fdd3k.jiw4.com Open in urlscan Pro
2606:4700:3030::ac43:b8d5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fdd3k.jiw4.com/
Submission: On February 28 via automatic, source openphish (February 28th 2024, 1:11:12 am UTC) — Scanned from DE

Summary HTTP 106 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 106 HTTP transactions. The main IP is 2606:4700:3030::ac43:b8d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is fdd3k.jiw4.com.
TLS certificate: Issued by E1 on February 25th 2024. Valid for: 3 months.

This is the only time fdd3k.jiw4.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
46	2606:4700:303... 2606:4700:3030::ac43:b8d5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:211... 2600:9000:211e:5800:12:3436:3dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	162.19.61.80 162.19.61.80	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3038::6815:ea22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400f:8::6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2016	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:cc14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
106	21

46 2606:4700:3030::ac43:b8d5 (United States)

ASN13335 (CLOUDFLARENET, US)

fdd3k.jiw4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

site-assets.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

filebagasarya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:211e:5800:12:3436:3dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea22 (United States)

ASN13335 (CLOUDFLARENET, US)

file.gifan.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400f:8::6 (Ireland)

ASN15169 (GOOGLE, US)

rr1---sn-5go7ynlk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:cc14 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	jiw4.com fdd3k.jiw4.com	2 MB
14	youtube.com www.youtube.com — Cisco Umbrella Rank: 69	1 MB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 306	43 KB
5	googlevideo.com rr1---sn-5go7ynlk.googlevideo.com — Cisco Umbrella Rank: 242783	608 KB
5	fontawesome.com site-assets.fontawesome.com — Cisco Umbrella Rank: 56202 ka-f.fontawesome.com — Cisco Umbrella Rank: 3033	105 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32 jnn-pa.googleapis.com — Cisco Umbrella Rank: 228	41 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 258	1 KB
3	gstatic.com fonts.gstatic.com	46 KB
3	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 34440	21 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	45 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 91	92 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 235	11 KB
2	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19265	288 KB
2	filebagasarya.com filebagasarya.com	357 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	gifan.id file.gifan.id — Cisco Umbrella Rank: 654339	5 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2859	7 KB
0	githack.com Failed rawcdn.githack.com Failed
106	18

	Domain	Requested by
46	fdd3k.jiw4.com	fdd3k.jiw4.com
14	www.youtube.com	fdd3k.jiw4.com www.youtube.com
6	cdn.jsdelivr.net	fdd3k.jiw4.com
5	rr1---sn-5go7ynlk.googlevideo.com	www.youtube.com
4	ka-f.fontawesome.com	file.gifan.id
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	dl.dir.freefiremobile.com	fdd3k.jiw4.com
3	cdnjs.cloudflare.com	fdd3k.jiw4.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	i.postimg.cc	fdd3k.jiw4.com
2	filebagasarya.com	fdd3k.jiw4.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	file.gifan.id	fdd3k.jiw4.com
1	stackpath.bootstrapcdn.com	fdd3k.jiw4.com
1	site-assets.fontawesome.com	fdd3k.jiw4.com
1	fonts.googleapis.com	fdd3k.jiw4.com
0	rawcdn.githack.com Failed	fdd3k.jiw4.com
106	21

This site contains no links.

Subject Issuer	Validity	Valid
jiw4.com E1	`2024-02-25` - `2024-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
filebagasarya.com GTS CA 1P5	`2024-02-26` - `2024-05-26`	3 months	crt.sh
dl.dir.freefiremobile.com Amazon RSA 2048 M03	`2023-11-29` - `2024-12-27`	a year	crt.sh
postimg.cc R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
gifan.id GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-02-13` - `2024-04-23`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-01-06` - `2024-04-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fdd3k.jiw4.com/
Frame ID: B875DD7F63B0BD6459519D815FBF9D29
Requests: 74 HTTP requests in this frame

Frame: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Frame ID: FD16F07F648044220B7527F9155EB96F
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Fire

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

106
Requests

96 %
HTTPS

95 %
IPv6

18
Domains

21
Subdomains

21
IPs

4
Countries

4801 kB
Transfer

8193 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

106 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fdd3k.jiw4.com/ 60 KB
8 KB 424ms
363ms Document
text/html 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de9ffee95ca76c960fe4e473d63b680ef321f2e0edb1d0aefbdcec8275d40839

