GMT
server: sffe
age: 445327
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8744
x-xss-protection: 0
expires: Sat, 06 Nov 2021 15:55:38 GMT

GET
H2 200 5aU19_a8oxmIfLZcERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v11/ 9 KB
9 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfLZcERySjRhc9V0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3864e68c92a78de7d1309478ac5e9c59d7df8551fc188d3cd5e0fe3b197d509

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://kennycztan.com
Referer: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 11:22:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:45 GMT
server: sffe
age: 288920
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8780
x-xss-protection: 0
expires: Mon, 08 Nov 2021 11:22:25 GMT

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v6/ 27 KB
27 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v6/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://kennycztan.com
Referer: https://fonts.googleapis.com/css?family=Libre+Franklin%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C800%2C800i&subset=latin%2Clatin-ext
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 05 Nov 2020 22:16:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:30 GMT
server: sffe
age: 508874
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27260
x-xss-protection: 0
expires: Fri, 05 Nov 2021 22:16:31 GMT

GET
H2 200 5aU69_a8oxmIdGl4BDGwgDI.woff2
fonts.gstatic.com/s/hind/v11/ 8 KB
9 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU69_a8oxmIdGl4BDGwgDI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://kennycztan.com
Referer: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 11:22:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:13 GMT
server: sffe
age: 288924
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8672
x-xss-protection: 0
expires: Mon, 08 Nov 2021 11:22:21 GMT

GET
H3-Q050 200 5aU19_a8oxmIfMJaERySjRhc9V0.woff2
fonts.gstatic.com/s/hind/v11/ 8 KB
8 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v11/5aU19_a8oxmIfMJaERySjRhc9V0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f8400caf8e573c92e3ebf4b8f3f125911241cd2cbb09744cf9716051de566e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://kennycztan.com
Referer: https://fonts.googleapis.com/css?family=Hind:400,500,300,600&subset=latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 07 Nov 2020 04:42:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:06 GMT
server: sffe
age: 399297
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8328
x-xss-protection: 0
expires: Sun, 07 Nov 2021 04:42:48 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set blocked Show response
macusquek.qlitrk.com/qlick/
Redirect Chain

https://kennycztan.com/newgift
https://track.kennycztan.com/macusout091120
https://www.clkmg.com/kennycztan/macusout091120
http://macusquek.qlitrk.com/l/kennytan-091120
http://macusquek.qlitrk.com/qlick/blocked

4 KB
3 KB

203ms
203ms

Document
text/html

34.202.75.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://macusquek.qlitrk.com/qlick/blocked
Requested by: Host: kennycztan.com
URL: https://kennycztan.com/wp-content/plugins/thrive-visual-editor/editor/js/dist/frontend.min.js?ver=2.5.8.2
Protocol: HTTP/1.1
Server: 34.202.75.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-247.compute-1.amazonaws.com
Software: nginx / PHP/7.4.11
Resource Hash: 2dffba50b266436c3a383e6624044ea33a0f3c89e84d91b2c145940f4eebdfcf

