framed.wtf Open in urlscan Pro
2606:4700:20::681a:a59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://framed.wtf/
Effective URL:
https://framed.wtf/
Submission: On January 16 via manual (January 16th 2023, 12:54:03 pm UTC) from GB — Scanned from GB

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 22 domains to perform 57 HTTP transactions. The main IP is 2606:4700:20::681a:a59, located in United States and belongs to CLOUDFLARENET, US. The main domain is framed.wtf. The Cisco Umbrella rank of the primary domain is 124244.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 25th 2022. Valid for: a year.

This is the only time framed.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4560	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2606:4700:20:... 2606:4700:20::681a:a59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:b000:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:2800:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.18.36.193 2.18.36.193	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:106b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	54.153.107.213 54.153.107.213	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:ba00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:e200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:211... 2600:9000:211e:6e00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.193.13.40 18.193.13.40	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:1901:0:8... 2600:1901:0:8344::	15169 (GOOGLE) (GOOGLE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	52.212.37.79 52.212.37.79	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:9a9	() ()
57	27

1 2606:4700:20::ac43:4560 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

framed.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:20::681a:a59 (United States)

ASN13335 (CLOUDFLARENET, US)

framed.wtf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b000:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:2800:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.36.193 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-193.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:106b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.153.107.213 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-107-213.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:ba00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:6e00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.13.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-13-40.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.37.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-37-79.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	framed.wtf 1 redirects framed.wtf — Cisco Umbrella Rank: 124244	204 KB
5	quantcast.com test.cmp.quantcast.com — Cisco Umbrella Rank: 10679 cmp.quantcast.com — Cisco Umbrella Rank: 2795 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12004	147 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 385 mug.criteo.com — Cisco Umbrella Rank: 2848	1 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2439 www.google-analytics.com — Cisco Umbrella Rank: 22	21 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	158 KB
2	4dex.io script.4dex.io	25 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	121 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1365	93 KB
2	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2913	45 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 48458 thisiswaldo.com — Cisco Umbrella Rank: 42554	122 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	386 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1411	313 B
1	33across.com lexicon.33across.com — Cisco Umbrella Rank: 1696	246 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 870	635 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 949	10 KB
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 61948	457 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1406	4 KB
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 463	62 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 943	6 KB
0	rlcdn.com Failed api.rlcdn.com Failed
57	22

	Domain	Requested by
21	framed.wtf	1 redirects framed.wtf static.cloudflareinsights.com
3	cmp.quantcast.com	quantcast.mgr.consensu.org
3	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
2	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	framed.wtf www.googletagmanager.com
2	cdn.confiant-integrations.net	cdn.thisiswaldo.com cdn.confiant-integrations.net
2	quantcast.mgr.consensu.org	cdn.thisiswaldo.com quantcast.mgr.consensu.org
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	lexicon.33across.com	ads.pubmatic.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	secure.quantserve.com	quantcast.mgr.consensu.org
1	ipfind.co	cdn.thisiswaldo.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	a.teads.tv	cdn.thisiswaldo.com
1	ads.pubmatic.com	cdn.thisiswaldo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.thisiswaldo.com	framed.wtf
1	fonts.googleapis.com	framed.wtf
1	static.cloudflareinsights.com	framed.wtf
0	api.rlcdn.com Failed	ads.pubmatic.com
57	27

This site contains links to these domains. Also see Links.

Domain
episode.wtf
plotwords.com
numble.wtf
shotdeck.com

Subject Issuer	Validity	Valid
framed.wtf Cloudflare Inc ECC CA-3	`2022-03-25` - `2023-03-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2022-06-01` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
cmp.quantcast.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
teads.tv R3	`2023-01-05` - `2023-04-05`	3 months	crt.sh
thisiswaldo.com R3	`2022-12-15` - `2023-03-15`	3 months	crt.sh
ipfind.co Amazon	`2022-12-04` - `2024-01-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://framed.wtf/
Frame ID: B3A31403D93928B6D234B489842ADF09
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Framed - The daily movie guessing game

Page URL History Show full URLs

http://framed.wtf/ HTTP 301
https://framed.wtf/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

57
Requests

96 %
HTTPS

70 %
IPv6

22
Domains

27
Subdomains

27
IPs

5
Countries

1038 kB
Transfer

3349 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://episode.wtf/?ref=framed
Title: Episode

Search URL Search Domain Scan URL

URL: https://plotwords.com/?ref=framed
Title: movie trivia

Search URL Search Domain Scan URL

URL: https://numble.wtf/?ref=framed
Title: brainteaser!

