raffi888z.xyz Open in urlscan Pro
172.67.150.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://raffi888z.xyz/
Submission: On November 14 via api (November 14th 2024, 11:20:07 am UTC) from BE — Scanned from US

Summary HTTP 126 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 1 countries across 10 domains to perform 126 HTTP transactions. The main IP is 172.67.150.156, located in United States and belongs to . The main domain is raffi888z.xyz.
TLS certificate: Issued by WE1 on November 10th 2024. Valid for: 3 months.

This is the only time raffi888z.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	172.67.150.156 172.67.150.156	() ()
2	2606:4700:7::eb 2606:4700:7::eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.212.61 172.67.212.61	() ()
26	172.67.15.14 172.67.15.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
51	2600:9000:23c... 2600:9000:23ca:fc00:c:5e6d:a440:21	() ()
14	2606:4700:20:... 2606:4700:20::681a:ecb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
2	172.67.162.230 172.67.162.230	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
126	11

18 172.67.150.156 (United States) 1 redirects

ASN- ()

raffi888z.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:7::eb (United States)

ASN13335 (CLOUDFLARENET, US)

pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.212.61 (United States)

ASN- ()

vxbrkq1luxtv.gpa2glsjhw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 172.67.15.14 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2600:9000:23ca:fc00:c:5e6d:a440:21 (United States)

ASN- ()

d2rzzcn1jnr24x.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ecb (United States)

ASN13335 (CLOUDFLARENET, US)

api2-pad.imgnxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.162.230 (United States)

ASN13335 (CLOUDFLARENET, US)

tawk.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	cloudfront.net d2rzzcn1jnr24x.cloudfront.net	5 MB
26	tawk.to embed.tawk.to — Cisco Umbrella Rank: 11615 va.tawk.to — Cisco Umbrella Rank: 11023	277 KB
18	raffi888z.xyz 1 redirects raffi888z.xyz	415 KB
14	imgnxa.com api2-pad.imgnxa.com	1 MB
5	gpa2glsjhw.xyz vxbrkq1luxtv.gpa2glsjhw.xyz — Cisco Umbrella Rank: 110721	54 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 331	41 KB
2	tawk.link tawk.link — Cisco Umbrella Rank: 44912	621 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	214 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 208	76 KB
2	r2.dev pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev	1 MB
126	10

	Domain	Requested by
51	d2rzzcn1jnr24x.cloudfront.net	raffi888z.xyz
21	embed.tawk.to	raffi888z.xyz embed.tawk.to
18	raffi888z.xyz	1 redirects raffi888z.xyz
14	api2-pad.imgnxa.com	raffi888z.xyz
5	va.tawk.to	embed.tawk.to
5	vxbrkq1luxtv.gpa2glsjhw.xyz	raffi888z.xyz
2	cdn.jsdelivr.net	embed.tawk.to
2	tawk.link
2	www.facebook.com	raffi888z.xyz
2	connect.facebook.net	raffi888z.xyz connect.facebook.net
2	pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev	raffi888z.xyz
126	11

This site contains links to these domains. Also see Links.

Domain
akkg.short.gy
raffi-888.info
wap.raffi888z.xyz
www.hongkonglive.com
www.sydneylivetoday.com
www.nex4dpools.com
api.whatsapp.com
vingaming.com
tawk.to

Subject Issuer	Validity	Valid
raffi888z.xyz WE1	`2024-11-10` - `2025-02-08`	3 months	crt.sh
*.r2.dev E5	`2024-09-29` - `2024-12-28`	3 months	crt.sh
gpa2glsjhw.xyz WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh
tawk.to WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-23` - `2024-11-21`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
imgnxa.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh
tawk.link WE1	`2024-11-04` - `2025-02-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://raffi888z.xyz/
Frame ID: AB1A4E7D4D4D56B12E15E67FCA8D7CEC
Requests: 116 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css
Frame ID: 7B864ACF8B6F258871B1038738E8671A
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css
Frame ID: 43FC89585FA1F6048E6AD1BD7E2B9E2D
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css
Frame ID: 8E7181260B76EDB6457B745725533B0C
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css
Frame ID: 1CEDEADA1DCE8FD882607294577C3FFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Raffi888: Login Situs Slot Raffi Ahmad 888 Jenis Game Anti Kalah

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

126
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

11
IPs

1
Countries

8860 kB
Transfer

10597 kB
Size

9
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://akkg.short.gy/wa_raffi888

Search URL Search Domain Scan URL

URL: https://raffi-888.info/

Search URL Search Domain Scan URL

URL: https://wap.raffi888z.xyz/
Title: Versi WAP (NEX4D)

Search URL Search Domain Scan URL

URL: https://www.hongkonglive.com/
Title: Hongkong Live Day Draw

Search URL Search Domain Scan URL

URL: https://www.sydneylivetoday.com/
Title: Sydney Live Day Draw

Search URL Search Domain Scan URL

URL: https://www.nex4dpools.com/
Title: Nex4D Pools Draw

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=6281361893691

Search URL Search Domain Scan URL

URL: https://vingaming.com/

Search URL Search Domain Scan URL

URL: https://tawk.to/chat/603de7e0385de407571b866f/1evot3h8m
Title: Livechat Official RAFFI888

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://raffi888z.xyz/favicon.ico HTTP 302
https://raffi888z.xyz/not-found?request=/favicon.ico

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
raffi888z.xyz/ 114 KB
14 KB 569ms
459ms Document
text/html 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe02bcc92dc76965cf5017514b4bb271afd864c6fee47eed91cc9689f10e7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, s-maxage=0
cf-cache-status: DYNAMIC
cf-ray: 8e269bd959665245-LAX
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 11:19:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEZVTFezCMUFyvjrfYIxxCrnUv%2F5XgD3mG22dRtGCw%2B69VAI%2FsM7tvBvCyRVWUxoo8%2BxR%2FVvdHDdtBYDC%2F3MgffCsUW7gYvtBOnADu8FsEhbrDGVd6DV0L95672xn5bt"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=76067&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4484&delivery_rate=286&cwnd=12000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=473&x=1" cfExtPri cfHdrFlush;dur=0
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK logowa.png
pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev/ 322 KB
322 KB 403ms
234ms Image
image/png 2606:4700:7::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev/logowa.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9aa567a0103aa1d8edd5bfdbb4fdd4f7a2e56c8a9e7c9a4dc2feb6c35ec8cae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

ETag: "56c55d3cdc53e8361f52af57a0a4e759"
Connection: keep-alive
CF-RAY: 8e269bddfd822ef9-LAX
Accept-Ranges: bytes
Content-Length: 329423
Date: Thu, 14 Nov 2024 11:19:50 GMT
Content-Type: image/png
Last-Modified: Thu, 24 Oct 2024 03:53:03 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H/1.1 200
OK rtp.gif
pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev/ 955 KB
955 KB 415ms
248ms Image
image/gif 2606:4700:7::eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev/rtp.gif
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5d06911ad2428743c7145836cd0bbe00bc78de44e0bf68637c98ad2dc9cd3fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

ETag: "fac5ebeab424b5462f8608ac48f6d5dd"
Connection: keep-alive
CF-RAY: 8e269bddfa417c85-LAX
Accept-Ranges: bytes
Content-Length: 977882
Date: Thu, 14 Nov 2024 11:19:50 GMT
Content-Type: image/gif
Last-Modified: Thu, 24 Oct 2024 03:51:40 GMT
Vary: Accept-Encoding
Server: cloudflare

GET
H3 200 glyphicons-halflings-regular.woff
raffi888z.xyz/fonts/ 16 KB
17 KB 417ms
416ms Font
font/x-woff 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/glyphicons-halflings-regular.woff

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m64FO7sobvZxizR6e8hhgWboFsNrLLLMqz2ctDidv%2BK9BSvrZGUYRMVzy6sZGRMu4mdGakPFVXRxa1qGyY2wanjucmPc3Z%2FFSm4ZF3MsHQj0MeXqz2GNA%2Bnm1M0W86s5"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=72438&sent=102&recv=41&lost=0&retrans=0&sent_bytes=103258&recv_bytes=12212&delivery_rate=121651&cwnd=48000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=998&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: font/x-woff
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcec285245-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 digital_sans_ef_medium.woff2
raffi888z.xyz/fonts/ 19 KB
20 KB 426ms
424ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/digital_sans_ef_medium.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUr8Ce%2BNx6SeqQ8sp80W4b0S1Dm69pBIyKBg5S0vdPc1rPuh1igjSka26FLQHaSA21NXttDUKfUT830EQaOPmB4j4foS0biNQP2yQeykx7ONyYMtisD93%2FShb0UqZSIp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74823&sent=156&recv=62&lost=0&retrans=0&sent_bytes=164440&recv_bytes=13142&delivery_rate=646510&cwnd=73200&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1010&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcec2b5245-LAX
accept-ranges: bytes
content-length: 18996
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 advanced_dot_digital7.woff2
raffi888z.xyz/fonts/ 7 KB
9 KB 345ms
343ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/advanced_dot_digital7.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0d0jdpko1XBtjWngXnuuZsBqRSMlpAhyJa4qEnHAN%2B%2FynGNlCM8VQTmWBVNMTr6zv2AZTtANV2AOPIEipMyJmOJNNFM%2Fn18OR%2F2MQWK7JkXYgLLeqbem%2FTtZO30aAEhy"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=894&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcec2e5245-LAX
accept-ranges: bytes
content-length: 7348
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nexus-v2-charlie-desktop-css
raffi888z.xyz/Content/ 261 KB
63 KB 201ms
196ms Stylesheet
text/css 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c4bd5b0c9cb8f9e97846486701656a389eaff19f3674f1ac735a3fcce36ed497

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Zi%2BanQTYZ2JrdyGDuFLi8CZw9%2FrvNQ7orreO2%2F5NAOZJeW7quZm%2Ftuk%2BF1qtFFqub2V8gIIoKlnSZ4MrMvLwJbLyEHB4g0hptxtPgevZhXdrx4trI6pZolC0qH1QuAT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:19:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74214&sent=29&recv=26&lost=0&retrans=0&sent_bytes=19258&recv_bytes=11567&delivery_rate=125581&cwnd=12000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=788&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 14 Nov 2024 11:19:50 GMT
vary: User-Agent,Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc345245-LAX
content-length: 62938
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nexus-v2-charlie-desktop-css
raffi888z.xyz/Content/Home/ 18 KB
6 KB 347ms
342ms Stylesheet
text/css 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/Content/Home/nexus-v2-charlie-desktop-css?v=cb5jAOvtzg4anMtV6PQmwWECj2quNmxRmomWFTh3lAw1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

d53ae879fddc7262f02d38f86e84403afd736c2a41a48cf2b5ccf152fc0d4b3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkkH8y%2BrxRkcNG8IlzLN5VoLrIJcIYTRhvgI5fY%2FmUuj6NdGKN%2Bwyiqw7BLw3KowgNDSgFDCpWyv%2BlHXUuxVwxOXi7AHZbJsd6koAp2%2FxagPGO72XiwxCD9d9ZWB6Ft%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:19:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=897&x=1", cfExtPri, cfHdrFlush;dur=35
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 14 Nov 2024 11:19:50 GMT
vary: User-Agent,Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc365245-LAX
content-length: 4761
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 slick.css
raffi888z.xyz/Content/ 2 KB
2 KB 347ms
343ms Stylesheet
text/css 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/Content/slick.css