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c4caa329b06dee-CPH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 28 Feb 2024 01:11:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsluu4gTNEjib6wZxL4MoYHoouJiZo20jDUMQREq44W1QYruJwEOFJBf%2BsE0h4p8Ah%2B%2Fbv2SmStAXCuhcehLj1q2qzZuQBw6DRVXtHFQ%2F1I8YpJ94VaFp9I3WA2fHVI%2BmgO8g4rmRmQQXnA1Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
938 B 156ms
56ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cbfc929b005b468835c50e4c16b2fe61676e3a17ca6057086326ab8a1cb0f160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 01:11:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Feb 2024 01:11:05 GMT

GET
H2 200 all.css
site-assets.fontawesome.com/releases/v6.1.1/css/ 486 KB
80 KB 109ms
39ms Stylesheet
text/css 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://site-assets.fontawesome.com/releases/v6.1.1/css/all.css
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
server: cloudflare
x-amz-request-id: J9HK885ZDB395665
age: 8297100
etag: W/"325672b036bab9b57f6873aed5eccc43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31556926
cf-ray: 85c4caa5dbaf4516-TXL
x-amz-id-2: KfJqv7nUur6gHyUgz40q3TEf7kT3QQW/QuGX+u0U/UE8I9OwfxLSHQudT/xySiggyTiXQnLh49e0cpDlF/KKzg==

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 79 KB
11 KB 63ms
26ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2067157
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220090-FRA, cache-lga21930-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98txFsCu0n%2FBntazJ8%2FvDYXhiI2YZHWB6d%2FowiVhodGcRkVa7TVk9IlbAv%2B%2B7aGo5Y53a8mMCeklxbbNXZ5mOCxUgSWxHcv5g4S2vyzJdZhoZD78gFcgP63L9bLzmUq%2FrrQ0WdE6bGhP1FKF6dw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85c4caa5a8bd2681-TXL

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 64ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8285892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h24AdPuxdceaoPAq1t0d5%2BPknmiKZlUp36snziWYXVHCWA02gNOOolGsaVfQL0wnrZVrGZyjxxDuRwLlq5PBxMDNt6eS1%2BTdS8%2BUuauHPHraW1xo0vpWJplBzSu%2FJO%2BqID60LJKLH0AYmUrzpHyJxC2o"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4caa5aebe58f0-TXL
expires: Mon, 17 Feb 2025 01:11:05 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 67ms
28ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 722
age: 4661793
cdn-cachedat: 11/18/2022 06:18:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85c4caa5ae5144f8-TXL
cdn-requestpullsuccess: True

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 63ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8118547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5845
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNQir24q07FGs%2FTo4P8vaUh9vYpXMu15w4TOBJnfVimnR3gOvephosZXlHhB68zlVpEfhekaVb54LmNejpVL9nW%2B%2FWhgL%2Fl7wb9Bv9U27QbNY64x5byoC29H%2FDFrH3rRjsRaez29ukL3baLjmhBAqEKf"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4caa5aec158f0-TXL
expires: Mon, 17 Feb 2025 01:11:05 GMT

GET
H2 200 facebook.css
filebagasarya.com/css/ff/ 5 KB
1 KB 126ms
56ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://filebagasarya.com/css/ff/facebook.css
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Nov 2023 21:44:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2996
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFOMe8NTf53ivkPxAN8tsffzs7kU7EG584CEAE9AEyke2hLmwpaNZJ75ss%2BG9d26CfZX7tDMgh0vy9gJ8k%2BTLL5IG2UwpEy8vvOu4JBXnOdJbgGTS52fogDtv%2FGigN3nOEm1NwSWv615M%2F3zFBSQ%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c4caa5ecc79980-CPH
alt-svc: h3=":443"; ma=86400
expires: Wed, 06 Mar 2024 00:21:09 GMT

GET alex-vikontakte.css
rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/ 0
0