Search URL Search Domain Scan URL

URL: https://shotdeck.com/?ref=framed
Title: <img alt="shotdeck logo" srcSet="/shotdeck.png?w=96&q=75 1x, /shotdeck.png?w=256&q=75 2x" src="/shotdeck.png?w=256&q=75" decoding="async" data-nimg="intrinsic" style="position:absolute;top:0;left:0;bottom:0;right:0;box-sizing:border-box;padding:0;border:none;margin:auto;display:block;width:0;height:0;min-width:100%;max-width:100%;min-height:100%;max-height:100%" loading="lazy"/>

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://framed.wtf/ HTTP 301
https://framed.wtf/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fframed.wtf%2F&domain=framed.wtf&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=fcEPvHxmdUxrQVZNcDBCSnI0a09qZld5R1V2K05Rc1daV0paTmllb1o5Z1JUcmN0WkVkNThYME5uS1dBNCttUXBiNWtHOFlQSjQ1Q1Q0Qlc3YVhVUWt1VDk4UjEveFBHMysxdXcxUFAzckxJK0FOTUtBUXM0ZHRUeU53eGlpYnh5Z3JYTFZobWJXOUFyMHFUWlZjNXBNaHN6RnkyRzQxN3VtLzFFc2hQbHNPNUwvcDY3R2dwZTQybXVkYkpuUnEzOVZlV2ZDODh5NFNrVDZBNlFldHViR2Q5TUZnRkhPUXprckhSbC9tYUxLZTRzUTJBPXw&cppv=2

57 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
framed.wtf/
Redirect Chain

http://framed.wtf/
https://framed.wtf/

7 KB
3 KB

183ms
102ms

Document
text/html

2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fc0db2a848dd7fea3be7e416fd5bd1d4e5385fe24d60b688b7a87e01d4fa08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 78a6ff2b9fb27749-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 16 Jan 2023 12:53:55 GMT
link: </_next/static/css/fafe3030556b5b2b.css>; rel="preload"; as=style
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLYot7q4l0FNayFl0QvgNz8ZPq1ahfp41kuB%2FEL5pZinI3KWnd%2BpcDoygcScv%2F19PxX7t4XOO7thNhD%2Bubk0qDdUEAoo%2FzaqW6N5TmWEw%2BFp9ZaKeBonjlQBpe1Vt5LFYGvRURwljUMF"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 78a6ff2ab9f574e1-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 16 Jan 2023 12:53:55 GMT
Expires: Mon, 16 Jan 2023 13:53:55 GMT
Location: https://framed.wtf/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLTsrqNLKF0F0s8nU63lMCWRvcZl%2Bh5duhwQsCVpH9lbZkDftPBmO35Jfvx7M9XC2lZZzxflUseoHcNaEbIihPhJKc2pDeMSK%2BHiO0yBVu1hBCTajkxd5d6JtzdbdFFPB0WpYluEhIZr"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Server-Timing: cf-q-config;dur=6.9999998686399e-06
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 fafe3030556b5b2b.css
framed.wtf/_next/static/css/ 12 KB
3 KB 48ms
48ms Stylesheet
text/css 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/css/fafe3030556b5b2b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3007708c980e8aa546fd775cfd8ed780e975c526876726d07edc4731ddfa6eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5554
etag: W/"4dbde8b15d93404d2c12bf2643deae3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HLyg8VDhxdXQjqcfxN0z6fMYAMgcv6rjA3YSzd5%2Fy5GnMTCUTZguQWrHUCcqNN7z4aYulHXBEKF%2FzNE%2BpAHa1%2FloKjAN16tuIGPtmzuAmJM7JV82UEUXoRuo86e"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c48d37749-LHR

GET
H2 200 webpack-eb02cdfe53222fc3.js Show response
framed.wtf/_next/static/chunks/ 4 KB
2 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/webpack-eb02cdfe53222fc3.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5664833568bcd8387a54f9f654f0619235e7f076be6b076617f7e0455c19784

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"908ab81daa78d4f72720d3eb457f0c0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp%2BSuDEf3X4fQJs6zC3cgWZPyJAQu90n31%2BbtKi0vlnR8Y%2Fv4sre%2FDWnYMNTygnRhd2NhL8uZ5c6FPS%2Bij8r39VtU%2FmSMDcw0eVD8994d9eDLdq2KGWNU1lfzfsS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c48d47749-LHR

GET
H2 200 framework-5f4595e5518b5600.js Show response
framed.wtf/_next/static/chunks/ 127 KB
42 KB 85ms
82ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/framework-5f4595e5518b5600.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2209
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"5a6c48d6423442bc08036acfd6279f76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPQMvPumhTQmMEe9qkTNvg2cCrjhJcBNxAPZmmvsxGidnfYiGE2Emm1tcEMoz7h5jhzIgvdSstJ3LlKE6GKSljFWccu9NOkIr7LjmD3TQq%2F%2FjwoSjIa7OJKI4aac"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69157749-LHR

GET
H2 200 main-63b79767fca3418f.js Show response
framed.wtf/_next/static/chunks/ 98 KB
27 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a637e596681ed9976af5267d2e8b7f07c3bef2d0e8404160c46ab14b99c317cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 629
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d36f10025abd57cb51eb9a7c546c939c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEDADqZPUuyhO6VG3rr1%2FuFNX6Hzrb6Qbt9zHy2l25%2FgjBo%2FScJrN0hGXCcqWhnZcAjBdKyXB6Tvv0dI4H4H%2FQVWfmaNKq18jU4h0L3%2FgPwi9DO8MSdtK3oQzJLR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69197749-LHR

GET
H2 200 _app-787cba108c7963af.js Show response
framed.wtf/_next/static/chunks/pages/ 3 KB
2 KB 44ms
42ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/_app-787cba108c7963af.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18a51022cad31a082121a039cea94605f0a4798cb543b527d25f52599eff81e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 2209
etag: W/"ac985ba7766f799bb33841bb32cbc301"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SXMrxCyXGgWKoIGxnx6k5y%2Fli49V2VLTs%2BYlXXvzWdEe6kE0qI48oNM7bXp%2FCFzgEViU7dQPc3ifN8WzQnj0kZoCQtFPzQvacJ9oWCJGqc3jRloGnLngsLBCv%2F%2BMXlqxsVW565Qgews"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c691c7749-LHR