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: BYPASS
etag: "1DB2B3F1DC5D500"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BeQm12hqS1jv0vvCXET%2Bi6%2BdMUeEN1yyPEJKZWZqHi4vVFJgMp7HW0%2BdyGahFOJX3PJxqPTvu%2FvWz1u1JPSK1DVcsIQ8MYk9h8ZXnP8hhF%2FNNGlOieUblneaWCNABnaU"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 10:07:52 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=895&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 02:46:42 GMT
vary: Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc385245-LAX
accept-ranges: bytes
content-length: 773
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nexus-v2-charlie-desktop-dark-red-css
raffi888z.xyz/Content/Theme/ 25 KB
7 KB 417ms
413ms Stylesheet
text/css 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/Content/Theme/nexus-v2-charlie-desktop-dark-red-css?v=_UPRpmeTZL_6i8SKXpH6DswlLPBPLeD5aLr1GrsnBRM1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f88a8df04e4be3a2601d6131a18c1e13d9af37952be144e08efdb671c78677d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCa70NpNftMDPxQdY0MgeXxhCT%2B%2FFIcQhrTH0T7Re3I%2BrbYKt4Zf67jDSb9UMBi2fPAGWUtm7ZXRUYeqrKd4h%2FGfjNEFbhOa67MSy%2FX1TvOrmg6dIj1aSBErWNQ%2BGG2o"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:19:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=894&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: text/css; charset=utf-8
last-modified: Thu, 14 Nov 2024 11:19:50 GMT
vary: User-Agent,Accept-Encoding
priority: u=2,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc3a5245-LAX
content-length: 6048
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hkliveday.png
vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/ 7 KB
8 KB 262ms
157ms Image
image/png 172.67.212.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/hkliveday.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.61 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c1c5a1615144e844c881c0c6b1776a0558a8897a824966f35853252b5c28dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
etag: W/"7184-1701767509319"
age: 1892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zymRAMy4taDYieIZPQpHxIhyu8etNjEjWp%2F16btOEH9Av2gkLx0KuDisD25GC%2FBlhvzo3%2F0d0S1rfkUx3GWHj36E4q7E3cfrC9hY8QVTHEDjqHM7lRLPggUjwqNRWN%2FQtf%2B7KQRkVsQfL5uw6p0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71779&sent=21&recv=11&lost=0&retrans=0&sent_bytes=15566&recv_bytes=5776&delivery_rate=45629&cwnd=12000&unsent_bytes=0&cid=3a565d652fa5491b&ts=92&x=1", cfExtPri, cfHdrFlush;dur=71
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: image/png
last-modified: Tue, 05 Dec 2023 09:11:49 GMT
vary: Accept-Encoding
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e269bdd9d312b99-LAX
accept-ranges: bytes
content-length: 7184
server: cloudflare

GET
H3 200 sydneyliveday.png
vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/ 13 KB
14 KB 187ms
83ms Image
image/png 172.67.212.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/sydneyliveday.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.61 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c98d349a61cd1a4e0109ccd0d9948c5904204c9a77124e390415f511866fa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
etag: W/"13683-1709831900818"
age: 1892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlveYRPjl0xetvBm%2BNlsJztmDH8K5ZlRzPYkZV2SETa3KKQwB4OkJZgwNKgs41hWu0RgHtW3%2FB3eL9H8F1jjr6GCZw533Vr5hWugAd9FOkcB%2FEFPLlLmmSJr1sO5diibQswY0DO8HoTL6vSF6TQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71779&sent=11&recv=11&lost=0&retrans=0&sent_bytes=4148&recv_bytes=5776&delivery_rate=45629&cwnd=12000&unsent_bytes=0&cid=3a565d652fa5491b&ts=91&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 17:18:20 GMT
vary: Accept-Encoding
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e269bdd9d2e2b99-LAX
accept-ranges: bytes
content-length: 13683
server: cloudflare

GET
H3 200 hklive.png
vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/ 8 KB
9 KB 260ms
156ms Image
image/png 172.67.212.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/hklive.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.61 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f329027abb97a78cba42a851e6ed4546660d8bbd7de92bd26473d933bffc6a04

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
etag: W/"8363-1701673789497"
age: 1872
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NBs1a%2BMsX0auKiF5x%2FwcHorxu4EVdMQQ53R1zJsMX2%2BTBTmwslBPKEwrC7STDJZwmJRSsgru34ah85Rqt6Aw3XjYZJ7VoSzEbK2Tn2h%2F1acoJy922o6309yAREKFDd83BYk32B5HpXEfl3%2Bervs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71779&sent=21&recv=11&lost=0&retrans=0&sent_bytes=15566&recv_bytes=5776&delivery_rate=45629&cwnd=12000&unsent_bytes=0&cid=3a565d652fa5491b&ts=92&x=1", cfExtPri, cfHdrFlush;dur=71
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: image/png
last-modified: Mon, 04 Dec 2023 07:09:49 GMT
vary: Accept-Encoding
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e269bdd9d322b99-LAX
accept-ranges: bytes
content-length: 8363
server: cloudflare

GET
H3 200 nex4d.png
vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/ 8 KB
8 KB 260ms
156ms Image
image/png 172.67.212.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/nex4d.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.61 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c8bab56fffaa86391fa9d47d7dce382a10c5399fb774d74400ee3234cbc8f70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
etag: W/"7794-1704070022399"
age: 1892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nC2cx3gTv9ZuUfEaohCp4f8VpyrtDNFmV8yKWzhXN5QC%2BOKJ%2FEF2XdGJRiBWdfUsF19%2BY%2FTjTAn5anNbhvfi3Su4NcBfzfbLYPa16JuSLf9DDl0LBRVvB50Xp3BYcBUxjwSRv1b18VY9XJmZK0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71779&sent=21&recv=11&lost=0&retrans=0&sent_bytes=15566&recv_bytes=5776&delivery_rate=45629&cwnd=12000&unsent_bytes=0&cid=3a565d652fa5491b&ts=92&x=1", cfExtPri, cfHdrFlush;dur=71
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: image/png
last-modified: Mon, 01 Jan 2024 00:47:02 GMT
vary: Accept-Encoding
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e269bdd9d332b99-LAX
accept-ranges: bytes
content-length: 7794
server: cloudflare

GET
H3 200 1evot3h8m Show response
embed.tawk.to/603de7e0385de407571b866f/ 2 KB
974 B 306ms
223ms Script
application/x-javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11771b21c84c39464897e0f2d67f9c6a7bd8e1a582b21c88025b781ab58618b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=7200, s-maxage=3600
content-encoding: gzip
cf-cache-status: EXPIRED
etag: W/"stable-v4-67354992019"
x-content-type-options: nosniff
cf-ray: 8e269bdd79bb2f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/x-javascript
vary: Accept-Encoding
server: cloudflare

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 283ms
139ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-TREb280Y' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-TREb280Y' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=24, mss=1232, tbw=8221, tp=13, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: 0NahfsIKEmjxnKPhgYNZ7helJ9a3Z3sZrJogQLspyxAAlw7WmbY6bqMhT3LGsbAH1xjE2nVRwUVQWhjuMxEunQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 sydneylive.png
vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/ 14 KB
14 KB 254ms
155ms Image
image/png 172.67.212.61

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vxbrkq1luxtv.gpa2glsjhw.xyz/balak4d/assets/img/l4d/sydneylive.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.212.61 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a2fb6d14e0a2925fb42e4aee96fbd42c7de508b6bcd6ae235cbf88e695498b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: Content-Length,Content-Range
cf-cache-status: HIT
etag: W/"13898-1709831901048"
age: 1892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ugGZnnVbKx8TEg0cJACW7yNg9nThftljSG0Q%2FBhQMcJ4Ux1oCwSk1obzHuq%2FE%2F7p2mVEauw4cFPNkJFpb7SyGQb1cuWwBF43GuM0FS8o%2FCBLbooxk055ikt3fRmIJg7cgWOGK1IkJQXCDj0tqvk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=71779&sent=21&recv=11&lost=0&retrans=0&sent_bytes=15566&recv_bytes=5776&delivery_rate=45629&cwnd=12000&unsent_bytes=0&cid=3a565d652fa5491b&ts=93&x=1", cfExtPri, cfHdrFlush;dur=70
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: image/png
last-modified: Thu, 07 Mar 2024 17:18:21 GMT
vary: Accept-Encoding
priority: u=3,i
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8e269bdd9d302b99-LAX
accept-ranges: bytes
content-length: 13898
server: cloudflare

GET
H3 200 nexus-v2-charlie-desktop-js Show response
raffi888z.xyz/bundles/ 541 KB
205 KB 411ms
409ms Script
application/javascript 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/bundles/nexus-v2-charlie-desktop-js?v=kJ0WDwRgnGXnCVwlpR7_nLB-OjqX2UUAL7hop6aAZf01

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

f05f0cb91e8542360461f74c6b29fc42b1d01da4acb309976dc7fc0b40b77696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ebEdiUELpdlC1Y3q248C7gIgoO6%2F9U4SiA2371X2iPZxak13iJs72%2BKRR6mYaNFxcj26LnasJUetWYRgIyevMwAiWDiYTxcn8Z%2B9U%2F8x4XWe7oUiEh0pCgE53Q3EXe0f"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:19:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=905&x=1", cfExtPri, cfHdrFlush;dur=27
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 11:19:50 GMT
vary: User-Agent,Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc405245-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 nexus-v2-charlie-desktop-js Show response
raffi888z.xyz/bundles/Home/ 55 KB
20 KB 411ms
410ms Script
application/javascript 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/bundles/Home/nexus-v2-charlie-desktop-js?v=dW8Os-chXLF7itbKy7Xo5c4EaNk6KE0RSTwyLO_Ft6Y1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

b19640c79793f78d2db0bf48176044dfdb53d4176e0eae72ba27fa8030cdf2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UZWCgmdGjgT6db1AS8KKEBAgkQmVY%2FMSfFVG93Sz%2B%2FcezGhOAw8u%2BemcgA1h0NghnxfMmlFwTWl8sh7eJEOR9d5t4CUpxxlrkuR7T%2FbHkGVcojEUCpRmYMZiFHPyRDsD"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 14 Nov 2025 11:19:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73047&sent=59&recv=31&lost=0&retrans=0&sent_bytes=55258&recv_bytes=11782&delivery_rate=60838&cwnd=24000&unsent_bytes=0&cid=6562643ae15e0dfd&ts=900&x=1", cfExtPri, cfHdrFlush;dur=32
date: Thu, 14 Nov 2024 11:19:50 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Nov 2024 11:19:50 GMT
vary: User-Agent,Accept-Encoding
priority: u=3,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdcfc425245-LAX
content-length: 19172
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 poppins-v20-latin-regular.woff2
raffi888z.xyz/fonts/ 8 KB
9 KB 341ms
341ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/poppins-v20-latin-regular.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EoEGVgA0fthEP9679p%2BU1YdLMXU4mZeEumR12tyXo8ACQeCcrxGY%2Bo6d%2BxhWkkCDDb%2F3F7m5Ik7wePzyJXD82946L1Goa5bZWNCAHBo7ePLuE%2FF5N4JspvEC4cCpM9CN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73380&sent=338&recv=84&lost=0&retrans=0&sent_bytes=374993&recv_bytes=17939&delivery_rate=863463&cwnd=100800&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1279&x=1", cfExtPri, cfHdrFlush;dur=20
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdf3dd75245-LAX
accept-ranges: bytes
content-length: 7884
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 mobile.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/ 775 B
2 KB 1291ms
701ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/mobile.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