Request headers

Host: macusquek.qlitrk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: XSRF-TOKEN=eyJpdiI6IkhJRTZObFZjSi9EdW5RNzdZOVNjNEE9PSIsInZhbHVlIjoiVnNlUVdDTkd1UDN1WFpWWis1Yzd6SzFzamdvcjhjU0pZRU4vclhKUVgreS9FZVpaSkpQRGNiK0o5bnlQTTdZYkU2S1pBcXZjUW1jUFl0Y056aWpaUi8yWGUyWFluMVl1WklEMS9GQzc4TFYzYkIrRks5b3lhZzlWYmg1cWMwOEsiLCJtYWMiOiI4NDRmM2U5NzE3YmZmOTBkYjFjNjE4MTNlYjFiMmE4NzZjOWMzNWQwMzYwM2U0ZGI3ZmZiMTYzNGM0ZmY3NGUxIn0%3D; qlikersession=eyJpdiI6InUzUXc2NXNaWjcxd2wzOUN5QnZ6R1E9PSIsInZhbHVlIjoiSDA0bjNKa25Hc1c3ckMwMWR4UGUrZy9XWE9xNE5JNXVGSWtMQzZlTC9NaFZjSmpPMVM4Y1lYa0I4UTJZT2h6OTg2QTZYZlZUOVhTWkFBMUJiSWJxbUhNK2pYV3lPTjVUN3UwTGNTd3Raak5EZUJoWjdxdmFGa2dVYUJHM0J1a08iLCJtYWMiOiI1MDlmMWFlMTIxOTJjMTBjNzllODZlMjQwNDdmOWE3MTViZTYxNzQ5ZGI5ZDFlNzc1ODA5NDYzMjY5MTRmOWNhIn0%3D; ln=eyJpdiI6InFNaXhkazBnWDd1dFhFSzlJT3VnOGc9PSIsInZhbHVlIjoiRGVxanVRUWNUSnJVdzhWQ0lkVGtqZ3E1N0pYN2NQWUZyTlRWa2VIZW1WNUcvMjg1N1RTZGRjemJsWEFOSWduT0dydjRkNFk5Mm9HemRKbTBkSkQ1RDVFRUVzbXZudXN4Zno0UE8xWkRKNzQ9IiwibWFjIjoiYjE4NTcwMjAwMzg1OGM2ZjM1NDk0YWViY2U1M2Y4MDRkYTJiZjAyYTE1YTI2OTllZjUwNjk1NDUxNThmYzU3NSJ9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://kennycztan.com/sorry/

Response headers

Date: Wed, 11 Nov 2020 19:37:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.11
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjAzeHJYQWRxMEdid2ZGQXJQSllab3c9PSIsInZhbHVlIjoiS1lEdnVReDF2NDhid3pRWXB3dSsrKzlFR0tCeUhJaDJNMWUvcE9qR3RESDJoc2pDaElkVFRHOXFTalhrTWhjUG56aUFZc08xUGhhL3VEa0R6UnlrbTZxV1Z1ZW95d0cwdkcwdnNaS0pibU80ZWw3Z2J2ZGdadXIxeWZtYXI2emgiLCJtYWMiOiJjZjQ1YzliNDBkMWRhZTZkN2ZjZmRmMDhkOTkxY2FhMzFmMTQyMmMxODk0ODI5OWE0ODA5ZjI5NGRmNzlkZmY4In0%3D; expires=Tue, 01-Dec-2020 19:37:53 GMT; Max-Age=1728000; path=/; domain=.qlitrk.com; samesite=lax qlikersession=eyJpdiI6IlYrNjlxL1NwemRoY29GSlpndE5OSEE9PSIsInZhbHVlIjoiRkMvY2Yyb2VXYkRLWUJvQkVCdytKVEVYVnRUU2tCUjBFTWVzSmcvVXdsbUE5RGVoUlRvRlNxRHB4YTlHalpaWSswRHZRR0kxU3hoOWM5T0NsZng4Ukl5dU5xRDJZaEFCV0F5Mk5nNzl5VUZKWURPVktZQnQ0UnF3K0xaRnY4Uk4iLCJtYWMiOiI0NWU2OGEwYjJkMWMzMmVkMzRhMjExMzFlNDhjNjhiNTMyZDhjMTJlZWI0OTE0ODAxZmQyMGI3NzdiYTFiNWRmIn0%3D; expires=Tue, 01-Dec-2020 19:37:53 GMT; Max-Age=1728000; path=/; domain=.qlitrk.com; samesite=lax
Content-Encoding: gzip