GET
H2 200 696-f8ab7e42bad5e644.js Show response
framed.wtf/_next/static/chunks/ 54 KB
19 KB 86ms
84ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/696-f8ab7e42bad5e644.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe526bc3f526ec0fbeb6d7324c8efeb5ee159286703c25afb8898d982a24d4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 6104
etag: W/"06a0bd5d426f18af616c49a33e042ecb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mp84y%2FSS3fdHEB4xf5YGiOw2o63hI62CzcS9zh5UZG6WxWZGD7xfJ4hofwW%2BKkzi%2BdMlPE%2BFLCxCbEeHS1WKGhTG3smHQhKqCFTuR8vSK98A%2Bkz2sbCAgUkfP1%2Bn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c691f7749-LHR

GET
H2 200 873-8351b6133ab03af4.js Show response
framed.wtf/_next/static/chunks/ 16 KB
4 KB 45ms
43ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/873-8351b6133ab03af4.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91092e057b0d488d9a0be0f19b7b7d4ea10593a416ac91b77b7482e7dad7673b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"9e8b22acb6ac2b54a417abf642979c60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCH%2Fy2KtN9Ix1DQIrW%2Bjv4pb%2FYbpKM9vEoV9I95LnhxNDVR0ZiHPnBDYEOZDtqAM23eJbhLAqOHsGMi2taEuLCZyK%2Bc6hLLhrxX4FLxAJkd54F7bdJzaY0YXZGd7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69217749-LHR

GET
H2 200 index-037098437ff5c0c7.js Show response
framed.wtf/_next/static/chunks/pages/ 3 KB
2 KB 47ms
46ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/index-037098437ff5c0c7.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5343063dba417136e1ff9732d3dd0d3f9be1f53024d618b0f7e8931166df252

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5554
etag: W/"a27a081dfd043c5282f7f279c16acdc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6hxTK%2FB6ofLeohLH%2FDEjJZQvuBnm6GyJMxcyujt23gFqwqEYLPlkqdwOap%2BcI0anBhSerLO5UnBtO0RheR5S498zS%2FTjvCpkQ%2BKFOsU%2BpFU4nyFMXwLwX%2F4FXjK9s7lcodZiuzMCnuh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69227749-LHR

GET
H2 200 _buildManifest.js Show response
framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/ 870 B
692 B 46ms
45ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/_buildManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7763b43d31d9ca205f5f5b02a437d7d931e18b2703c14f81f565e1eb51a7c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"fe5a57eb0e42338c5e09431603ace841"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiSVpGzSX2IAKPyAMM80%2BhshmAIG2l%2FbQm2MA86Juip%2BoNmU%2FkX9EkLF%2FYaDfDBAa56SQ0N62bo%2BHBgQ5%2BSzxuXtRp%2FIdfbYdXtkzDAGmfJ%2BtTD0A6hk4KyId8d5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69237749-LHR

GET
H2 200 _ssgManifest.js Show response
framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/ 77 B
364 B 86ms
85ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/_ssgManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"99dfad1d4dc538d0f87b1326c3f89efb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4M4OazZsU03Wz9aQsnQ%2FSvrlv%2F4gz%2F6joVvVMHto1bxxWLAuF8h5KvddteAUoAQCjlRaFGbRZhcw6FwdGwbxq5ClYIF8MbwHYq2Hp4en2%2FhcWtaQznu68w8gYopw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c69247749-LHR

GET
H2 200 _middlewareManifest.js Show response
framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/ 92 B
342 B 86ms
85ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/VtMJ2cm5Flo89O3cnddfc/_middlewareManifest.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"da720783325824640d5868af4b16024d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77H3QIQSzed1vmIzIWOHMgOp%2FvMQkK22az4p2lB%2FzWf0bHlhzmRhFjUlc3HBJAugrAajMPLFUTUQSlc8yYAuuRCj4XkkwQ9XVzFeiMOvzMmy4RklAfyZqcdfbbQ0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2c793c7749-LHR

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 198ms
113ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: framed.wtf
URL: https://framed.wtf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://framed.wtf/
Origin: https://framed.wtf
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 78a6ff2cec1872bb-LHR

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb485281714afc47547b0bfee38e7bf4a8bb241b305cbff75557dc716e52f297

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 228ms
84ms Stylesheet
text/css 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Anton&family=Quicksand:wght@500;600&display=swap

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/css/fafe3030556b5b2b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5ef40eb24b6e13b9d465ffc7e24d6b54c241709c21904aa9c6f8a77607f7630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 12:45:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Jan 2023 12:53:55 GMT

GET
H2 200 221-b9221f0e0dc9408b.js Show response
framed.wtf/_next/static/chunks/ 15 KB
5 KB 48ms
48ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/221-b9221f0e0dc9408b.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-eb02cdfe53222fc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e3203597f19d5f730f978389436ffcb5da41cada56c7b61dc07e2ea1c941a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 6831
etag: W/"e64e4f94e4c27d3be871f809c0b15e97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1upR9ih9H%2F6eXnWT3phlEQByj%2BuTVOhqH4C0upaPxFJfH881Ip0%2BRipPSH2SCP1yVFZdL8Oz8G9gMUtkgMAFKBPyYTaYHC%2B0V6aSwA6gNapeavG29j9QBfxQh%2BbZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2e2c0b7749-LHR