304dd8f01d68eab4bf55a8f8762d3c6b3e0717f9dc3ed58463f89faecc308f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "01a4ef358a8d81:0"
age: 189641
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: XW8OHNfNlbRROvyMCHRnpte8AmRl2aZIaMfvHgdl8NecfoC4vYEigQ==
date: Tue, 12 Nov 2024 06:39:09 GMT
content-type: image/svg+xml
last-modified: Thu, 04 Aug 2022 23:21:40 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 775
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 wap.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/ 779 B
2 KB 1421ms
832ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/wap.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

cf332e09fe305fcfe7d77ad6ad79f18405f0ed31357bb9bb9f41cdb9b5942fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "09434436482d91:0"
age: 189583
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ydij0lIIzVb6z2OjcD3iqLEG3QMYNSDnayD6-12pM8jYPAMMsDx4rg==
date: Tue, 12 Nov 2024 06:40:08 GMT
content-type: image/svg+xml
last-modified: Tue, 09 May 2023 10:51:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 779
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 flags.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/ 6 KB
7 KB 1420ms
831ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/flags.png?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0d7166f4393d91:0"
age: 189583
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: pbbScCIDEM6tRh1d54fSoZLAPc88B_P5VfK5aQiYH5dBzE23SRJc_g==
date: Tue, 12 Nov 2024 06:40:08 GMT
content-type: image/png
last-modified: Tue, 30 May 2023 22:09:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 6478
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 user.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/ 479 B
1 KB 1421ms
833ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/user.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

56b4955fcb0f5b0a01da77f8b0a17cc28c2f2bb1714e793bb76dc9b7db6b9bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0256a3e2bd2d81:0"
age: 189583
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: TNd7Lh21nhHENeJYz5oTKpdhBz9_Dlw4imyip_5a77v1YsDlDC42fg==
date: Tue, 12 Nov 2024 06:40:08 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 04:40:18 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 479
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 lock.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/ 902 B
2 KB 1292ms
704ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/lock.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

2f9c863ac795404d892aace72f6d4ca2efc6243700dfea13fc287e1aad2584c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0877b702bd2d81:0"
age: 189626
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: uPvMgVOexQCR87_TAXVVbsNvMJas53K5-XJTO_bzQgJltCbFtUr8mw==
date: Tue, 12 Nov 2024 06:39:25 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 04:41:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 902
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 news.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/home/ 2 KB
2 KB 1290ms
702ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/home/news.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/Home/nexus-v2-charlie-desktop-css?v=cb5jAOvtzg4anMtV6PQmwWECj2quNmxRmomWFTh3lAw1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

e5d62d3be4328933bde33f675d65b44a28d0c4f60e2bf3d63f0e9054dbc4544b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: br
etag: W/"0d3893a2ad2d81:0"
age: 189583
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nzxyRk7Xd2iL9bZYIu7ogkYq_0ylvtup2rjuoriGN9sEAZZd7E_MMw==
date: Tue, 12 Nov 2024 06:40:08 GMT
content-type: image/svg+xml
last-modified: Tue, 27 Sep 2022 04:33:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 chevron-down.svg
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 190 B
957 B 693ms
134ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/icons/chevron-down.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

4c6f9d0f2c5f1b202e3f4059e777e2a05aa16878abfd5d4f5ee398f2e4465965

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "045317a9bbda1:0"
age: 193548
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yALz-wniQ7aKAcqTThKzPsMnbCuu9bIIAZWYNHFqDzkngfz3NwL2fQ==
date: Tue, 12 Nov 2024 05:34:03 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Jun 2024 07:40:34 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 190
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 play.png
d2rzzcn1jnr24x.cloudfront.net/Images/icons/ 2 KB
3 KB 814ms
750ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/icons/play.png?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0c3abd379a2d61:0"
age: 193516
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: SrpMDTvqgvrWl8SmyuUvEcwm-9ZNx6kSyTg8suIZcdHFSHbAmyRWRw==
date: Tue, 12 Nov 2024 05:34:35 GMT
content-type: image/png
last-modified: Wed, 14 Oct 2020 22:31:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1845
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H3 200 poppins-v20-latin-500.woff2
raffi888z.xyz/fonts/ 8 KB
9 KB 311ms
309ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/poppins-v20-latin-500.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnMzffOr%2FlOZTFMDjqZsYdlwQFsGRlAqkAlx1n5WRoZwSC0Ad7nBDhIVNETpzqv%2BqkyxKc6KCrFO9BnzniU9cDGqrOmro0mgi74YF7ezLTMMCeyAz1qfxq4%2BKYkWf3xp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74878&sent=372&recv=94&lost=0&retrans=0&sent_bytes=414650&recv_bytes=18389&delivery_rate=245239&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1385&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdffe6b5245-LAX
accept-ranges: bytes
content-length: 7748
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 poppins-v20-latin-700.woff2
raffi888z.xyz/fonts/ 8 KB
9 KB 309ms
308ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/poppins-v20-latin-700.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQUrYdjeGfNd%2BZEojkxfIB911zKbFNK4cTB4ox5d602%2BYJbylmIIdcGXKMcclzgkI3708%2BWJYkX4appKiKdPUMKAIFg8h9xCfeH%2FpMpNz1Pw5WiWuEuWi91c304wAHNi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74878&sent=364&recv=94&lost=0&retrans=0&sent_bytes=405222&recv_bytes=18389&delivery_rate=245239&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1383&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdffe6c5245-LAX
accept-ranges: bytes
content-length: 7816
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 poppins-v20-latin-800.woff2
raffi888z.xyz/fonts/ 8 KB
9 KB 318ms
317ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/poppins-v20-latin-800.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cw9hy7q6CiWxbhExhpgsJdZgJxt2yOSLe%2B%2FSbR3TKKBKHDI6U8JAVK5diazZg8rZC1GhhSRDzFfgVSOEGR9b9UDJInndQhFw0Ifhk0t%2FgeM0m4s1cidiCztcKFnZOXYZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74480&sent=380&recv=95&lost=0&retrans=0&sent_bytes=424007&recv_bytes=18435&delivery_rate=350156&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1394&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdffe6d5245-LAX
accept-ranges: bytes
content-length: 7824
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 poppins-v20-latin-italic.woff2
raffi888z.xyz/fonts/ 8 KB
10 KB 300ms
299ms Font
application/font-woff2 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/fonts/poppins-v20-latin-italic.woff2

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Response headers

cf-cache-status: BYPASS
etag: "05c59213f2bdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSjDSkP%2BlUXWLN3CoZ4dCFaObMoW5Lz2arPPTxdWSR8dHE12XWIywcUwBMMOE%2Bhmq5YOYZt64k7rfD4D%2FGOfLxmXVWP7oCPjPXSbhLHqQB5sCAOayKANjAGgb63GkknS"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=75344&sent=355&recv=93&lost=0&retrans=0&sent_bytes=394915&recv_bytes=18344&delivery_rate=1325060&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=1370&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/font-woff2
last-modified: Thu, 31 Oct 2024 02:46:48 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269bdffe6f5245-LAX
accept-ranges: bytes
content-length: 8668
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 logo_b31a0110-f30f-44ce-adca-a0e16c57cbc3_1727674595257.png
api2-pad.imgnxa.com/images/pad/ 35 KB
35 KB 901ms
380ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad/logo_b31a0110-f30f-44ce-adca-a0e16c57cbc3_1727674595257.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64f9a9edab8124f17a2c061a34d79ddb6a9920f0879b191fe26047c31d84eb6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "a0ecc2dd5a1fdb1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSb0etiJEzjT6b%2BvyHqhgkyU2dnrfE%2FyN8U6Aos9Rn8BCeVD2ebbz6txjw60GfCLmcIDC4R9Nu8e5QdgHWuB6tmP1Qrq8YmjjG7ByDI5Fjy%2FLSNOyOWiGOkHaU7vGL3qACTiq1t3ZSwovEmqqhBMS6w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33ccfcb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=67&recv=26&lost=0&retrans=0&sent_bytes=68160&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=16611&cid=59867b561ce65bee&ts=683&x=0"
content-length: 35371
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Tue, 15 Oct 2024 23:35:06 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 home.svg
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/menu/ 2 KB
2 KB 646ms
137ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/menu/home.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

d91e8aee31444717fa75a217d71ba613f19452c3e5f2e6c4949df0af8ace655b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
etag: W/"06191886b1da1:0"
age: 193406
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: ts9FFiPI1byZlFlpmhi8leV57ONmxC4oucRNlvV8rpWwj4oH-C6hNw==
date: Tue, 12 Nov 2024 05:36:25 GMT
content-type: image/svg+xml
last-modified: Tue, 28 May 2024 13:54:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 id_cbd_063a01f0-12a1-4cd8-8e35-cd036d2c5611_1722575505637.png
api2-pad.imgnxa.com/images/pad/ 552 KB
553 KB 899ms
378ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad/id_cbd_063a01f0-12a1-4cd8-8e35-cd036d2c5611_1722575505637.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a3d92158c249a18fa7e102e94ba763b751d8d4672bad51cb5f9f63863fd94006

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "d71642d05bf3da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nbnOOmARHEnMfn7hkHOVYtr5gd2n97%2FOMaf9WUR1ISJO9OhGQOy%2BS20MaijmoUNNNZjZp8cdlZ2s4iWhx2bo6NtwYpPu5%2BhNdZMxhuAn0rjtIsgT7BblGBxyErVsjDMoFzfr68TqmXaZ2VXB9WjcrLI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33cd0cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=45&recv=26&lost=0&retrans=0&sent_bytes=40673&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=44098&cid=59867b561ce65bee&ts=664&x=0"
content-length: 565164
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Tue, 20 Aug 2024 23:51:02 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 id_cbd_952bb8a6-2d5f-4811-b863-526b8a25c337_1722575596567.png
api2-pad.imgnxa.com/images/pad/ 556 KB
558 KB 824ms
304ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad/id_cbd_952bb8a6-2d5f-4811-b863-526b8a25c337_1722575596567.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f880bc64ee82e4ba3a5ebc366185cb2d8ac2a8db17126a7e32f62b84bfc56aef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "4138c2cf5bf3da1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzDpUwmPm7Q656yYiJi89Ag1pgXIzR1IRNMiZ9EfWspuhz7wfcWLtjZAqzIxwCHv8oBkWm%2BihSbh1DydjNDdeSRg0lACxJeW4W18BqqhEb%2FTfL6Hr70ytMR9jkmzp3SpQygvpe6sfO7RhSa7BlHgE1Q%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33cd1cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=14&recv=26&lost=0&retrans=0&sent_bytes=5733&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=0&cid=59867b561ce65bee&ts=663&x=0"
content-length: 569851
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Tue, 20 Aug 2024 23:51:01 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 pp-mahjong-wins-3-black-scatter-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 541 KB
542 KB 377ms
166ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pp-mahjong-wins-3-black-scatter-desktop.png

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

254e72555ee438aa3b091fdb15cc12d3e47128d514ee344580a3cbc848066a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0be19cb9d28db1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: lKKTdVnrl3PGV5gHTPIeL6CObcIGp-4hNHSaYjBXCJebfl1rVawydw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/png
last-modified: Sun, 27 Oct 2024 18:26:52 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 553950
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 pp-mahjong-wins-3-bespoke-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 473 KB
474 KB 928ms
718ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pp-mahjong-wins-3-bespoke-desktop.png

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

7370943e09a5dcbac9687380acca70122380e2145f5c9b52e5cba3ddaebe98d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0b6cd5e9429db1:0"
age: 193516
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nMmHYdOwTR0ymf0R8_e0eANPfi-Ikn7zJD6b-N_KnllvQBBXQyXUbA==
date: Tue, 12 Nov 2024 05:34:35 GMT
content-type: image/png
last-modified: Mon, 28 Oct 2024 23:51:56 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 484272
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vswaysmahwblck.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 14 KB
15 KB 805ms
741ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vswaysmahwblck.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