GET alex-google.css
rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/ 0
0

GET alex-moonton.css
rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/ 0
0

GET
H2 200 full_logo.969f536.png
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 8 KB
9 KB 132ms
32ms Image
image/png 2600:9000:211e:5800:12:3436:3dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5800:12:3436:3dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: OBS /
Resource Hash: 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:46:40 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
content-md5: xjLmv9AHZpXlZHe9s/cjLA==
x-amz-cf-pop: FRA56-C2
age: 1465
x-cache: Hit from cloudfront
x-obs-request-id: 0000018DED2D85E79543433D1B7C159C
content-length: 8314
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFfE6J9kaNLVSHKAfbmkuRNdH/VUrAP
last-modified: Tue, 27 Feb 2024 03:02:04 GMT
server: OBS
x-obs-replication-status: REPLICA
etag: "c632e6bfd0076695e56477bdb3f7232c"
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: rcQhkdELUTmAGDqFmI2PPzZi3_YsUd8LTEz2RTzViU7GiGDesMnaQQ==

GET
H2 404 logo.png
cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/ 0
0 421ms
386ms Image
text/plain 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 kotakepep.png
filebagasarya.com/img/border/ 355 KB
356 KB 98ms
32ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://filebagasarya.com/img/border/kotakepep.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ed2ebbb47a51b8fffb523a1d6654a8cabc41fa2ed10398d0ce64f76fcc63eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2996
alt-svc: h3=":443"; ma=86400
content-length: 363097
last-modified: Sat, 04 Mar 2023 12:09:25 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mytd2%2FtppqqGkWsM8fW1QhChztnZm8QZjnvO%2F5oNppCYTsGoRpPAqBZrT%2B%2Fs12VHBq%2FLPq7SPpZlpBqQ4voP13GcJmkdkgwtDcIEz59fpirC4BgdcmPR0B%2Fm%2BHgcl2bx%2BZgEuizpDsyugRT5BDmMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ecc89980-CPH
expires: Wed, 06 Mar 2024 00:21:09 GMT

GET
H2 200 dialog_bg.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 3 KB
3 KB 125ms
29ms Image
image/png 2600:9000:211e:5800:12:3436:3dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/dialog_bg.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5800:12:3436:3dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: OBS /
Resource Hash: 8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:28:45 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSj5hkdciA6+5EqyLHxEZIKos3frFOoc
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 12:36:18 GMT
server: OBS
x-amz-cf-pop: FRA56-C2
age: 2540
etag: "f8e6f93d0d924d6b75137b78fff9246c"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-obs-request-id: 0000018DED1D2219941F99FD16A29319
accept-ranges: bytes
content-length: 2929
x-amz-cf-id: vwfk-nGusf8s8TwM620zF6DvEC0r3tgfnkbhxdAXLGLznChfCmMc5w==