Redirect headers

Date: Wed, 11 Nov 2020 19:37:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
X-Powered-By: PHP/7.4.11
Location: http://macusquek.qlitrk.com/qlick/blocked
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkhJRTZObFZjSi9EdW5RNzdZOVNjNEE9PSIsInZhbHVlIjoiVnNlUVdDTkd1UDN1WFpWWis1Yzd6SzFzamdvcjhjU0pZRU4vclhKUVgreS9FZVpaSkpQRGNiK0o5bnlQTTdZYkU2S1pBcXZjUW1jUFl0Y056aWpaUi8yWGUyWFluMVl1WklEMS9GQzc4TFYzYkIrRks5b3lhZzlWYmg1cWMwOEsiLCJtYWMiOiI4NDRmM2U5NzE3YmZmOTBkYjFjNjE4MTNlYjFiMmE4NzZjOWMzNWQwMzYwM2U0ZGI3ZmZiMTYzNGM0ZmY3NGUxIn0%3D; expires=Tue, 01-Dec-2020 19:37:53 GMT; Max-Age=1728000; path=/; domain=.qlitrk.com; samesite=lax qlikersession=eyJpdiI6InUzUXc2NXNaWjcxd2wzOUN5QnZ6R1E9PSIsInZhbHVlIjoiSDA0bjNKa25Hc1c3ckMwMWR4UGUrZy9XWE9xNE5JNXVGSWtMQzZlTC9NaFZjSmpPMVM4Y1lYa0I4UTJZT2h6OTg2QTZYZlZUOVhTWkFBMUJiSWJxbUhNK2pYV3lPTjVUN3UwTGNTd3Raak5EZUJoWjdxdmFGa2dVYUJHM0J1a08iLCJtYWMiOiI1MDlmMWFlMTIxOTJjMTBjNzllODZlMjQwNDdmOWE3MTViZTYxNzQ5ZGI5ZDFlNzc1ODA5NDYzMjY5MTRmOWNhIn0%3D; expires=Tue, 01-Dec-2020 19:37:53 GMT; Max-Age=1728000; path=/; domain=.qlitrk.com; samesite=lax ln=eyJpdiI6InFNaXhkazBnWDd1dFhFSzlJT3VnOGc9PSIsInZhbHVlIjoiRGVxanVRUWNUSnJVdzhWQ0lkVGtqZ3E1N0pYN2NQWUZyTlRWa2VIZW1WNUcvMjg1N1RTZGRjemJsWEFOSWduT0dydjRkNFk5Mm9HemRKbTBkSkQ1RDVFRUVzbXZudXN4Zno0UE8xWkRKNzQ9IiwibWFjIjoiYjE4NTcwMjAwMzg1OGM2ZjM1NDk0YWViY2U1M2Y4MDRkYTJiZjAyYTE1YTI2OTllZjUwNjk1NDUxNThmYzU3NSJ9; path=/; domain=.qlitrk.com; httponly; samesite=lax

GET
H3-Q050 200 css
fonts.googleapis.com/ 10 KB
1 KB 43ms
30ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Requested by

Host: macusquek.qlitrk.com
URL: http://macusquek.qlitrk.com/qlick/blocked

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f3c599e913a341d24581a4d48437f742d3b5a1558389acca0265c1e19502318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://macusquek.qlitrk.com/qlick/blocked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 19:24:49 GMT
server: ESF
date: Wed, 11 Nov 2020 19:37:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 11 Nov 2020 19:37:53 GMT

GET
H/1.1 200
OK 404-bg2.jpg
macusquek.qlitrk.com/img/ 114 KB
114 KB 100ms
100ms Image
image/jpeg 34.202.75.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://macusquek.qlitrk.com/img/404-bg2.jpg
Requested by: Host: macusquek.qlitrk.com
URL: http://macusquek.qlitrk.com/qlick/blocked
Protocol: HTTP/1.1
Server: 34.202.75.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-75-247.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 02ef65197316ddb43f835968bedb2a88b94e9ba682245e2d5532aa221739a23b

Request headers

Referer: http://macusquek.qlitrk.com/qlick/blocked
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 11 Nov 2020 19:37:53 GMT
Last-Modified: Mon, 18 May 2020 08:08:16 GMT
Server: nginx
ETag: "5ec24270-1c8fa"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 116986