8cb5020541a925d56097ec88e9f8221509aba0382ef7536d0b3f02df2ee3593a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "01dc2f9d2ddb1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yS2YRJDolhAkpos1iuZy-x9nEA3b-IySENa7bvC0ikRwpXiXaWYy8Q==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Sun, 03 Nov 2024 03:05:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 14244
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 mahjong-ways.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 28 KB
29 KB 805ms
741ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/mahjong-ways.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

a6cb36e0f9dd285032e9e19b2eebbcd66369743313562a4c72233ba70227780b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0435fa416f1d71:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: RX8rETyrtnPdFxb9K8gRjWWWZO44JZPonrdHbFgx5LH1mt6is2KHtA==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 28688
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs20pquestx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 12 KB
13 KB 805ms
742ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20pquestx.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

665767f3b477c3c012e79c7c21c5b3e1fb5997a83aeb7e2bcd7981fe35f83054

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0ef4d45d02fdb1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -x403B6HEYvE1SMViRy6W0153kqldr7nk6N1GcPGJ7ZQTQsOOERSiw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Tue, 05 Nov 2024 22:15:50 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12374
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs5joker.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 13 KB
14 KB 806ms
742ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs5joker.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

c39ab31e114b092a1ed03a1c995ae791ea1af9d2ffc48ae979a13a66a462faa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0c3b26e8734db1:0"
age: 105321
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 8puqzmO1II1YDAcF4PQl2KxNuRhYkmwpxC4WDFZJjj6CieUqJV1zmA==
date: Wed, 13 Nov 2024 06:04:30 GMT
content-type: image/webp
last-modified: Mon, 11 Nov 2024 22:17:02 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 13322
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 HACKSAW_1562.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/ 14 KB
15 KB 806ms
743ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1562.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

28db4437904a6273bd764ea4848c12af17e3c82c6faafa6c34d81dceeeb3364b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "06cf2bf13db1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vSe7TN3xrZnXYEeKxk-ePXgu0b91HSxWZvDz8ui5kV-1f_hrCz6Yhw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Wed, 11 Sep 2024 02:19:36 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 14670
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs20slot88og.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 12 KB
13 KB 806ms
743ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20slot88og.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

62f45ed89a211ac5639b026138f694e12ee6e71dd92d68a49b4560e5d0982af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0ef4d45d02fdb1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yCbTqhlUnPORkCDGWQR1APvaGDYk7bUwEYq1zUKRcF8jvpwH4x4gpw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Tue, 05 Nov 2024 22:15:50 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12586
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 HACKSAW_1534.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/ 14 KB
15 KB 807ms
744ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HACKSAW/HACKSAW_1534.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

37727a7e1ef801691ac8cdf2f751401b722701346336af4154cd6b5976bf500f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0a4a46fe5d0da1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: L9OXwa2v6BS8GnxaZRDb-uIFd3BODs8l2BcvcSjbGIMN94W5G4AEQQ==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 08 Jul 2024 03:18:00 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 14490
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs20olympnin.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 12 KB
12 KB 807ms
744ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20olympnin.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

33d430db718d5f77d8dcb5f53125a51d9c5455d533710072f8e3bb8b42d9adad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "04a27e8f69bda1:0"
age: 193338
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: VsiMPi7gDVN3gXB0d-2AV5wdLMzU9_1YJf66lpY_L9AzZHIcpPP1Qg==
date: Tue, 12 Nov 2024 05:37:33 GMT
content-type: image/webp
last-modified: Wed, 01 May 2024 18:39:32 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 11952
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs5triple8gold.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 11 KB
12 KB 807ms
744ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs5triple8gold.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

3030ab76a368c6dcd26458aebb03c88d8898a4a209aff9f2adb4061ab5c1ed8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "03fa8ebc228db1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: EQLHDAaBn1BjaaGMQWr-q29cdfXJz_H8Z6rAqXZHf3oPQlDcqh7bgg==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Sun, 27 Oct 2024 22:52:38 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 11636
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 mahjong-ways2.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 21 KB
22 KB 813ms
751ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/mahjong-ways2.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

7f217ebd4c820f770092e873269e813b93d3c5e195e7018f01d02dd7bec119dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0435fa416f1d71:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: W-FUZibYJRyw4qWPJH1d-BwBi2zpJDxJFI-nzdAQ5OW3VSdV0R4Txw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Tue, 14 Dec 2021 18:15:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 21606
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vs20olympx.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/ 12 KB
13 KB 807ms
745ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PP/vs20olympx.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "08946c5ae53da1:0"
age: 80072
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: gTUfdTAF8URtQfMiFZeopHK62nHHsiq0U-VlVHt85iOb0cqjSfw2OQ==
date: Wed, 13 Nov 2024 13:05:19 GMT
content-type: image/webp
last-modified: Tue, 30 Jan 2024 19:01:46 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12196
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 PGSOFT_135.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/ 10 KB
11 KB 801ms
739ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/PGSOFT/PGSOFT_135.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

1db58d5601dd8d3b42dec6c2a01eb97cc812efb938b5b6045453a2fb84d383af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0ed2f869b0d81:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: _9l99TmLz5TAtXFfw3y2C5U5vCPS85A4IGgFn4ncXouUskqyi8qQ3Q==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 15 Aug 2022 05:43:40 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 10658
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 SMG_luckyTwinsNexus.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/ 13 KB
14 KB 802ms
739ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/SMG_luckyTwinsNexus.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

de815985cca45ef8e93e564749333bbf84be1a054961f86a06b038ef56464fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "050b0af8bfdb1:0"
age: 193338
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7x6bokBbKzwUAqeaktITzerRo97FlZCkg4l1wmSB6N8iPCGgINwWmw==
date: Tue, 12 Nov 2024 05:37:33 GMT
content-type: image/webp
last-modified: Wed, 25 Sep 2024 20:44:16 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 13100
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 SGNexusKoiGate.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/ 16 KB
17 KB 802ms
740ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/SGNexusKoiGate.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

9191f17b9068c43921c043900892c07e21d5d1bead4e551b4434f9b2a14b66e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "07c6847e152da1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: KLZKTYOJew5nMNzCNqOaSF9vMa5oXFFIvYiyUmeh1Du4dtYHi2F3oA==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 29 Jan 2024 18:30:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 16520
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 thecrypt00000000.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/ 9 KB
9 KB 802ms
740ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/thecrypt00000000.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

e8eafdcdf94f13cf25a08e907e2a49f4823b208e2c1d4b01149539b728a53ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0bb9cac5394da1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5Co5NmCWJQs-O0LNnnuyKEGERy2M6fYHWbzbNmxgXjXA_aovKiH-Tg==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 22 Apr 2024 01:23:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8820
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 SMG_luckyTwinsPowerClusters.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/ 11 KB
12 KB 813ms
751ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/MICROGAMING/SMG_luckyTwinsPowerClusters.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

17219cdae3f518a5313c228942cac3ee26bb2993a8f5da4eb2cfeb5cc5b3139a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "071fd5daedda1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: OTeyk5Je2QKDDndPggKeLBJNpC0Vc0P_ygfh8ce5sMHnwR6mbUh_rg==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Tue, 13 Aug 2024 23:39:22 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 11006
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 mental0000000000.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/ 7 KB
8 KB 802ms
741ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/NOLIMITCITY/mental0000000000.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

6972eb83b09a5ae932ddf2a1a692bc2382922c3e44fb5067580a9e2ed32b40d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0bb9cac5394da1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: dqIjvvCQWw2pLYiEgbQcduGXJ8CSa3XIhNP_KFQPK2OljE_EFLBf8A==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 22 Apr 2024 01:23:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 7674
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 JILI_223.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/ 13 KB
14 KB 813ms
751ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/JILI_223.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

15e1591b565a8c88315f120027aff93fafedd239ec551d91dc9aae8d13d0849e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "03f981b0afd91:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: v6jIrAiqAav0M0hx8Jd5PneAo6Z7NaWxcNBEJyd9Wf101Ltcc34tDg==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Thu, 06 Jul 2023 02:17:26 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 13600
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 SGHotHotNexus.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/ 9 KB
9 KB 811ms
749ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/HABANERO/SGHotHotNexus.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

6001fc7fd22aa804e3a5dbc7852cea5bd1da9e42e5e8615f52b0ddd9b82e0c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "073d93f2d65da1:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: i6yK8thcbH4X_lt468vjVb7C6m0Szt727UkqgQPw6rr712cODIoHbA==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Thu, 22 Feb 2024 01:19:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 8888
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 JILI_109.webp
d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/ 12 KB
13 KB 813ms
752ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/providers/JILI/JILI_109.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