GET
H2 200 1.jpg
fdd3k.jiw4.com/img/senjata/ 77 KB
77 KB 693ms
688ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/1.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR6vuPKPJ3rxrRc8nKKExjhwQ6wJZTFDbrxFlwwLM8TFlXqfPAhNY%2FWsCS%2BwOol0C4Uzx0KcL0Z%2FyqvY3UIg5hhrOWasOf9hIHkNdXtXDs24CEufoVbIl7h5l5T4a1%2B1kJFw2agYb2T0EDlARA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c176dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 78490
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 2.jpg
fdd3k.jiw4.com/img/senjata/ 47 KB
48 KB 757ms
752ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/2.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUxV7rG9gK6ff3IDomdA3epuuLWSx2iDP%2FZOBzspbgH0Y9gR2mp5MZI1JL%2FYBhM8VXCSPwOu8W5xupUHm3CmYP4EG6nqmQ3JJeSsizcu32QaydfdW9QW2CQGmn9MLHfHOWyEsjfLHmbl%2B%2BuF2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c196dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 48611
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 3.jpg
fdd3k.jiw4.com/img/senjata/ 76 KB
76 KB 691ms
687ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/3.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5NsWmwsJDYxWFpgbyJXeyr7ZEngE%2FXKXm8eGQSMBycAxcf7FDahJPY8Ns2k%2FNgmOXy6MWpSHEAxIyaiM10MHU1V5oJ0F8f1YXRaF3v51ltDIVEqwAG%2BpHui%2FUUz3%2BXJGVqPW1cP8TUPcBaagg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c1b6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 77540
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 4.jpg
fdd3k.jiw4.com/img/senjata/ 71 KB
71 KB 696ms
692ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/4.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FLjj52Kq00ngh7CKKscYEogAQUfnYKgA6w581DPBBoEXHzfIzojzTpHRK%2BEvnU%2BxEqG1DBFhD4zakVzV1vM%2BeEekhBhZKuTVynqGOOUDXgtnQPL84rH5%2Bhb%2FcruAM6Ta3%2Fq1HPX9PbVcIpSkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c1c6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 72574
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 5.jpg
fdd3k.jiw4.com/img/senjata/ 81 KB
82 KB 694ms
690ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/5.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3e5eM7URJVCIPY31hKDp8j%2FnjVAJnaRF%2BQLm2BbxbQYTCW1TskeMwxtR5AORSMM%2FOHJUeiCYeIDcanz1mtDpcb4makiKfAi8zDMEw0RYU%2BkZyY5D6A3s4F1o%2BuT8KuAEmaMX3KuCKWw%2Bx0jbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c1e6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 83104
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 6.jpg
fdd3k.jiw4.com/img/senjata/ 82 KB
82 KB 696ms
692ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/6.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHN2c77kEj6hX%2BfVmBoE8SaAkFpxrDg%2F06wZ2haVgNPx4JbZA%2FCUWTPpPGKTzu0jolpHlNLppJ9mzocVwd%2BI06KYLi1hz%2B9CTTm5u4cvgw0o%2F0Q2h%2FZoFqNosUzM86rJBLwgYvvTvA6o2%2BypPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c206dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 83638
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 7.jpg
fdd3k.jiw4.com/img/senjata/ 43 KB
43 KB 691ms
687ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/7.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ4A5vbzBS04f2%2FtKKi1%2F4evGN5TOp4EkBlZorIbdjEX71xk845GSAifHB6crAD1S3DSYMbvTGQU0T%2BvQsw6WTJ7a51UrVwJzDNo3%2BgtIBjGZQ4w5QivH5vnb0kH7MeWFDebraJiJq6M7MDchw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c216dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 43744
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 8.jpg
fdd3k.jiw4.com/img/senjata/ 25 KB
26 KB 529ms
525ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/8.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmZuWN1myGUzNIyZVnW%2BGnfFfyZlZSiLtt9dFTtN%2BYJYIF9zUjX%2F%2BUniC1MJm1A%2BxP1cRM2YJhKa7RbxpADrwamCivfLy5u9BtuXk912bPiqSLFzVXlkMN9C%2FVT6k7v7BeFY57Y0SuoybKg5DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c236dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 25821
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 9.jpg
fdd3k.jiw4.com/img/senjata/ 116 KB
117 KB 695ms
691ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/9.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DP75Wjr0llH9i6DWDZawtYMHSKivHW7j1jOcOt5wv10qLMC02wbCX6UHEXGJ%2BIf4b4nmhY%2FA5FLlhjeRvCqlN3859CCZ4Z0ijFpBYO13mFLOjNUbvv3Yp7aU8vaNRcbgn62teqwENsYMCVblFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c246dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 118900
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 10.jpg
fdd3k.jiw4.com/img/senjata/ 81 KB
82 KB 688ms
684ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/10.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFoBDXgdP1%2FemFT5m0LoimYhcVQ37W%2BSUkISQ73wlF8nzmf3zx50ibQhiMsZnJnzv2J%2B%2BHz1dzwAMjVr1%2FvhXGLJCjGHr5UTQDi0hx%2BAWCZNoEifE9JOT%2FJq%2B%2FRSQg%2FzbLBjf57z08bonuhxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa58c266dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 83104