GET
H2 200 872-3d9ad23f497a0bc3.js Show response
framed.wtf/_next/static/chunks/ 76 KB
30 KB 78ms
77ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/872-3d9ad23f497a0bc3.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-eb02cdfe53222fc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdf35c5ed0496b71e234cf466de429842c6f38aaa6e85733d98099f4c5946aa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 5688
etag: W/"31f974c6168dae56567a890fde9d1ab9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bR1SgaUd4QhH4RB74fF0fGZ0p9bFDkjuyCF1yaYHnsvoyqwHIclK2QHkLTTEcPu1Zo2TQNK7AwvFiDOz17n%2BCWw9FaROCDniZ7I%2BhUQ1tXsF6R40k4Nt9Ex7zHxNPHz%2BTdOaAppRXajq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2e2c107749-LHR

GET
H2 200 561.324661b7fc1fa97b.js Show response
framed.wtf/_next/static/chunks/ 5 KB
2 KB 46ms
46ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/561.324661b7fc1fa97b.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/webpack-eb02cdfe53222fc3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec73a3b6dc8e0071324c9bd2a83e8e38d794126284bec06dfa92e4b9304b4558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 6831
etag: W/"ec5308ce0f9cca78ec31a8b006e83db7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1susReyoZtfnbHTtd7YtboifukBQiEftOB4Ha5GpcNofjLO9cbjXOQb3mXtL81MpoU6PHBVLwN8P47qGd%2F3cVH3mwZy2iTeGrpgBOJn5k%2BAQNuMcqqLR72FzGsb%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2e3c127749-LHR

GET
H2 200 13746.js Show response
cdn.thisiswaldo.com/static/js/ 404 KB
122 KB 212ms
49ms Script
application/javascript 2600:9000:2057:b000:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/13746.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:b000:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

313fbb62a39d76a6614f4d02876eb10d4f07d7b512a14ec3a5c3cde8d6ee371d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 04:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 05 Jan 2023 02:49:58 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: "64f30-5f17b5b4bf488-gzip"
age: 69990
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: Rj_7FJIzAkUScFXYY_hqmH768fduIuh3CcJ0u3rBMj_VknpRmuCgfQ==

GET
H2 200 1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v23/ 17 KB
17 KB 167ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton&family=Quicksand:wght@500;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://framed.wtf
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 14:16:31 GMT
x-content-type-options: nosniff
age: 81444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17020
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Jan 2024 14:16:31 GMT

GET
H2 200 shotdeck.png
framed.wtf/ 1 KB
2 KB 41ms
41ms Image
image/png 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framed.wtf/shotdeck.png?w=96&q=75

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b373cbc8ce1c3f064c48149f341ef7b7f8a468712aaf633a41de5fdfb9a5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3775
content-length: 1380
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "7601d5db97199c32893d53413c9c3aa7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozq8crP9tcH6q1qK%2FpOY5LwvQRZtRD8rUiJxRmojTkjbhDre03CGIR1KWa%2Bfnq7mV%2BfIBYkg2FeXXd6MgkaTmgbpXpgnhTbcflIALbAfHxG8g2wkjcqXUvBAmIIp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 78a6ff2e6c627749-LHR

GET
H2 200 archive-79fd7d9fefdce9d4.js
framed.wtf/_next/static/chunks/pages/ 0
2 KB 47ms
47ms Other
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/archive-79fd7d9fefdce9d4.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 907
etag: W/"4282c2339ca4c5e13038448cdaddfd5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxzwSqNroM7RB68AIKvh1LuImlISX0GoF6kg%2FiLjeAVcNXu6SLJG7X88mvvKQVgFOk53Z1m2Z3wcwGcpPxSd5ATdyQyHHRienxpBo78LGP%2FN28PNXY%2BCyxLymerEPKUz09I7EzU3%2Fr%2BB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2edcf27749-LHR

GET
H2 200 001.jpeg
framed.wtf/images/316/ 56 KB
56 KB 46ms
45ms Image
image/jpeg 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://framed.wtf/images/316/001.jpeg?w=1920&q=75

Requested by

Host: framed.wtf
URL: https://framed.wtf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a91e0d732da9f283cf8ba0e47cd6cf8d4723ec7211a6f031965d8ae7e9086d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2916
content-length: 56860
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
server: cloudflare
etag: "efc9d38a300329ffdad6241da6eef3f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NN59T8bYm5mzQM%2FWfrdfTcdGM3cALeXUxfBvwzIMBG25nnkmRxM4HYYOIYQDRIJbITRJhiLjeTsbRKURS7tWSx%2B9vGeZCvMR7SeMz30EFO69vLnS6imZP7DHHeaH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 78a6ff2efd1b7749-LHR

GET
H2 200 archive-79fd7d9fefdce9d4.js Show response
framed.wtf/_next/static/chunks/pages/ 4 KB
2 KB 42ms
41ms Script
application/javascript 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/_next/static/chunks/pages/archive-79fd7d9fefdce9d4.js