2fbedfe19a271f381fba8591adc77765ae24add830c31a23dd306e9d988fadee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "04317d87db6d81:0"
age: 193550
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: vdewufrJC7po7bOUjeeATJ5nM7uwniZhHZM7s5fZGiZyCz9KZ5W7kw==
date: Tue, 12 Nov 2024 05:34:01 GMT
content-type: image/webp
last-modified: Mon, 22 Aug 2022 23:21:02 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 12690
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1729832164310.png
api2-pad.imgnxa.com/images/pad// 979 B
2 KB 808ms
291ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//BCA_e1bab23f-dda6-4835-b3ce-d5039f28546c_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "2ff57eef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5JghVf4seIW%2BejyraH95AJ02kPEect%2FGSfujWmNXFxNFF4n8IT4en%2BIoB9jR0piRgSbnLSb6Rh%2F3F%2Fh%2BZHniW9a52T%2BzD%2FpaNN%2Fwd0zkHzLOjyDF0eSgoWov5J9%2FD9dKyWOUa5qjdAnE4%2FXoFBNiKHs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33cd6cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=11&recv=26&lost=0&retrans=0&sent_bytes=4032&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=0&cid=59867b561ce65bee&ts=649&x=0"
content-length: 979
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1729832164310.png
api2-pad.imgnxa.com/images/pad// 918 B
1 KB 896ms
379ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//BNI_3d30334c-d871-46fb-80b3-0fcb12f99b87_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "89f690ef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=adaIiVS8o%2BLOu%2BGgeg0eXfdAZzCaFlXf1TbVbD9uYyjPKgQslllL6CTURjRhr520K2GY25m5vD4CyPpaxZciB9ZxEL8zUt%2Fh0xmA13nf8JpA40PCHPy9VCO5Z1g08yOVHsvhrPHBAb2MxYohr3t%2BF4M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33cd3cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=67&recv=26&lost=0&retrans=0&sent_bytes=68160&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=16611&cid=59867b561ce65bee&ts=680&x=0"
content-length: 918
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1729832164310.png
api2-pad.imgnxa.com/images/pad// 839 B
1 KB 903ms
386ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//BRI_a458ab91-91a3-49ac-98b3-1bfc5d1966bd_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "688a95ef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPP6HF06qotgHv0En%2BM8yo3ucRBxQgoFW3MR02LZeEd6iOccgufLYnIwzviwy6lfWBtF9Ny6byyeOVnzufzhdJHG58tWT74N6TuZCshqiFpYU0Stufmt2BO%2BVmRj8GJtQip%2BIQ%2F9W8g35FTlH1Dsgvo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be33cd8cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71294&sent=67&recv=26&lost=0&retrans=0&sent_bytes=68160&recv_bytes=3677&delivery_rate=54423&cwnd=255&unsent_bytes=16611&cid=59867b561ce65bee&ts=672&x=0"
content-length: 839
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 DANA_d030bf28-aea8-4810-a514-bdfd29885829_1729832164310.png
api2-pad.imgnxa.com/images/pad// 2 KB
3 KB 385ms
325ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//DANA_d030bf28-aea8-4810-a514-bdfd29885829_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 672e87178f46813febd4dece6ad9a86b90edece61b955166b2d55bb0e8726b7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "872b9def9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TapZLOIJxqFjp5EgJ0vbfZ7AdeSo1C9JnyNq7yR8zWpgO3l5ovlklTARAVzy5nlka5XFzYBIP1CPsJdjm%2FLicdeESDQKqS7Z7JniUJlAszlSwosuh4g0kj711nfm1125vQk2ofavCgmT71qeUCYLH3M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eeb7cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=777&x=0"
content-length: 2363
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 GOPAY_85f2fedc-09e4-4624-8e66-0312097e69d6_1729832164310.png
api2-pad.imgnxa.com/images/pad// 3 KB
3 KB 389ms
328ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//GOPAY_85f2fedc-09e4-4624-8e66-0312097e69d6_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dd6143c7f03b9c051fc31a8531cd5bd1b2eefec075b3ba39d30c60e79f712ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "53a1a6ef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOi5Wm7%2FH%2B2815UNrg6STNyjwVvJAXCRPWISixQ3F3KUtESneAvGFbtrmIfItGbDtPi2lXwqYrhuSkPWaXlA%2Fq9UQCp3lEjPT%2FfIzZC%2Fqs3YvkGspBc%2BvPiaRyaFIlBcqpGjqKXa5ZOy9PNxVQ%2B2%2BaI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eebccb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=793&x=0"
content-length: 2820
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 LINKAJA_a8208d15-6393-4127-a0d0-379bd3a70d49_1729832164310.png
api2-pad.imgnxa.com/images/pad// 3 KB
3 KB 384ms
324ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//LINKAJA_a8208d15-6393-4127-a0d0-379bd3a70d49_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 27e89e436d9248fec27e9c90d7f8aed076ea185f43536f512c3ab4774e612976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "e5e2acef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKhBEwO1Nu4EyygF82%2BimycD45DhEWDbW9ZNlTihfytQe7p82pF%2Ftph%2Bzq0H2RfM%2BbNiNKf%2BUsR6%2F%2B9Cp1J7MZBhVCI%2FbEuKi2sxgcnvKE4u7STeON2Cdgrh8CwF1W6HP1OoEjdMHm6MGtmRe9AmJOY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eec0cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=778&x=0"
content-length: 2998
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1729832164310.png
api2-pad.imgnxa.com/images/pad// 1 KB
2 KB 387ms
327ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//MANDIRI_ec4427ff-2e6e-4657-a2fe-b3702bc15e7c_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "cae7b3ef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DbLBM9mI5p5QHnVnXdSi6kTFmJanS9T4%2FIyWCoSeIbHQj4MgaCadrrM2FH6mgbDAHy3h1e57%2B5YbhJ7o%2FuK6FHelQxJd2NOJOi4zQT8uWVvLI3rjjWLiWOfjEa067bTj0awRHM5%2Fxas9iC%2FH31wiEjM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eec3cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=781&x=0"
content-length: 1465
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 OVO_28dcc861-cb23-4607-adac-6ff5a781ae49_1729832164310.png
api2-pad.imgnxa.com/images/pad// 3 KB
4 KB 385ms
325ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//OVO_28dcc861-cb23-4607-adac-6ff5a781ae49_1729832164310.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dbfa822a43c0ca304bdf7a4ec251680c7e5dfd91f4c9aa4a54ff59b44c54a681

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "cfb4c2ef9a26db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1J4HyUw80bCBhU6F8%2BMcE5DgquqxPl9COfvOgvcCY%2F3fV5rMsIEZ%2F5tYBsip3vNlK8hIuTxRqnhG9Sr0cqYss78iydpD5IPFGafKMuKYI5x0uP%2FzfUhPsPmRUgxfO4AlkM8iZyVe2wY2nfrnj6GgLM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eec6cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=778&x=0"
content-length: 3469
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Fri, 25 Oct 2024 05:01:22 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 TELKOMSEL_2e3fa44d-66bc-4f94-9afe-f0175642372c_1729759411683.png
api2-pad.imgnxa.com/images/pad// 3 KB
3 KB 385ms
326ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//TELKOMSEL_2e3fa44d-66bc-4f94-9afe-f0175642372c_1729759411683.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8386e470d86c46b3d037fca2187d6bd11a84e5be87a39167b83aa09309ec6385

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "e0e86eaf125db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBwGfmZ64fuvnlsp6vdXEpvE2xN1DW6WzdLCz1ejXWM2tAPokGOWveYAwaWq4djocYr%2FHPZip%2FWNiMCBkf3XWSN1xc8KWOksKx%2BYPW4fg%2F6zNhdhRCCmaTOMDqg1FREnqlarwPWTLf15IbTtnbhDSsg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eec9cb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=780&x=0"
content-length: 2637
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 08:51:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 TRI_54d1c012-72c6-4ba6-86ac-e408fe73562b_1729759424460.png
api2-pad.imgnxa.com/images/pad// 7 KB
7 KB 387ms
328ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//TRI_54d1c012-72c6-4ba6-86ac-e408fe73562b_1729759424460.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0c7e064010c13550934a1c1c3b2d6c62cdebedd6347fb91e15396d3d634d11fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "6da231eaf125db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4F66xWosg9mxg2dGPwnkI7ZgIFQ8t5SqgsisZGCmOYAciP0GP7ZIk%2F1r6Trx%2FEakc1QMQEIFVIIxSE9U8gh3YKP3IQ66Hfh7JYAR9VkXZPEYN9VWiQsv4wQNJyQK%2FO1bffB2l3EEXv7SonGzvx0QhtU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eecbcb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=792&x=0"
content-length: 7071
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 08:51:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 XLAXIS_9a65ddfb-41e2-446f-9274-62d95a615fc1_1729759493273.png
api2-pad.imgnxa.com/images/pad// 3 KB
3 KB 386ms
327ms Image
image/png 2606:4700:20::681a:ecb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api2-pad.imgnxa.com/images/pad//XLAXIS_9a65ddfb-41e2-446f-9274-62d95a615fc1_1729759493273.png
Requested by: Host: raffi888z.xyz
URL: https://raffi888z.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ecb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09a83c511c673132ce4e6b31fc6fbb26a83f3a68a52e7073e117b3fd2f3c8dc0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: REVALIDATED
etag: "e5db3beaf125db1:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cfTgrlaAUAqcXAFhKshcl2P7KJWnDkLi%2BKZAuAD8M7SH1JDfy9uMQ0iJqskl%2FCSp%2BsPU9QXkJ%2BjKinBEb9ooAshZOKR4q56zMoKmgdXA%2B95LLqOnSQH%2F3r8kHbtPsolRwcq3TlN8p%2FrlP1ZiaLeOLx0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269be3eecdcb8e-LAX
accept-ranges: bytes
server-timing: cfL4;desc="?proto=TCP&rtt=71444&sent=119&recv=53&lost=0&retrans=0&sent_bytes=134632&recv_bytes=3677&delivery_rate=808945&cwnd=258&unsent_bytes=20752&cid=59867b561ce65bee&ts=791&x=0"
content-length: 2801
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
last-modified: Thu, 24 Oct 2024 08:51:28 GMT
x-powered-by: ASP.NET
server: cloudflare
vary: Accept-Encoding

GET
H2 200 whatsapp.svg
d2rzzcn1jnr24x.cloudfront.net/Images/contact-us/ 852 B
2 KB 811ms
752ms Image
image/svg+xml 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/contact-us/whatsapp.svg?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

a42dd6ed267f1dc3b18b01d81e41f8a819221bda62e0da90bcc5bb339592a84a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "037aae647acd81:0"
age: 193481
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: Ff8jaUToE3_i9SryyrnT_aGcALbrWeEtSMtzMJzlIfAecsjNXbYpQw==
date: Tue, 12 Nov 2024 05:35:09 GMT
content-type: image/svg+xml
last-modified: Tue, 09 Aug 2022 23:29:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 852
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vin-gaming.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/platform-engine/ 1 KB
2 KB 812ms
752ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/platform-engine/vin-gaming.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

a727ecd9692efe910a31f9895b8576298e21c9a5d5abe9c43fd21f87457cdd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0c3a224acbda1:0"
age: 111724
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 5rAhcpxhrRpRUrxSjKlxbIajyfcjiKYF3AASxRVRaLOzdnaZFKcXRg==
date: Wed, 13 Nov 2024 04:17:47 GMT
content-type: image/webp
last-modified: Mon, 01 Jul 2024 00:03:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1432
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 vin-gaming-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/platform-engine/ 1 KB
2 KB 807ms
748ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/platform-engine/vin-gaming-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

a727ecd9692efe910a31f9895b8576298e21c9a5d5abe9c43fd21f87457cdd74

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0c3a224acbda1:0"
age: 189573
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: 7ZY5GL-HCJRnalWljlHa9chpc8_TrDCRk_Eo8o4UYCxQaC_PCKfnCw==
date: Tue, 12 Nov 2024 06:40:18 GMT
content-type: image/webp
last-modified: Mon, 01 Jul 2024 00:03:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1432
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 gambling-support.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 1 KB
2 KB 812ms
753ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/gambling-support.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

5006a06c17793f6da51b5f8ac12be086aac2d1bed0253db6943c76ee4e20d0a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "02692b33cd2d81:0"
age: 189573
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: F1zEsf_88zclpa1bmC-M-b-q409Mb_KVJ2JGojMQmtJSSKX3Lp8OMw==
date: Tue, 12 Nov 2024 06:40:18 GMT
content-type: image/webp
last-modified: Tue, 27 Sep 2022 06:45:16 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1264
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 gambling-support-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 1 KB
2 KB 813ms
754ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/gambling-support-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

f56d54390a59b84d5b925b7a07d2ce249be6ebb0e434553c4bcd659072287dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "09986d83cd2d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: C4z1RJzUtwsE5V-VBBEXEPDjcDqrbc8nQ5w_B-PaCcQ0_99qJJR90Q==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Tue, 27 Sep 2022 06:46:18 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1286
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 18-plus.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 404 B
1 KB 807ms
749ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/18-plus.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

9bfde9d4e468d5abe83214a820f872e5415cb6f2e0462e84309c9fc44c784402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: bMke6DQpcvDHxO1yybHJupiBdNRVqhH3I1712QID33sKhrD2Pkc9fA==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 404
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 18-plus-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 404 B
1 KB 812ms
755ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/18-plus-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

9cf09f2004e226e9dda2bbe1ece099c2d4c2ae738accccbe438b893326be0114

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "091f3f64ad2d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: qTXU_swzK4agToOwtoAMoHI_DwaQKeQVMAKF_6hrSwhvSgB4cNT95g==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Tue, 27 Sep 2022 08:27:22 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 404
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 chrome.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 638 B
1 KB 801ms
746ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/chrome.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

eaa773395a10dc4e34efe9fb3dc1a57fb274ce13696feba1b3b8c228bb5f94a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: SIxneZnom_ywtr-r6m3hg8oChfveelVi6N_S8trdO7Z6DXVjdT0l_w==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 638
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 chrome-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 2 KB
3 KB 799ms
747ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/chrome-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

f08eb57c481ba99826aa459b9baaa9b8fecd831ffc6d8cf0cc537a51533123bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: egEjriP35GDCcGr6Ar66q0fLJ6wkodi4ivrd3qDG-tsAU7hYouXM0w==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1852
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 edge.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 622 B
1 KB 796ms
747ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/edge.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

f14295ae26b918df21c74c4a0d4134ab052cc3d868fb2efb87c757d144f20148

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189643
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: m3JoveOFxLAHDT0UwNCmcmTzM9wdezrMa7jRBlBvrtxMAO8jy9tAHQ==
date: Tue, 12 Nov 2024 06:39:08 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 622
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 edge-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 2 KB
3 KB 794ms
749ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/edge-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