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://macusquek.qlitrk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 289036
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12976
x-xss-protection: 0
expires: Mon, 08 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://macusquek.qlitrk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:14 GMT
server: sffe
age: 289036
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
expires: Mon, 08 Nov 2021 11:20:37 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu3cOWxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://macusquek.qlitrk.com
Referer: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,600,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 08 Nov 2020 11:20:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:08 GMT
server: sffe
age: 289036
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13224
x-xss-protection: 0
expires: Mon, 08 Nov 2021 11:20:37 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: kennycztan.com
URL: https://kennycztan.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A35%2Cr%3A3416)

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qlitrk.com/	1970-01-19 14:20:51	Name: qlikersession Value: eyJpdiI6IlYrNjlxL1NwemRoY29GSlpndE5OSEE9PSIsInZhbHVlIjoiRkMvY2Yyb2VXYkRLWUJvQkVCdytKVEVYVnRUU2tCUjBFTWVzSmcvVXdsbUE5RGVoUlRvRlNxRHB4YTlHalpaWSswRHZRR0kxU3hoOWM5T0NsZng4Ukl5dU5xRDJZaEFCV0F5Mk5nNzl5VUZKWURPVktZQnQ0UnF3K0xaRnY4Uk4iLCJtYWMiOiI0NWU2OGEwYjJkMWMzMmVkMzRhMjExMzFlNDhjNjhiNTMyZDhjMTJlZWI0OTE0ODAxZmQyMGI3NzdiYTFiNWRmIn0%3D
.qlitrk.com/	1970-01-19 14:20:51	Name: XSRF-TOKEN Value: eyJpdiI6IjAzeHJYQWRxMEdid2ZGQXJQSllab3c9PSIsInZhbHVlIjoiS1lEdnVReDF2NDhid3pRWXB3dSsrKzlFR0tCeUhJaDJNMWUvcE9qR3RESDJoc2pDaElkVFRHOXFTalhrTWhjUG56aUFZc08xUGhhL3VEa0R6UnlrbTZxV1Z1ZW95d0cwdkcwdnNaS0pibU80ZWw3Z2J2ZGdadXIxeWZtYXI2emgiLCJtYWMiOiJjZjQ1YzliNDBkMWRhZTZkN2ZjZmRmMDhkOTkxY2FhMzFmMTQyMmMxODk0ODI5OWE0ODA5ZjI5NGRmNzlkZmY4In0%3D
.qlitrk.com/	1969-12-31 23:59:59	Name: ln Value: eyJpdiI6InFNaXhkazBnWDd1dFhFSzlJT3VnOGc9PSIsInZhbHVlIjoiRGVxanVRUWNUSnJVdzhWQ0lkVGtqZ3E1N0pYN2NQWUZyTlRWa2VIZW1WNUcvMjg1N1RTZGRjemJsWEFOSWduT0dydjRkNFk5Mm9HemRKbTBkSkQ1RDVFRUVzbXZudXN4Zno0UE8xWkRKNzQ9IiwibWFjIjoiYjE4NTcwMjAwMzg1OGM2ZjM1NDk0YWViY2U1M2Y4MDRkYTJiZjAyYTE1YTI2OTllZjUwNjk1NDUxNThmYzU3NSJ9