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 11.jpg
fdd3k.jiw4.com/img/senjata/ 46 KB
47 KB 717ms
713ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/11.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od9kOj9JLpUj19%2F33vzqnuquJVuqtZHNeWb54E9FBIiM06TdLG2vHlLE9hnpa8GEU3N3Si4VIJgLUjmqBZuOPNzju%2BxS1BfsW5EGXSjbJmN837PkQniYN0wxAOK7R0VuqGayFfRlDqz8Lr2Ntw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac456dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 47405
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 12.jpg
fdd3k.jiw4.com/img/senjata/ 46 KB
47 KB 714ms
710ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/senjata/12.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQ8PgGewUB%2FNsQHp3embyxTGy%2FSpZ3KqFeTVYgTJjVdTtgg0hbFEGYe%2BE5nqA9f7AIJPewzu%2FgRpFbZFAi1PNnt%2B9PcYl5sBqpINS7b8NYOeu2DdrIAulBvOk4iuT1E0qTZzydf3%2B6gY%2BgROiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac466dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 47259
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 1.jpg
fdd3k.jiw4.com/img/old/ 57 KB
58 KB 777ms
773ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/1.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e50767bd0edcca88b3b611cd905e3d05b34b04447076fcf6a3567cf55f3bb20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwL4rXbYS4Zuf0tPCtdNDUZ3vfUjlNEsnXIPyR8MofrwoHPuCnfMSF1p0hY%2B54nVk9l26O4hTAJ%2Fg87aBv5HySx0rMDHtIyWOTXHzLifqMWIftuWslWZj6nGX3b4h7K4gzPFUpD741cLVjBrwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac486dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 58745
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 2.jpg
fdd3k.jiw4.com/img/old/ 42 KB
42 KB 718ms
714ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/2.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10bc32127a5ceb3f33fc38029145931334f6f49bd7274b62697036fd59be2f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKZcwUi7RRR%2BjBW8mE4Rymtm%2BmpGdC%2FfLRkkz5dgOS2n7Be5CCtdCrjeyHs49wycTY%2FdnINknQ7JYyRlVzOwd0%2BqqsrLVJRWAVl3nEpsBG%2BpnUYy6XXAcwVeyxQnw46OG9VH0A2sIgovmuCV3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4a6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 42687
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 3.jpg
fdd3k.jiw4.com/img/old/ 57 KB
58 KB 717ms
713ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/3.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258a47a929eb483613c81aae8432b705d949ac9facf5a5c02d7d8d4a3db823af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGk0EOBjmSTarnQW8EvaBc4s9LCTAaz5VQQVG97xiHoUjzBgPl7j6rwiWdiOkWCKNNe75e3wVGPrXWW3ZGokr7xeTvZYWlv9pkMjgsdtKGDA7FtPG1xUDTMx9Qso9cqewNkW09%2F8gXR65a9MMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4b6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 58510
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 4.jpg
fdd3k.jiw4.com/img/old/ 76 KB
76 KB 717ms
714ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/4.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a91aa8dc8c721db22e66f1f0911319aed59816a8c7e709970fbe9ca6b0c9773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eukXRHTAXKZufFqVnh8yKLbkUEKOxFkPD6NWPqT6O8syT%2BEu0opjd5ZXamd%2BMRMtA%2FMVvJTZ1d6fU%2BJ7G783k7F%2BQyvE71UNkoG1NUGfeQdz8NcnqFU8fSn9uUr5UuE0bPLnMeyhDchU3eWlWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4c6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 77706
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 5.jpg
fdd3k.jiw4.com/img/old/ 85 KB
85 KB 720ms
716ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/5.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e5329360a8a2ef8a4ab0ce77f3230be443c093a3a3f02a007641e3f6fca5f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDl%2BmQN4ZUBzSgQkaZTSSzJunh%2BCkd%2F4sNbcf8EP2mUetOEaitUWBB%2Bvsn%2FRwgW7PmA1lCFfu%2BvYdbMI32Nk0P7AUEDELtkMKVBlnMxojMrkDc0w9HiX5S3GwvildG8gySrZokCQxa0pDuVoIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4d6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 87053
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 6.jpg
fdd3k.jiw4.com/img/old/ 77 KB
77 KB 546ms
542ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/6.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51646465be1a3b745191c5cb6dceda47fb9be8a1c859beb345660fca8291e824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGD5khlBVNpQfPnJWajLDX9yAnbmA6o2JTHFkIK7mEVcqjx2uNzJHWLIxgMfS6zS%2FCWvpfNiNEKD%2Bpnk0kjIkGzBqls1Bxe8hLaHBHjuB%2Ftt3ou%2BX9AvfvAV0Alqwa5Q1xJMCDi7TXzpM4UwdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4e6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 78581
expires: Wed, 06 Mar 2024 01:11:05 GMT