9b9199d23e9a262daf018835eb017d8e84401f2fd8b5ff8e96f7a841d59e1cf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189572
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: lRFs4YHzy8A7GnWw64hM8dZBbt9DFhj4P28QtKli0jbRJDaw9_-XsA==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1904
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 firefox.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 822 B
2 KB 787ms
748ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/firefox.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

5905072d8c2304be87d8205fa3c4ca0ede1fef8afc5d72c64075366238fc1051

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189642
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: DQ-BgYrp_uO2Ku37B93wrFehbdsty6Otr-KwZM6o2R3k4p93_iwpSQ==
date: Tue, 12 Nov 2024 06:39:09 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 822
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 firefox-active.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/ 2 KB
3 KB 782ms
748ms Image
image/webp 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/footer/firefox-active.webp?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

ac7c11e912f445d676561a688c566a26f5928ef954d677f860ac3435c052234e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0477ff458a8d81:0"
age: 189571
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: tnRI3sg9iaQ68z1sc887y0jjGwnKhlRJkcQtj_Tp3t_TUZb10YWCKA==
date: Tue, 12 Nov 2024 06:40:19 GMT
content-type: image/webp
last-modified: Thu, 04 Aug 2022 23:21:42 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2300
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H3 200 2883090935179424 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 206ms
206ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2883090935179424?v=2.9.176&r=stable&domain=raffi888z.xyz&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

45acde28e9fe492aaf4c0a277bd9c90b2ce9ff57ef8b727cb6b1e8c77441c2b7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-EfyjMVoT' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-EfyjMVoT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=80, mss=1232, tbw=74193, tp=71, tpl=0, uplat=68, ullat=0
pragma: public
x-fb-debug: Jo5w+fzBBdwwlnoKK9cLrHC2jJzDTsbcYiEaUMUK9xWhz4XqaJgvaJjFQS/DtrM1OiipRhSAV5gKWbDzik/hDQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 notification.png
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/popup/ 4 KB
5 KB 382ms
140ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-v2-charlie/dark-red/desktop/layout/popup/notification.png?v=20241103-1

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/Content/nexus-v2-charlie-desktop-css?v=wpdHRxCsVvoR6WnTDkl6VZ_lxkF3lBUaCr5Jm8-QMe01

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

b4c67caf27814b729d78df09305452fd84d4f6c0d3a21f9fd351825951777cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "086fbe48acd81:0"
age: 189568
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: PRMIMGow4b2IAUUq7k05JD06s-dC2L59Yqc0yQZxpzv9JBvcCV46SA==
date: Tue, 12 Nov 2024 06:40:23 GMT
content-type: image/png
last-modified: Tue, 09 Aug 2022 23:35:44 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 3934
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 jili-special-tournament-nov-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 319 KB
320 KB 802ms
737ms Image
image/jpeg 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/jili-special-tournament-nov-desktop.jpg

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

0b465abf4914335e6d2311fd3554d14cf97d2d540b67d1d87492f81793e2f31a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0cb982e7d31db1:0"
age: 193546
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: yd9HaIT1GBqMg319MFK4TfcoDKPmjnLGpIyEoFzng3cKC0TpZIRiCQ==
date: Tue, 12 Nov 2024 05:34:04 GMT
content-type: image/jpeg
last-modified: Fri, 08 Nov 2024 01:26:06 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 327006
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 nex4d-banner-october-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 208 KB
209 KB 770ms
737ms Image
image/jpeg 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/nex4d-banner-october-desktop.jpg

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "04ff6688c10db1:0"
age: 193549
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: EbTwYTG95ozdMcZOe8F-mYHfJ-jt5bK9oA_6_XHxTcQ-ELLzu5Lmpw==
date: Tue, 12 Nov 2024 05:34:02 GMT
content-type: image/jpeg
last-modified: Fri, 27 Sep 2024 03:21:58 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 212591
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 nlc-net-ent-bng-gift-promotion-nov-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 2 MB
2 MB 767ms
738ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/nlc-net-ent-bng-gift-promotion-nov-desktop.png

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

7f7e3fcaf1a62294067a5bc2e49b180783940890628ecbdcd5a5901d28ba490e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "038dec572bdb1:0"
age: 190286
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: iSpU-iopAm_jDNcGFIAOURNfbRzqKmy1XbGkVrzuFXQYFfwMUEnkOw==
date: Tue, 12 Nov 2024 06:28:25 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 05:44:16 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1990320
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 293ms
140ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2883090935179424&ev=PageView&dl=https%3A%2F%2Fraffi888z.xyz%2F&rl=&if=false&ts=1731583191635&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731583191629.445784281845440585&cs_est=true&ler=empty&cdl=API_unavailable&it=1731583191030&coo=false&rqm=GET

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=24, mss=1232, tbw=8270, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 338ms
186ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2883090935179424&ev=PageView&dl=https%3A%2F%2Fraffi888z.xyz%2F&rl=&if=false&ts=1731583191635&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1731583191629.445784281845440585&cs_est=true&ler=empty&cdl=API_unavailable&it=1731583191030&coo=false&rqm=FGET

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7437093177543478270"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:51 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: hWSy0fkXmCCraLAouvKzMP1XYC9kk5AiQNWNaEJ9fQVo5E3aH31vXRwjeRk8QcW6MB14drAN/a3lRfNpfY3zYQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7437093177543478270", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: GOOD; q=0.7, rtt=136, rtx=0, c=24, mss=1232, tbw=8590, tp=16, tpl=0, uplat=42, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 121 B
342 B 210ms
208ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: br
cf-cache-status: MISS
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-content-type-options: nosniff
cf-ray: 8e269beadffb2f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 81 KB
32 KB 211ms
210ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"3b341e35b39f6195793ecaf5db7c1d63"
x-content-type-options: nosniff
cf-ray: 8e269beadffc2f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 212 KB
71 KB 138ms
137ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"77a40166698f808a0942865537165b0f"
x-content-type-options: nosniff
cf-ray: 8e269beadffe2f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 223 KB
63 KB 355ms
354ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"ae0a97d1265892fc012190aa72881581"
x-content-type-options: nosniff
cf-ray: 8e269beadfff2f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 2 KB
1 KB 425ms
423ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: gzip
cf-cache-status: MISS
etag: W/"895415bbe1b8cf97aef258d17cb33187"
x-content-type-options: nosniff
cf-ray: 8e269bead8002f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 151 B
366 B 425ms
424ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/603de7e0385de407571b866f/1evot3h8m

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://raffi888z.xyz/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
content-encoding: br
cf-cache-status: MISS
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-content-type-options: nosniff
cf-ray: 8e269bead8012f5d-LAX
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:52 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3

404

not-found
raffi888z.xyz/
Redirect Chain

https://raffi888z.xyz/favicon.ico
https://raffi888z.xyz/not-found?request=/favicon.ico

3 KB
2 KB

302ms
301ms

Other
text/html

172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/not-found?request=/favicon.ico

Protocol

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3a57405cf118a3a3cdc63a62cafacacbcdb1c9c9b513ac67f798b29aa2f491be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mbAMq09YHC%2BHvGip91EF40HMGlxwkJ%2FflatBfTSW0Rq0IJtMOw48fSM4NaWo7%2F10ZMF%2BzF5QvuOdGitWcFSiRuIAXGk9ACBLp94ytdh0fpDFHxyzW3UQ1snpPUmDgWar"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e269bed48a45245-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73601&sent=395&recv=103&lost=0&retrans=0&sent_bytes=435148&recv_bytes=20334&delivery_rate=330&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=3504&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

Redirect headers

cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ruHGSlKxQ2%2FDHzaNJpSQQNzah21ATiTEhoD%2FSx%2F1Yyn9HZ%2FTwgFGFnTjxCPoXuaVVmoofU5dEfuCthaRESu7nsY%2BAeJDRS32zUP%2B5WBYioKcpccJLGafVkExgX9qbGC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73965&sent=390&recv=100&lost=0&retrans=0&sent_bytes=433491&recv_bytes=19418&delivery_rate=405321&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=3198&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: private
location: /not-found?request=/favicon.ico
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269beb5f4b5245-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
2 KB 147ms
141ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=603de7e0385de407571b866f&widgetId=1evot3h8m&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3a347ffe078a1ff80cbe0e52c31734711b0967c5b8e69a7617e13896754efe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"2-131-0"
access-control-allow-methods: GET,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-5s22
vary: Accept-Encoding
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8e269bedeb8a2f5d-LAX
access-control-allow-origin: *
server: cloudflare

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 322ms
247ms Fetch
application/json 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91f14ab4dce702bd32c81acfe2881823a74642247b2767b058b95dae6d8c9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://raffi888z.xyz/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-p36h
vary: Accept-Encoding
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e269bef5cc808da-LAX
access-control-allow-origin: https://raffi888z.xyz
server: cloudflare

OPTIONS
H3 200 start
va.tawk.to/v1/session/ Frame 0
0 131ms
130ms Preflight
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://raffi888z.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://raffi888z.xyz
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8e269bee0bae2f5d-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 11:19:53 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-9cgp

GET
H3 200 id.js Show response
embed.tawk.to/_s/v4/app/67354992019/languages/ 16 KB
5 KB 165ms
163ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/languages/id.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93f46cba9f7da46734b616e9a2ec774b8b919f85f2034f32af47921c8cb3651d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"a1b9d49a428f23b0972d5095f8e0d7e8"
age: 18143
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bef5cc008da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-bf24a88e.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 10 KB
3 KB 108ms
107ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c96127c9a0429d69fecbeb73fd410443"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10ead08da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-71978bb6.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 18 KB
5 KB 106ms
105ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-71978bb6.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"adcf466d8e820d5dd8a7df9975fcba50"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eae08da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-f1565420.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 11 KB
4 KB 104ms
104ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-f1565420.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1f098cd7a811a2ceef21d53835262c2d"
age: 18151
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb008da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-7c2f6ba4.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 5 KB
2 KB 156ms
156ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-7c2f6ba4.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"977b0aa25f349861d14d837b480e5615"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb208da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 17 KB
6 KB 157ms
156ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d26f24b5583b0a809ef3db128cbf6a06"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb308da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 906 B
661 B 155ms
154ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb408da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 535 B
573 B 155ms
154ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"c506281367048d4a134c9affbc68c8c6"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb708da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/67354992019/js/ 120 KB
31 KB 156ms
156ms Script
application/javascript 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ad43e469764eb884ca6ab070740c1931"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: application/javascript
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf10eb808da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 7B86 24 KB
6 KB 84ms
83ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2d7f176b563b25833791f4844819b5ee"
age: 18153
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:21 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf24ff808da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 43FC 13 KB
3 KB 85ms
84ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"ce7913b80c763449b3895d46419f7a6b"
age: 18151
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:53 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf2681608da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 8E71 42 KB
10 KB 88ms
87ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"313ec28abf9889abec5153d8318e8022"
age: 18154
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf2986108da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/67354992019/css/ Frame 1CED 79 KB
18 KB 86ms
85ms Stylesheet
text/css 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/67354992019/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-bf24a88e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"d20ad407080e4c57efd32ce36955d7db"
age: 18154
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: text/css
last-modified: Thu, 14 Nov 2024 00:52:20 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf2d8b208da-LAX
access-control-allow-origin: *
server: cloudflare