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a908cdf3cc2ab80346e209309da69190d528bde0091a755eac66eb111f09be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:55 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: HIT
age: 907
etag: W/"4282c2339ca4c5e13038448cdaddfd5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JxzwSqNroM7RB68AIKvh1LuImlISX0GoF6kg%2FiLjeAVcNXu6SLJG7X88mvvKQVgFOk53Z1m2Z3wcwGcpPxSd5ATdyQyHHRienxpBo78LGP%2FN28PNXY%2BCyxLymerEPKUz09I7EzU3%2Fr%2BB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 78a6ff2f2d567749-LHR

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/ 4 KB
2 KB 184ms
54ms Script
application/javascript 2600:9000:211e:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4a843829d2a7a6784b64936438383030b3161521367b2420441ad0c860f3e80d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: gzip
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
last-modified: Thu, 11 Aug 2022 00:44:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 19
x-amz-server-side-encryption: AES256
etag: W/"828fc36b31632f34b4cf3eeb0e9c996d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Pxnmf41G_9nAIYx66iCcqpp7mvCYRb5RapLXfcXyNWT6doZDHBb4hg==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 201 KB
62 KB 281ms
76ms Script
application/javascript 2.18.36.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.36.193 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-36-193.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: gzip
last-modified: Mon, 31 Oct 2022 16:52:35 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=67329
accept-ranges: bytes
content-length: 62752
expires: Tue, 17 Jan 2023 07:36:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 282ms
128ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

474e8fc381de7a841a61f56302dd7ce091ce768d6c7da6f93ac080ae1b1de734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27585
x-xss-protection: 0
server: sffe
etag: "1453 / 457 of 1000 / last-modified: 1673651232"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 16 Jan 2023 12:53:56 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/ 112 KB
25 KB 152ms
47ms Script
text/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0c64c7b7c2584aaa2c92e759b6faf11066487d163b86b1eba2740b3b4111a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 16 Jan 2023 10:54:39 GMT
server: cloudflare
x-amz-request-id: KHN9MW9XQ2DRZ3S6
age: 522
etag: W/"265dd6ad8b8a1f816e63cb1fd10cceb3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 78a6ff3119ee773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 4mrELXNEgAmFf+XKSKc2Zv9KjrIzeMn/KVAyQPhvzdUyzqMo5cmPDBiuAqSjZXOJ1bwRN3z9DTM=

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 213ms
47ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 6PX7G9BXZ1EJ8Q4H
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: mn+sdmW1kRLqXoGcKjiUOnURKtt8S7jop2YTJNIsjYf9vysp6bNqxt2aL5b1GjUmGsC39PaWn24=

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 704ms
419ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Mon, 16 Jan 2023 12:53:56 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H2 200 me Show response
ipfind.co/ 355 B
457 B 568ms
195ms XHR
application/json 54.153.107.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.107.213 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-107-213.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b341ce1f1ec8515bdba089babad7d88dd05a2cc680d9c7e0930470cf8ad46a82

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 239

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 197ms
51ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: gzip
etag: "WQX8ubvDGl3DCUDHzxu0sA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 23 Jan 2023 12:53:56 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
43 KB 53ms
52ms Script
text/javascript 2600:9000:211e:2800:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/framed.wtf/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2800:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:42:27 GMT
content-encoding: br
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 688
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: UqpqIoFLL0COjruZAYcP409u8G2gXkM-39yfGKPXyYIq7YRV5HbqOw==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 52ms
51ms Script
application/javascript 2606:4700::6812:106b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/x0z5MxKG38JhHvRnq2EER8cBuec/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:106b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: 9TDVS51QT2H6B0K6
age: 2227700
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 78a6ff318ab0773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6NJ5srR9LPcT+vCWN3SnelDfoRTjUshmRLN7lCzPz2Ym0tb2joOf8p8jCx8lvfqon+FOvFWpxtY=

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 170ms
50ms XHR
application/json 2600:9000:211e:ba00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ba00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0470e7119c89629f6ced246c8071e6f49b5b124acbb10b5f316d314fd4e78ab

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:00:36 GMT
x-amz-version-id: POuYi4.QbUYhHN4p2tbIMulQrwaf1j8L
content-encoding: br
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 35601
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 14 Jan 2023 19:52:29 GMT
server: AmazonS3
etag: W/"16f9ea1cc7a71cfed1d4482a599ccd27"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: k5uZb0N0CHxVVCVO6F0fyry7ZGb8R_OBJ0s5VWJa6Pg9_qYP2z8drw==

GET
H2 200 pubads_impl_2023011204.js Show response
securepubads.g.doubleclick.net/gpt/ 386 KB
131 KB 62ms
62ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011204.js?cb=31071610

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbcc63ae6a7f5dd6febc750dca60cb0cde09790b98343fbd9c299403db1465ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 18:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 238910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133591
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 19:18:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Jan 2024 18:32:06 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 112 B
103 B 222ms
97ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=framed.wtf

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19e9595813e41084b46a6586136f30a90bcb121187716ac58c4ae3db78bb4cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78
x-xss-protection: 0
expires: Mon, 16 Jan 2023 12:53:56 GMT

GET
H2 200 rules-p-fTfJtcPmQDwZG.js Show response
rules.quantcount.com/ 160 B
635 B 175ms
47ms Script
application/javascript 2600:9000:211e:e200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:22:36 GMT
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:30:36 GMT
server: AmazonS3
etag: "65712c30333d33050e268b43b70b60ea"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: pWPFHB5TP5LzNmZKM20eEdZHo4QGbzurVFHqNTT-gDSZhYfWSuTX-A==