GET
H2 200 7.jpg
fdd3k.jiw4.com/img/old/ 74 KB
74 KB 715ms
712ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/7.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 622b5322352025505e01c71ff1d6520e62ce1f1211fc11efb3ede9d24a110c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YilOl647GHEuOY8fGNycq0wlssNA6fUmwfO6cwMHzNi3CFNBOxjGNEIGCPsJhx7WnPSO3OFhcO29QYCFw%2F7O2cD1okm8TXwNohUDlHjuGDQRaL%2Fkwt7vJTC14%2Fon7V6JIWNxA01eB8eRY0jzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac4f6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 75427
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 8.jpg
fdd3k.jiw4.com/img/old/ 83 KB
84 KB 713ms
710ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/8.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb6a14eeb1c27e7c3c471db0f10c25eea89a65df20b2dbeea6c9ee3ccc0c78f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNZqRuzHmYBGNOou1JQpOmnMd5O7s3m9Q2lc6H58ZKMZvRCjL4qDENQ%2Bx%2B48NomXte4Bg5s6sQDx6I3lhrYVZ1%2FSRxFRdMcJSQpOda%2BEYvmom0GZXp1oyQYtMihLEYdT0IIzmbJQMz9TOEAOcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac526dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 85199
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 9.jpg
fdd3k.jiw4.com/img/old/ 89 KB
90 KB 715ms
711ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/9.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63fbe80d8ea4766ecc80faddd1387ef9681cb2ec2b4ad45164f4b36ffb4e2e43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUF8fbbLkNs7r0hyjjZPEv0KMQCt8Ntx%2F8D29U2DW7BI%2BA%2FlfGbqGtb1MMWvVjN%2FNdyZZu%2BP5TZbFKP75W%2FT2kT5oKuUvpDUTkeI8T6xdzdEQ7SuWtlFcWQC7q47LCsWgpjW0DnmkcJPsfFMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac546dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 91553
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 10.jpg
fdd3k.jiw4.com/img/old/ 38 KB
39 KB 571ms
567ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/10.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de9e872524b79699ce8b0624de9bba409dd246d16dd48f171e4ed1072c00cfeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Osff0nEfn%2FedgX%2FoWgpsYbLysjIZpeK828cKPMwUTkFZVrcfQc15BQpkKjo2TSXvJxJtiahNz3Lgt62g3RSdP15YKGdS1Q9STvgjXOdcdnSQWnf7iXnkPEnuow0rw0pQxl53f3Gij%2FVnk3QRAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac556dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 39371
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 11.jpg
fdd3k.jiw4.com/img/old/ 45 KB
46 KB 711ms
708ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/11.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 908c3acad2bff2c347166113be45b73a35869eed538a900acca3fedd81ff5183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zhGutz2Y7TsPHj%2BnK9AozeNoh5wHXREnwOpomrazrdTHh6T52M6YFCvVvUJZxaIhySrx1J%2B0wZ3cAMsVVSsFIFQA8Z9XwQ5eURhARMLZ8omT29VPNzcdWHOFjuRnySSAibzmHcaSU5z3EDMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac566dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 46471
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 12.jpg
fdd3k.jiw4.com/img/old/ 17 KB
17 KB 572ms
569ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/old/12.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b545590950ff252a5b53bfc9b3d64ed373aee3ae94dec68033d0c857e8b3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BA6uIC1Z1Gyl%2Fca4G%2FMSTMusTiZ0PIE%2BnaHuVnceAwC%2FgXyurzRDcFHxModgOKAzYO9%2FQ4557MsuMPPEVdQMkxbbDPEQiE8ITE4kGBbCtAZIeob1pA2SwzRWlWqNE6ih%2B7bEwD1Dr02QMiKBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac596dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 17081
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 1.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 390ms
387ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/1.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8f4fec91600d5be6d465792f7f7fab635d01019e148fe8b6f7bf59f717041de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BquwSbGdt8UUAK4w2YkS4%2Fu7TSFqwFpIS4WhLEUktPv1oWxVToNsBMqZK38RLFP7%2FqAbNIpOGUBlGznf0g%2FSSoBOwaCpIp1GRJO05ncl1FRruya2119f7v3sxumXMzxPr9e2o0VlMzhgDfXllw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac5a6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2814
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 2.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 389ms
386ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/2.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 788c47722a4dc77173ab620f196bfc24a2d8668bcf08f9fd296574545cf700f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHIAHi64uxcuL7Mg3h94xWv9eTrrNNefpZD4WbAcQSgzNwu05Muh5RKVuPzXymgnKVQ%2BXjLA2%2FR5QpQAz5J6bvSEHsr3MYxgyulHpxi8KYxjFTb0O8LLXUvAYe%2FVgvE7khXzgJl6GTsB%2FsVlLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac5b6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2878
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 3.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 424ms
422ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/3.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 762fe8a43c859633d41642dd93c10478d3dacf62ff1310ddcefa17db5fa61f29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qh4SXj9TswuhA9BZ12ShnrRuXsVz7UfrwebkjGKx99Mh6mHZEskc6e5XAOxlDV%2FzwGMPWcLwWL4sdkq6jtjgVT5%2FjVhF0yD3YdeHKxI23yT0UD%2FbeX6Y7kiUztbX9OF78cYh8U7A4tPeRi3Nhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac5c6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2875
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 4.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 398ms
395ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/4.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc42f3ad3aa5606237a601793c1fb42458386d888adab6cf9077d23887eefed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6qqvoPFpLuMU6tbE7dR4n0NTdp4BgbctLZU3g2q5QX8PppQz5ohJxIqXb7l%2FqEIho40w6OI62ELD1%2BnzxIngEAxvXHyqG4iPhYNG9entaQJ6%2FwNBHsJmZFsyPAOXmJ4MwPCN3OspWv%2F9jIswg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac5e6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2761
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 5.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 425ms
423ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/5.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e436ac38500431763697f5bd387d494324f320b76b25c97e29938d90bd7b1557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5C3YOU%2F8bvIolGaJ1M5bWoK76P7RBDmRPpLeGxjVnA9KkdGupd8GEUIesfX%2B7G45%2BBKOZ6l1atXLxJf5X%2B9iuhVSGEWlLmRQV97mYMHMoTG96GYoxdueD1waewK4YxsMU2lcr4NNDZZU8c8tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac5f6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2779
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 6.png
fdd3k.jiw4.com/img/diamond/ 3 KB
3 KB 388ms
386ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/6.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43de460f27a0d3e43b13b5e75ac00da6ea6b54fb468afc4cffbd53709ee556b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZJyCWDJwSLrbbj9200kIlQIgEVl51ZNNli7Yeitb9GNlidH5PlP36%2Fl%2FmDSYHS58OMMJgWhTzbhxginifSNHp7TMpaT%2FU3VI9Qf8pm%2FGU1K31aJtXr5b7X2OBdVaZv2jA0LDEwsRBA1MUuUxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac616dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 2781
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 7.png
fdd3k.jiw4.com/img/diamond/ 12 KB
12 KB 418ms
415ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/7.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 585cf192d586d254d46a7a066980137a06e5a23592e66dfc4b54bd6c4b63e088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVC6P80CZkwui2og%2BNPJJkxU7i13TcUE3%2BgdOsQImgxcNmmCHdUFOva4oWFc0%2FWmp0x0sRIguD2eEGqiKTnSSLhWsYU8S9t4b81V627NfwPX7twu0r1e9ArDAVd3CRdrUHVK5scJOb7QURmndQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac636dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 11823
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 8.png
fdd3k.jiw4.com/img/diamond/ 13 KB
13 KB 571ms
569ms Image
image/png 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/diamond/8.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6afcc18ffa172755862f5c6dc3f20d9c3d6ee6f5f399df00e8568bf747e1cdb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3ul0T7DGJZ%2FWqMPet%2BK9XLPJsnjAVThbTihze56Rt9ePgKKCTTYERG6yQm1%2FgMuomSJct7Xbxk%2BgmTA7O7lnu2yGHNcHuysI5U2jmBeA9s03vSVuJxei2UaDWiEHW6jGkwDuHnM0%2BMugrX1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac666dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 13341
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 1.jpg
fdd3k.jiw4.com/img/incubator/ 62 KB
62 KB 777ms
774ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/1.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb51057deb30db7c6c2900040a45178726b5a63c262f50ff58fdcf876cfa463