GET
H3 200 634a8ace3846e966e5d8a93f39c4f0d4cf75c80c
tawk.link/603de7e0385de407571b866f/var/chat_bubble/ Frame 43FC 582 KB
583 KB 194ms
85ms Image
application/octet-stream 172.67.162.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/603de7e0385de407571b866f/var/chat_bubble/634a8ace3846e966e5d8a93f39c4f0d4cf75c80c

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e7ae4ac57ef10d042a7c5b790bdef8400b6bd7c24e378feb6eb34d205d063686

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
strict-transport-security: max-age=600
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 551770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKN9IieyFbTsyzx15y3qa0wgi4%2F1gQ4iLCsbW4wuJC2I10gJgy0FPxo0KoDG3z1yARVndLdXjFR8AUgbA2UZ9Z8MMCkDELFM3m2QULZKAo40YODE1rbkkEl2SF8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269bf3bba11034-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=79591&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=4338&delivery_rate=41197&cwnd=12000&unsent_bytes=0&cid=9458a47c1d7cbfaa&ts=104&x=1", cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: application/octet-stream
x-powered-by: Express
vary: Accept-Encoding
last-modified: Fri, 08 Nov 2024 02:03:44 GMT

GET
H3 200 tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 43FC 10 KB
11 KB 97ms
94ms Font
font/woff2 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://raffi888z.xyz
Referer: https://embed.tawk.to/_s/v4/app/67354992019/css/bubble-widget.css

Response headers

cf-cache-status: HIT
etag: "054b3b66812d0a4b87ffc6776f0a42f1"
age: 20183
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: font/woff2
last-modified: Sat, 22 May 2021 07:25:13 GMT
vary: Accept-Encoding
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cache-control: public, max-age=2592000, immutable
cf-ray: 8e269bf328d62f5d-LAX
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10520
server: cloudflare

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 238ms
76ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age: 5544098
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230136-FRA, cache-bur-kbur8200172-BUR
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41275

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 126ms
126ms Preflight
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://raffi888z.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://raffi888z.xyz
access-control-max-age: 3600
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=600, max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8e269bf3d96d2f5d-LAX
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 14 Nov 2024 11:19:54 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-gg4d

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
285 B 129ms
127ms Fetch
text/html 172.67.15.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/67354992019/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=utf-8
Referer: https://raffi888z.xyz/

Response headers

access-control-max-age: 3600
content-encoding: br
cf-cache-status: DYNAMIC
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Thu, 14 Nov 2024 11:19:54 GMT
content-type: text/html; charset=utf-8
x-served-by: visitor-application-preemptive-gg4d
vary: Accept-Encoding
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-credentials: true
cf-ray: 8e269bf4aa692f5d-LAX
access-control-allow-origin: https://raffi888z.xyz
server: cloudflare

GET
H3 200 81641d622b45628e0f3187499321c22442f9077c.jpg
tawk.link/603de7e0385de407571b866f/var/trigger-images/ Frame 8E71 37 KB
38 KB 88ms
87ms Image
image/jpeg 172.67.162.230
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tawk.link/603de7e0385de407571b866f/var/trigger-images/81641d622b45628e0f3187499321c22442f9077c.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.162.230 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

264a37d167430d281615e17aa8b99da164fdc00cd8a67a548536c2950707585b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

server: cloudflare
strict-transport-security: max-age=600
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
age: 630761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHySTqsz2toIiNByAnvhE%2BurYZHtfzJJ8jQKiVhIuyZotrp5aKfgjweGPfovCOUNyoc1PYG956llmRhvqL57nDtVhYtkyOutyF4YY806GLHGM6V94vsSSJ8hWdM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e269bf9087f1034-LAX
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=74707&sent=537&recv=108&lost=0&retrans=0&sent_bytes=615164&recv_bytes=9147&delivery_rate=3482453&cwnd=299100&unsent_bytes=0&cid=9458a47c1d7cbfaa&ts=944&x=1", cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:55 GMT
content-type: image/jpeg
x-powered-by: Express
vary: Accept-Encoding
last-modified: Thu, 07 Nov 2024 04:07:14 GMT

GET
H2 200 2705.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 8E71 547 B
715 B 84ms
82ms Image
image/png 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/2705.png?v=2.2.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

45eb17bde6e503f22c8579d6e4d507ad6557a15f9eaad14aa716ec9ba1540876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers: *
etag: W/"223-EgECVa1DGQ4j9rR3EXpzG6n+0v8"
age: 4274077
x-content-type-options: nosniff
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Thu, 14 Nov 2024 11:19:55 GMT
content-type: image/png
x-served-by: cache-fra-etou8220074-FRA, cache-bur-kbur8200172-BUR
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 547

POST
H3 200 online Show response
raffi888z.xyz/session/ 56 B
1 KB 205ms
204ms XHR
application/json 172.67.150.156

General

Check archive.org

Show headers Download Go to

Full URL

https://raffi888z.xyz/session/online

Requested by

Host: raffi888z.xyz
URL: https://raffi888z.xyz/bundles/nexus-v2-charlie-desktop-js?v=kJ0WDwRgnGXnCVwlpR7_nLB-OjqX2UUAL7hop6aAZf01

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.150.156 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://raffi888z.xyz/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=utf-8

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJ%2FaxXNvPUhH1HlOzFybxujPwmD2PXFGR%2FfJbnauB2JawjvWolcoLD34UFbCXPDq6j1Nu5CJ9g0zKMLsrGT1ovy6j57e334GB3%2FlRlbZksdffmCJL7wwnK76RWARt79p"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=73398&sent=399&recv=105&lost=0&retrans=0&sent_bytes=437312&recv_bytes=21484&delivery_rate=23567&cwnd=194400&unsent_bytes=0&cid=6562643ae15e0dfd&ts=6582&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 14 Nov 2024 11:19:56 GMT
content-type: application/json; charset=utf-8
priority: u=1,i
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: private, s-maxage=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e269c013f625245-LAX
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 hs-hacksaween-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 554 KB
556 KB 154ms
153ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/hs-hacksaween-desktop.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

622f3ca5ca0d42eb151b74c50ab8bc6c696690c3e23becaff865566d98e2bf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "0cbbe0592bdb1:0"
age: 193527
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: k7AjI3og5yE_elS3ZjdobGT_5ceCQvTClyxLfNVnUnYqwcd80l1apA==
date: Tue, 12 Nov 2024 05:34:35 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 05:58:16 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 567676
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 pg-turnamen-hujan-uang-sept-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 204 KB
205 KB 135ms
134ms Image
image/jpeg 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pg-turnamen-hujan-uang-sept-desktop.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

7bb676a39a467f10cb148780cff13db5d9ddb1915934ffb8de2995f9fd23e00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "029a1fc7e5db1:0"
age: 135175
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: -W0d4Q-pcLIzxWgwzWkulv41lEToSZ3_gBep81fxtvmq-g8rLNwm9w==
date: Tue, 12 Nov 2024 21:47:07 GMT
content-type: image/jpeg
last-modified: Fri, 13 Sep 2024 01:48:10 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 209298
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET
H2 200 pp-pirate-quest-daily-buy-spin-2-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 339 KB
340 KB 141ms
140ms Image
image/png 2600:9000:23ca:fc00:c:5e6d:a440:21

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pp-pirate-quest-daily-buy-spin-2-desktop.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:23ca:fc00:c:5e6d:a440:21 , United States, ASN (),

Reverse DNS

Software

TrillionSoft /

Resource Hash

c705c8e9ff802a4f0959229675666ef61bcab7f8845831cb297831bc9d76224b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://raffi888z.xyz/

Response headers

etag: "036de237d31db1:0"
age: 193502
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: VPMEZN4BpMs-UZdjrn99291QlpveRNV8xIWNcir7d7dZN2etkX-3sQ==
date: Tue, 12 Nov 2024 05:35:00 GMT
content-type: image/png
last-modified: Fri, 08 Nov 2024 01:25:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
via: 1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 346701
x-xss-protection: 1; mode=block
x-amz-cf-pop: JFK50-P2
server: TrillionSoft

GET ps-lucky-spin-on-double-nov-desktop.jpg
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 0
0

GET pplivecasino-sweet-flyer-bonanza-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 0
0

GET pp-mega-gacor-s2-level8-desktop.png
d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d2rzzcn1jnr24x.cloudfront.net
URL: https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/ps-lucky-spin-on-double-nov-desktop.jpg

Domain: d2rzzcn1jnr24x.cloudfront.net
URL: https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pplivecasino-sweet-flyer-bonanza-desktop.png

Domain: d2rzzcn1jnr24x.cloudfront.net
URL: https://d2rzzcn1jnr24x.cloudfront.net/Images/banners/home/pp-mega-gacor-s2-level8-desktop.png

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
raffi888z.xyz/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: owodjocouv353lpewaytvnue
raffi888z.xyz/	1970-01-21 01:00:11	Name: popup-home-page Value: true
raffi888z.xyz/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: Rvs0Nh6r12dfJFs3oR63HkIfmqppfBM56Z39-WuaRugNkF84osPHcIx95s5dqRFyaQMH1N1yPchgRXEogdSnS3wVhBzgF3el4IjlD_fhs7c1
.raffi888z.xyz/	1970-01-21 03:09:19	Name: _fbp Value: fb.1.1731583191629.445784281845440585
raffi888z.xyz/	1969-12-31 23:59:59	Name: twk_idm_key Value: _h8W9xxRGtffcjmPzHTU9
raffi888z.xyz/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.raffi888z.xyz/	1970-01-21 05:18:55	Name: twk_uuid_603de7e0385de407571b866f Value: %7B%22uuid%22%3A%221.1vXIU1RhCPZxTJyUqGrrPrWfpV5SMAAO8XddhWpGhnIonZ0hHPvbQzRnO03uleYYUNTlf3BfGQyc0aVuHCN2yjGNggyps8SyKzqgVq3mey5YBsy0rQqfrzx%22%2C%22version%22%3A3%2C%22domain%22%3A%22raffi888z.xyz%22%2C%22ts%22%3A1731583193718%7D
raffi888z.xyz/	1970-01-21 01:09:47	Name: AWSALBTG Value: ivos2UhBn8LlF+fxU9qakrpgR3sCq/6HIukyHNCR32GBdVmokByspnnxHBILoK8LTVP0pQLshs9YH5EKymjX2EFogaqSWf4jXFtBqX8kWM3mUFZwUsI8ZFQws7oj8y/vg72p9cgkdWW9rOBfr4p3Oaq3OQrlOiNadhiuMc3KDhN0rwDHt2Q=
raffi888z.xyz/	1970-01-21 01:09:47	Name: AWSALB Value: yPZ2aL3dS3jNyjKfU1LPHZbkGy7KuugXW372OfPvGPI+PttnfuCQeaIkARMIwxBRlYFusIA5l2WUdnbjmKQfjtYn3A064wmDfSj6pkqlOddJnVgLG5CC8h2y87ZK