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/45/ 248 KB
65 KB 169ms
56ms Script
text/javascript 2600:9000:211e:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 10:08:10 GMT
content-encoding: gzip
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 9947
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
server: AmazonS3
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: NqaZvDV-ht050qRvdH-b6U7R1c16FJjUnUZfbkKqLhv19LxX1XuWcQ==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 350 KB
43 KB 165ms
54ms XHR
application/json 2600:9000:211e:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4db2e06b7c47b35a8452256d093432bcf206587530865df4f1413dfe25c85340

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:00:38 GMT
content-encoding: br
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 35599
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 16 Jan 2023 03:00:33 GMT
server: AmazonS3
etag: W/"af085776b37add6191a20a83398daa43"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: IJ50OZpTyt6ULgZqg-VClCExw0nJ2Nj1idspFjGS4awIDPaSJ_MzWA==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 151 KB
37 KB 217ms
107ms XHR
application/json 2600:9000:211e:6e00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=framed.wtf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:01:30 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 35547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 16 Jan 2023 03:01:27 GMT
server: AmazonS3
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 3qBFakGlorWo_OZXDlnc4eAaShiXF-0RVNeJiKTJPodFKYv23hdhaw==

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 170ms
49ms XHR
text/plain 18.193.13.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22framed.wtf%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%227bnWU4gIqL1lnVt05b%2BUng%22%2C%22clientTimestamp%22%3A1673873636628%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-xsjcnlyxu1021dw2krjr%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.13.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-13-40.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 16 Jan 2023 12:53:56 GMT
content-length: 2
content-type: text/plain; charset=utf-8

POST
H2 204 rum Show response
framed.wtf/cdn-cgi/ 0
179 B 39ms
39ms XHR
text/plain 2606:4700:20::681a:a59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://framed.wtf/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: application/json

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://framed.wtf
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 78a6ff356fbd7749-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
78 KB 171ms
61ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD

Requested by

Host: framed.wtf
URL: https://framed.wtf/_next/static/chunks/main-63b79767fca3418f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c163e2f41a034ed39675f099dc10b81a8b2ea568b20d8f5f2655f4fea3c0cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 16 Jan 2023 12:53:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-242572032-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

acaf8ca9a739c82be80aea23eea689877d707a72e3598c0b6b1c7220140bcdd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 12:53:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44144
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 16 Jan 2023 12:53:57 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
343 B 123ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S57DN4M8WD&gtm=2oe1a1&_p=698145730&cid=918146203.1673873637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1673873637&sct=1&seg=0&dl=https%3A%2F%2Fframed.wtf%2F&dt=Framed%20-%20The%20daily%20movie%20guessing%20game&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:53:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 206ms
62ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-242572032-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 16 Jan 2023 12:21:53 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1924
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 16 Jan 2023 14:21:53 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 81ms
81ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=698145730&t=pageview&_s=1&dl=https%3A%2F%2Fframed.wtf%2F&ul=en-us&de=UTF-8&dt=Framed%20-%20The%20daily%20movie%20guessing%20game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=397668438&gjid=1711838742&cid=918146203.1673873637&tid=UA-242572032-1&_gid=2022964930.1673873637&_r=1&gtm=2ou1a1&z=2007800956

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:53:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ 0
0 131ms
41ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fframed.wtf%2F&domain=framed.wtf&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://framed.wtf
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 16 Jan 2023 12:53:57 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 526449
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
246 B 219ms
128ms XHR
application/json 2600:1901:0:8344::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a0000344WOAAA2&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 12:53:57 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://framed.wtf
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fframed.wtf%2F&domain=framed.wtf&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=fcEPvHxmdUxrQVZNcDBCSnI0a09qZld5R1V2K05Rc1daV0paTmllb1o5Z1JUcmN0WkVkNThYME5uS1dBNCttUXBiNWtHOFlQSjQ1Q1Q0Qlc3YVhVUWt1VDk4UjEveFBHMysxdXcxUFAzckxJK0FOTUtBUXM0ZHRUeU53eG...

359 B
646 B

129ms
43ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fcEPvHxmdUxrQVZNcDBCSnI0a09qZld5R1V2K05Rc1daV0paTmllb1o5Z1JUcmN0WkVkNThYME5uS1dBNCttUXBiNWtHOFlQSjQ1Q1Q0Qlc3YVhVUWt1VDk4UjEveFBHMysxdXcxUFAzckxJK0FOTUtBUXM0ZHRUeU53eGlpYnh5Z3JYTFZobWJXOUFyMHFUWlZjNXBNaHN6RnkyRzQxN3VtLzFFc2hQbHNPNUwvcDY3R2dwZTQybXVkYkpuUnEzOVZlV2ZDODh5NFNrVDZBNlFldHViR2Q5TUZnRkhPUXprckhSbC9tYUxLZTRzUTJBPXw&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