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://kennycztan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 1) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicks.aweber.com
fonts.googleapis.com
fonts.gstatic.com
kennycztan.com
link.kennycztan.com
macusquek.qlitrk.com
stats.g.doubleclick.net
track.kennycztan.com
www.clkmg.com
www.google-analytics.com
kennycztan.com
204.194.222.24
2606:4700:3032::681b:a2ef
2606:4700:3037::ac43:a240
2a00:1450:4001:801::200e
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:81b::2003
2a00:1450:400c:c00::9c
34.202.75.247
50.97.244.203
01ebeb3fcdc269ef402f29f9fba025d3266fcd5c54ae7bca44aaa7c2cf738d93
02ef65197316ddb43f835968bedb2a88b94e9ba682245e2d5532aa221739a23b
039c9c0b428cfdf3659080ffffe82890c82ae2ed282f2e2e188baa1115372462
05cb26b1af973f36227f9257eb6a0f6aeabf44e50b9ea868cf5281808d217946
1b12cf36d40b54cab9ad0dec5a9e4d935f3f01a8c01a0b8a722ee58d278d940b
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2b58ca72232ff84e6c4e6a60cb232275c70b361aa4253caa1ad290c82488e709
2dffba50b266436c3a383e6624044ea33a0f3c89e84d91b2c145940f4eebdfcf
3e8cf0021767c285eadfc3a92caf0f0201e64db6f788fea544ee534623a682e3
405a5e4943b97243440d632a958bb6e79f1d1929666745000a22ebaa5fa2d819
42610841f3d39a01788c09d6a72b2f7e609cfb75b8e52eb4b031c12ad76f6ca3
452756306e2828de7e34cd35e4f027b82043d592cf06437b4892448f117d7493
46c35066107a9e96f5aff32689dbd4dec5befbe8514eeb57718db94cbd206d27
481775697a210ecddb9f82c87ff23dd2a8a9f2476fea3bff4dabb97fd41cdae1
487f2e9da2ff0740755a5ef01dc15a2888b89537795895203a831b13b199d8bb
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
52979920b758273d9b08cceffd10db0ff487ccc9a4bc2cb62c2df5390ced8a82
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76ef78f23be04bbb49a83253e2517851eb1dc2f4345eaeaa4dafadc40a33175e
7ec7f22119da3493aedefd66ffd30f0aaf4cf4aee42d8254638bcca5971c3568
82c84fc009ff0bb8f590af83ee1c0416f5905ebace92f638bca5900d1c751989
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f3c599e913a341d24581a4d48437f742d3b5a1558389acca0265c1e19502318
96cd14a2f15d1df04b2d20efe837976eaba9259c83275a9c9fc616162b516a43
9b4e294d541e0ac9f07c7f1a3433f3653da436f4ed90d538a73657a2836c24b4
9de4fee7b8b7ea60fbffaa6dfd453f04d8720ca4bb8c1604bcd9321a410e21d1
9f8400caf8e573c92e3ebf4b8f3f125911241cd2cbb09744cf9716051de566e8
a0ec460d72ba1b696348776c4c8185740f96de88903fff4bdf42301ef725babe
a8972f83af6969622e9c255e462d71816019bcdeedea426f688c2b56f276d186
b47087f6a82a55a8805d26bc51d40700d34ea823d10dd01889dc5cfc76816764
b7e83b556ae746f1cac9136d2ad6a3d33cafe4b56fa4af0133bc9960f7af41d4
b828e3a3e82cfdaa297838da882635ea336e80ee5985a530735ebc27e200dd04
bab98e23365f67f5569c3468bf58e4c1996756584d5865b8c8f3b3241c42b23b
bf18784df1f80cb7db4a33d704eb5b18933106afd6bc96b52502eee41ca282f2
c0138598f93aeadd883c9c443c1a46ce6019cfa75c0645e953a39e4d7b4444eb
c3864e68c92a78de7d1309478ac5e9c59d7df8551fc188d3cd5e0fe3b197d509
d02032286070b4dd9d8fbd985a7bdca8af8edf52b89ff177db3bfcb2c8a9c43d
d08fdf960890b4f7662bad35400a8464627110622652b944445b4a4ab32c01cb
d2437ddf45aa84303d14cc4569941c1ae58e8accca92216349c1332794015c6f
d523a3d1c1de051b11ecc17709cdf490fd2c4caf10f13417e2c74569ad6d79fd
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eca038fe1e21c8c9a0409b1752eaa3d729bef79d9a53f1e5d674400ff9b972b3
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c

macusquek.qlitrk.com Open in urlscan Pro 34.202.75.247 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

93 %HTTPS

70 %IPv6

8 Domains

10 Subdomains

8 IPs

3 Countries

1210 kBTransfer

2808 kBSize

3 Cookies

2 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

macusquek.qlitrk.com Open in urlscan Pro
34.202.75.247 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

93 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

1210 kB
Transfer

2808 kB
Size

3
Cookies

46 HTTP transactions
1 data transactions