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://raffi888z.xyz/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://raffi888z.xyz/not-found?request=/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2-pad.imgnxa.com
cdn.jsdelivr.net
connect.facebook.net
d2rzzcn1jnr24x.cloudfront.net
embed.tawk.to
pub-f4da6ef3a85d49e0a3c8b355251cf6ab.r2.dev
raffi888z.xyz
tawk.link
va.tawk.to
vxbrkq1luxtv.gpa2glsjhw.xyz
www.facebook.com
d2rzzcn1jnr24x.cloudfront.net
157.240.241.1
157.240.241.35
172.67.15.14
172.67.150.156
172.67.162.230
172.67.212.61
2600:9000:23ca:fc00:c:5e6d:a440:21
2606:4700:20::681a:ecb
2606:4700:7::eb
2a04:4e42:400::485
02c98d349a61cd1a4e0109ccd0d9948c5904204c9a77124e390415f511866fa2
09a83c511c673132ce4e6b31fc6fbb26a83f3a68a52e7073e117b3fd2f3c8dc0
0b465abf4914335e6d2311fd3554d14cf97d2d540b67d1d87492f81793e2f31a
0c7e064010c13550934a1c1c3b2d6c62cdebedd6347fb91e15396d3d634d11fa
0dd6143c7f03b9c051fc31a8531cd5bd1b2eefec075b3ba39d30c60e79f712ee
11771b21c84c39464897e0f2d67f9c6a7bd8e1a582b21c88025b781ab58618b3
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
15821c35c766752be967944e7920e766718565cb457028c051db497faf1e1fe9
15e1591b565a8c88315f120027aff93fafedd239ec551d91dc9aae8d13d0849e
17219cdae3f518a5313c228942cac3ee26bb2993a8f5da4eb2cfeb5cc5b3139a
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
198b1cec1f6538854534bfaf1a77c3ba191f8ffb0cb2eed0c9be9513d1b55b31
1ada54267efab66fc4e94fc1449d3fca7b2a03801c9c8bc0d3acc39e1f1f8a2e
1db58d5601dd8d3b42dec6c2a01eb97cc812efb938b5b6045453a2fb84d383af
254e72555ee438aa3b091fdb15cc12d3e47128d514ee344580a3cbc848066a97
25e9cb2c38a9e51dd0e0a6f39b1bfe1a6f59bb7e88507ad82c34ab2b2b9e4288
264a37d167430d281615e17aa8b99da164fdc00cd8a67a548536c2950707585b
27e89e436d9248fec27e9c90d7f8aed076ea185f43536f512c3ab4774e612976
28db4437904a6273bd764ea4848c12af17e3c82c6faafa6c34d81dceeeb3364b
2e11dedfaf2b4a23ce120e63ec4fbe737fd51c14db823e5566993b4380356081
2ea14b8011f2330241a3f98a5b444db57214f133728ca671c86fa0d160ec5324
2f9c863ac795404d892aace72f6d4ca2efc6243700dfea13fc287e1aad2584c2
2fbedfe19a271f381fba8591adc77765ae24add830c31a23dd306e9d988fadee
3030ab76a368c6dcd26458aebb03c88d8898a4a209aff9f2adb4061ab5c1ed8c
304dd8f01d68eab4bf55a8f8762d3c6b3e0717f9dc3ed58463f89faecc308f23
33d430db718d5f77d8dcb5f53125a51d9c5455d533710072f8e3bb8b42d9adad
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
37727a7e1ef801691ac8cdf2f751401b722701346336af4154cd6b5976bf500f
3815eba1b61f8c9bc806b74b1c58330e07fd1e5f4c31b13785348e0a6ce4c03d
3a57405cf118a3a3cdc63a62cafacacbcdb1c9c9b513ac67f798b29aa2f491be
41c6e86ff4eff6723f15faa7650734836876f67fd98e91d08908115271eac6e5
45acde28e9fe492aaf4c0a277bd9c90b2ce9ff57ef8b727cb6b1e8c77441c2b7
45eb17bde6e503f22c8579d6e4d507ad6557a15f9eaad14aa716ec9ba1540876
4c6f9d0f2c5f1b202e3f4059e777e2a05aa16878abfd5d4f5ee398f2e4465965
4decde1fd4af3ee8c5952646190f4c638de918ceb129cc4e87e2e2edc67dc87d
5006a06c17793f6da51b5f8ac12be086aac2d1bed0253db6943c76ee4e20d0a3
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
56b4955fcb0f5b0a01da77f8b0a17cc28c2f2bb1714e793bb76dc9b7db6b9bcd
5905072d8c2304be87d8205fa3c4ca0ede1fef8afc5d72c64075366238fc1051
6001fc7fd22aa804e3a5dbc7852cea5bd1da9e42e5e8615f52b0ddd9b82e0c3c
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
622f3ca5ca0d42eb151b74c50ab8bc6c696690c3e23becaff865566d98e2bf80
62f45ed89a211ac5639b026138f694e12ee6e71dd92d68a49b4560e5d0982af7
64f9a9edab8124f17a2c061a34d79ddb6a9920f0879b191fe26047c31d84eb6f
665767f3b477c3c012e79c7c21c5b3e1fb5997a83aeb7e2bcd7981fe35f83054
672e87178f46813febd4dece6ad9a86b90edece61b955166b2d55bb0e8726b7c
6859917f17c0b4ccd4e0f7944f49bc9b2968fb61a4593428cfd176613922f81b
6972eb83b09a5ae932ddf2a1a692bc2382922c3e44fb5067580a9e2ed32b40d3
69fb03e8827d27e64583979ae09fe2242047e15c953e7aa3a85b9af66a031cbd
6f8db2adc18a2fd5ac5d2486d9852fd9685d5e00a8bb7e8078a665e253ce890b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
7370943e09a5dcbac9687380acca70122380e2145f5c9b52e5cba3ddaebe98d0
7bb676a39a467f10cb148780cff13db5d9ddb1915934ffb8de2995f9fd23e00e
7c794b77e334506d36bd79580f6d33ccedc6d13b5c05b2b701123399d3d49947
7c8bab56fffaa86391fa9d47d7dce382a10c5399fb774d74400ee3234cbc8f70
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f217ebd4c820f770092e873269e813b93d3c5e195e7018f01d02dd7bec119dc
7f7e3fcaf1a62294067a5bc2e49b180783940890628ecbdcd5a5901d28ba490e
8386e470d86c46b3d037fca2187d6bd11a84e5be87a39167b83aa09309ec6385
8c1c5a1615144e844c881c0c6b1776a0558a8897a824966f35853252b5c28dfb
8cb5020541a925d56097ec88e9f8221509aba0382ef7536d0b3f02df2ee3593a
9191f17b9068c43921c043900892c07e21d5d1bead4e551b4434f9b2a14b66e0
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
93f46cba9f7da46734b616e9a2ec774b8b919f85f2034f32af47921c8cb3651d
99a2fb6d14e0a2925fb42e4aee96fbd42c7de508b6bcd6ae235cbf88e695498b
9b9199d23e9a262daf018835eb017d8e84401f2fd8b5ff8e96f7a841d59e1cf8
9bfde9d4e468d5abe83214a820f872e5415cb6f2e0462e84309c9fc44c784402
9cf09f2004e226e9dda2bbe1ece099c2d4c2ae738accccbe438b893326be0114
a3a347ffe078a1ff80cbe0e52c31734711b0967c5b8e69a7617e13896754efe6
a3d92158c249a18fa7e102e94ba763b751d8d4672bad51cb5f9f63863fd94006
a42dd6ed267f1dc3b18b01d81e41f8a819221bda62e0da90bcc5bb339592a84a
a6cb36e0f9dd285032e9e19b2eebbcd66369743313562a4c72233ba70227780b
a727ecd9692efe910a31f9895b8576298e21c9a5d5abe9c43fd21f87457cdd74
a7aedc6ca549c685e560d1bd7a05840960b9589b35261a9bdeaf20bcefbf8df9
a7b24be039d81d334a5b082bd6c883988e026ca276debc7bea3b4941d4146abd
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac7c11e912f445d676561a688c566a26f5928ef954d677f860ac3435c052234e
b17f212fc06e1cde0574bdd1ee89d507461f5777e3039c725dbb40b5ebb3f192
b19640c79793f78d2db0bf48176044dfdb53d4176e0eae72ba27fa8030cdf2db
b4c67caf27814b729d78df09305452fd84d4f6c0d3a21f9fd351825951777cd9
c39ab31e114b092a1ed03a1c995ae791ea1af9d2ffc48ae979a13a66a462faa2
c3e24c6486aaebd7397266feec4133d7ece6c169444a438e5ccd93d7aa89246d
c4549533789cd22c67e36646d183e2349bc205ceb6b22af1d9421c83ac95df9a
c4bd5b0c9cb8f9e97846486701656a389eaff19f3674f1ac735a3fcce36ed497
c4ebe81ec01c33bd339149314130d65c8a716890fe6c9edb50300c0965c759b8
c705c8e9ff802a4f0959229675666ef61bcab7f8845831cb297831bc9d76224b
c9aa567a0103aa1d8edd5bfdbb4fdd4f7a2e56c8a9e7c9a4dc2feb6c35ec8cae
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdb1815b5776953153bac927f409e9030393dedbd1b0358a34048d4e9e19eeea
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
cf332e09fe305fcfe7d77ad6ad79f18405f0ed31357bb9bb9f41cdb9b5942fff
d53ae879fddc7262f02d38f86e84403afd736c2a41a48cf2b5ccf152fc0d4b3f
d91e8aee31444717fa75a217d71ba613f19452c3e5f2e6c4949df0af8ace655b
dbfa822a43c0ca304bdf7a4ec251680c7e5dfd91f4c9aa4a54ff59b44c54a681
de815985cca45ef8e93e564749333bbf84be1a054961f86a06b038ef56464fed
dfe02bcc92dc76965cf5017514b4bb271afd864c6fee47eed91cc9689f10e7cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42428b7cf745a93ba7853cdb58324b7e0121fbbeb5f61be5479d73e384be104
e5d62d3be4328933bde33f675d65b44a28d0c4f60e2bf3d63f0e9054dbc4544b
e7ae4ac57ef10d042a7c5b790bdef8400b6bd7c24e378feb6eb34d205d063686
e8eafdcdf94f13cf25a08e907e2a49f4823b208e2c1d4b01149539b728a53ea2
e91f14ab4dce702bd32c81acfe2881823a74642247b2767b058b95dae6d8c9fb
eaa773395a10dc4e34efe9fb3dc1a57fb274ce13696feba1b3b8c228bb5f94a9
f05f0cb91e8542360461f74c6b29fc42b1d01da4acb309976dc7fc0b40b77696
f08eb57c481ba99826aa459b9baaa9b8fecd831ffc6d8cf0cc537a51533123bc
f14295ae26b918df21c74c4a0d4134ab052cc3d868fb2efb87c757d144f20148
f329027abb97a78cba42a851e6ed4546660d8bbd7de92bd26473d933bffc6a04
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f56d54390a59b84d5b925b7a07d2ce249be6ebb0e434553c4bcd659072287dcb
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f5d06911ad2428743c7145836cd0bbe00bc78de44e0bf68637c98ad2dc9cd3fa
f880bc64ee82e4ba3a5ebc366185cb2d8ac2a8db17126a7e32f62b84bfc56aef
f88a8df04e4be3a2601d6131a18c1e13d9af37952be144e08efdb671c78677d9
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fb4d72e4e2a01c6eb415c6645a0e9da33f5e85afe211230132f59341e1f1a23e

raffi888z.xyz Open in urlscan Pro 172.67.150.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

97 %HTTPS

40 %IPv6

10 Domains

11 Subdomains

11 IPs

1 Countries

8860 kBTransfer

10597 kBSize

9 Cookies

9 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

raffi888z.xyz Open in urlscan Pro
172.67.150.156 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

97 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

11
IPs

1
Countries

8860 kB
Transfer

10597 kB
Size

9
Cookies

126 HTTP transactions
0 data transactions