586d582233483ce6a66475c42af254a970ce22fde9541235db0d795ba3533394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:53:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1268614
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:53:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=fcEPvHxmdUxrQVZNcDBCSnI0a09qZld5R1V2K05Rc1daV0paTmllb1o5Z1JUcmN0WkVkNThYME5uS1dBNCttUXBiNWtHOFlQSjQ1Q1Q0Qlc3YVhVUWt1VDk4UjEveFBHMysxdXcxUFAzckxJK0FOTUtBUXM0ZHRUeU53eGlpYnh5Z3JYTFZobWJXOUFyMHFUWlZjNXBNaHN6RnkyRzQxN3VtLzFFc2hQbHNPNUwvcDY3R2dwZTQybXVkYkpuUnEzOVZlV2ZDODh5NFNrVDZBNlFldHViR2Q5TUZnRkhPUXprckhSbC9tYUxLZTRzUTJBPXw&cppv=2
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 590345
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
313 B 160ms
49ms XHR
application/json 52.212.37.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.37.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-37-79.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:53:58 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://framed.wtf
cache-control: no-cache
x-server: 10.45.0.254
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
386 B 146ms
46ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 09dd167efbe8fb872400956ae4dbeace525d36a2d377acb49a4f7f0642bf84cf

Request headers

Referer: https://framed.wtf/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 16 Jan 2023 12:53:58 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://framed.wtf
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Wed, 15 Feb 2023 12:53:58 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ 0
0 143ms
45ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 16 Jan 2023 12:53:57 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 411381
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1 KB 131ms
43ms Script
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/13746.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 12:54:01 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 321218
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vr7u4vSq0Rp%2B3BA%2Bt6GhbA4MX1rr68JaI3QTgo3DpxrngHihK%2ByXT4zaKfBpDafPSFUZ3UAsy%2FsoLgJp6ptprZabhGYVzuAo1Q8WZiQE6FHgHb9cohp%2BQy2GMRdbdeoY2gWLpU%2BbNw%2B%2Be8BP"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 78a6ff5048f623e3-LHR

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
24 KB 127ms
50ms Fetch
application/javascript 2606:4700:20::681a:9a9

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 16 Jan 2023 12:54:01 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HMQRRBVZRD3PB5DW
Age: 2084692
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: cGugonXwfHGflvnFZ35jY7+vhnlUMjWqVOIiUEIlaupU4MyMdIYwTB9c3p8YNNZa/rF4cMRRGh8=
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yvw2nYNcqzM%2Fa0jo8FBFrikeuIWyWA8FmA2E4EYDlnl7Xi1TrL1WT1d5VMDBWTDxA%2F3PeNZxFPOZfgYEuc1RljvPby61jomk7Pg1tswvs9aevqQ9fnSg85W%2FMQjdN0%2Ba9pEmnyp1zov7T8xZ"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY: 78a6ff510840dd78-LHR

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 44ms
43ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S57DN4M8WD&gtm=2oe1a1&_p=698145730&cid=918146203.1673873637&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1673873637&sct=1&seg=0&dl=https%3A%2F%2Fframed.wtf%2F&dt=Framed%20-%20The%20daily%20movie%20guessing%20game&en=scroll&epn.percent_scrolled=90&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S57DN4M8WD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://framed.wtf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Jan 2023 12:54:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://framed.wtf
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1258

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
framed.wtf/	1970-01-20 09:41:05	Name: _pbjs_userid_consent_data Value: 3524755945110770
.framed.wtf/	1970-01-20 13:17:05	Name: _pubcid Value: bc4ee7d2-ab39-4efb-abfa-9e3e77cbd58d
framed.wtf/	1970-01-20 11:07:29	Name: waldo_country Value: GB
framed.wtf/	1970-01-20 11:07:29	Name: waldo_continent Value: EU
framed.wtf/	1970-01-20 11:07:29	Name: waldo_region Value: ENG
.framed.wtf/	1970-01-20 18:33:53	Name: _ga_S57DN4M8WD Value: GS1.1.1673873637.1.0.1673873637.0.0.0
.framed.wtf/	1970-01-20 18:33:53	Name: _ga Value: GA1.2.918146203.1673873637
.framed.wtf/	1970-01-20 08:59:20	Name: _gid Value: GA1.2.2022964930.1673873637
.framed.wtf/	1970-01-20 08:57:53	Name: _gat_gtag_UA_242572032_1 Value: 1
framed.wtf/	1970-01-20 08:57:57	Name: _lr_retry_request Value: true
framed.wtf/	1970-01-20 09:41:05	Name: _lr_env_src_ats Value: false
framed.wtf/	1970-01-20 10:24:17	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-01-16T12%3A53%3A58%22%7D
.framed.wtf/	1970-01-20 18:19:29	Name: cto_bundle Value: ggy0Vl9LR2dSRDZkYkdNek1nTWFpcVdRb01JR3hWJTJGSzF5eGw2UWhzZHJaTkNWWmh5VkUlMkZ6SW04Z0xvOUU4RmRHVWJqbDhQTXM4WEF6QU9JMklvaUczSUthZ3JlSyUyRlFpdFJiRzZiQ3lQZmdVbG5RSzBheHJOT1BYUnVuRFA4aUFpMSUyRiUyRk0
.framed.wtf/	1970-01-20 18:19:29	Name: cto_bidid Value: nBW90F9yNlNqNUcxcmpRRyUyQk1VTWJiSmk3S2NoS2NEVFI1T2RoeDR3bTBsenpZVUwwVVRuT21mQ2xBYnpDNlVDZUlOcW42REUzYXF0M3dMQlhzR1czZ2JpdHpRJTNEJTNE

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://framed.wtf/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://framed.wtf' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
cdn.confiant-integrations.net
cdn.thisiswaldo.com
cmp.quantcast.com
fonts.googleapis.com
fonts.gstatic.com
framed.wtf
gum.criteo.com
id.crwdcntrl.net
ipfind.co
lexicon.33across.com
match.adsrvr.org
mug.criteo.com
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
test.cmp.quantcast.com
thisiswaldo.com
www.google-analytics.com
www.googletagmanager.com
api.rlcdn.com
178.250.2.146
18.193.13.40
2.18.232.7
2.18.36.193
2001:4860:4802:34::36
2600:1901:0:8344::
2600:9000:2057:b000:f:458e:2a80:93a1
2600:9000:211e:2800:9:46dc:4700:93a1
2600:9000:211e:6e00:9:46dc:4700:93a1
2600:9000:211e:ba00:3:a4cd:8380:93a1
2600:9000:211e:e200:6:44e3:f8c0:93a1
2606:4700:20::681a:9a9
2606:4700:20::681a:a59
2606:4700:20::ac43:4560
2606:4700::6810:3965
2606:4700::6812:106b
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2008
2a00:1450:400d:802::200e
2a00:1450:400d:80a::200a
2a00:1450:400d:80c::2002
2a02:2638::1c
35.71.131.137
52.15.219.226
52.212.37.79
54.153.107.213
09dd167efbe8fb872400956ae4dbeace525d36a2d377acb49a4f7f0642bf84cf
0c163e2f41a034ed39675f099dc10b81a8b2ea568b20d8f5f2655f4fea3c0cf6
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
19e9595813e41084b46a6586136f30a90bcb121187716ac58c4ae3db78bb4cba
1e3203597f19d5f730f978389436ffcb5da41cada56c7b61dc07e2ea1c941a55
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
2a908cdf3cc2ab80346e209309da69190d528bde0091a755eac66eb111f09be3
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
3007708c980e8aa546fd775cfd8ed780e975c526876726d07edc4731ddfa6eba
313fbb62a39d76a6614f4d02876eb10d4f07d7b512a14ec3a5c3cde8d6ee371d
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
41fc0db2a848dd7fea3be7e416fd5bd1d4e5385fe24d60b688b7a87e01d4fa08
474e8fc381de7a841a61f56302dd7ce091ce768d6c7da6f93ac080ae1b1de734
4a843829d2a7a6784b64936438383030b3161521367b2420441ad0c860f3e80d
4db2e06b7c47b35a8452256d093432bcf206587530865df4f1413dfe25c85340
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
586d582233483ce6a66475c42af254a970ce22fde9541235db0d795ba3533394
673aaadf5ccca4681c2023a6e76f62c478be94fe3b1ed05f3126da067e66f50a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7763b43d31d9ca205f5f5b02a437d7d931e18b2703c14f81f565e1eb51a7c9b5
77b373cbc8ce1c3f064c48149f341ef7b7f8a468712aaf633a41de5fdfb9a5fe
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
91092e057b0d488d9a0be0f19b7b7d4ea10593a416ac91b77b7482e7dad7673b
922b0d2d4adb5ed473a915258165047db5642276b6edad0dc15a0d47ed4ea19c
a5ef40eb24b6e13b9d465ffc7e24d6b54c241709c21904aa9c6f8a77607f7630
a637e596681ed9976af5267d2e8b7f07c3bef2d0e8404160c46ab14b99c317cf
a91e0d732da9f283cf8ba0e47cd6cf8d4723ec7211a6f031965d8ae7e9086d4b
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
acaf8ca9a739c82be80aea23eea689877d707a72e3598c0b6b1c7220140bcdd6
b341ce1f1ec8515bdba089babad7d88dd05a2cc680d9c7e0930470cf8ad46a82
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
bdf35c5ed0496b71e234cf466de429842c6f38aaa6e85733d98099f4c5946aa5
c5664833568bcd8387a54f9f654f0619235e7f076be6b076617f7e0455c19784
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d18a51022cad31a082121a039cea94605f0a4798cb543b527d25f52599eff81e
dbcc63ae6a7f5dd6febc750dca60cb0cde09790b98343fbd9c299403db1465ef
dd0c64c7b7c2584aaa2c92e759b6faf11066487d163b86b1eba2740b3b4111a6
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0470e7119c89629f6ced246c8071e6f49b5b124acbb10b5f316d314fd4e78ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e587bef04b460fbfcf1cdebaca05b28a172bd76b65637be2875dbebb138c9cdd
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb485281714afc47547b0bfee38e7bf4a8bb241b305cbff75557dc716e52f297
ec73a3b6dc8e0071324c9bd2a83e8e38d794126284bec06dfa92e4b9304b4558
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5343063dba417136e1ff9732d3dd0d3f9be1f53024d618b0f7e8931166df252
fe526bc3f526ec0fbeb6d7324c8efeb5ee159286703c25afb8898d982a24d4fc
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be

framed.wtf Open in urlscan Pro 2606:4700:20::681a:a59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

70 %IPv6

22 Domains

27 Subdomains

27 IPs

5 Countries

1038 kBTransfer

3349 kBSize

14 Cookies

4 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

framed.wtf Open in urlscan Pro
2606:4700:20::681a:a59 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

70 %
IPv6

22
Domains

27
Subdomains

27
IPs

5
Countries

1038 kB
Transfer

3349 kB
Size

14
Cookies

57 HTTP transactions
2 data transactions