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxFKwjlOkJblgjLQY6jxSCriCzrnx4mwEymtMsvrpATXkx9EOpbTKdFIZ2IwMYlU3gRtksI8TRYOJ1eaRt275kqpE8JHmED0wW0uRHvTUEFI%2FI%2FMCX9W82f6MAoqk9HJdX5Y228dPnmV29zqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac676dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 63579
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 2.jpg
fdd3k.jiw4.com/img/incubator/ 58 KB
58 KB 723ms
721ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/2.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35d68e25f22f6688e3a8f7cb2f354cd45b09c8523ba6d4ff53c7ca64d3c9e1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBtah0uxRfIpsARalCwy4MU2RjCFWoWSkuA86gQ1856tm8WzFXvxMQ9PRWtxwg42nkxukJwWUXE%2F4d%2FaZLCNT1etvVBzkX3twJHmEpxoVBgBNPsDndg5P3OTIAVthHYnpfc8uvjuJASFUOAweQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac686dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 59531
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 3.jpg
fdd3k.jiw4.com/img/incubator/ 57 KB
58 KB 781ms
779ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/3.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f451a298d4843315ecb7bf2500d946295ecd6776aaf12cb69574bde1aa1f395c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QE1%2BENOotQsPspbXqmgamAk%2BZsipbDzkZPwBsq85cb3bMpdXe0BsmBNhJWUFLMlVpkhaBOaEemysVoj3ZvKA2jCpGSg3mjtm614qUMrU1TCXTeBCdmAaIQVWGLzfuy%2FKOV8m1Jf%2BhSTXEjr%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac696dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 58631
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 4.jpg
fdd3k.jiw4.com/img/incubator/ 62 KB
63 KB 730ms
728ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/4.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f95ed204614a3599b0bb6ffdcceecb74cd5dc7a60e26ca4e235f1a2a82c5c518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3rUcyFeIAriaD1wj6Ffq68z4%2BcPHYIOAKh%2FB3hCNVJW6MzUDNmCegU4NT8EFxTRZdhgEjqMUej90xczUl7tsI7K%2FC339%2BG0WqNJ46NoTfTGUi10Zrcesl4Vb%2FPwcXAEV6aSvm41HlbG3LksZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac6a6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 63944
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 5.jpg
fdd3k.jiw4.com/img/incubator/ 54 KB
55 KB 718ms
716ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/5.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a04ed1b5cf22b5ae79a1bbca52ee14f9ca03a83a36c6ce16e7ecb870e95aab55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI6gSVjW1r4qlDEn4wJUEvS4C4fu5YXQWSvdlz8npMCDhC7jfj%2FJ1qmXccITOIjqKfUs8JcFzj2n%2Bc69KxhNUTqwoI03qAZo4yeVruV%2BPmm4uJHod6K4XZ9i0XIfYt1OXVu4AymzLbCNrc47eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac6c6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 55457
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 6.jpg
fdd3k.jiw4.com/img/incubator/ 56 KB
57 KB 778ms
777ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/6.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54fad0de66506819441abb12f48b499596b374f441fe0aaa7a6e9d7ec0668a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AseQWND8ZNpT7UslfxZ2SwHR0tjwq0%2BHCHFR0bJkfRwTJ3qjYADojRUhE3nPqKqBgG7PQOO6jjOHImU93xB%2BOjpwzuGAN9gxWcyTPAc5FR8pc5T2X%2FRzjgrxn1NecgTuz21D5q%2BdpTO9Vy4r3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac6d6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 57623
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 7.jpg
fdd3k.jiw4.com/img/incubator/ 17 KB
18 KB 576ms
574ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/7.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c3093e4cc9c4988c843918b523d35b42ea7d5ebca79ea89c04c0e661def0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VyXGuSG0gWbqSSaIytpFwoI0QRdJGNDZlVjODl3QECnRSVH9QCzxaeTxOtwItQdOhB8XbxKGWph8lsle0G5XVFyXkwQc18BMJ5CH0HVmyWfM9A9y%2BLM%2B%2B6%2BgoHFVFsRtWyfWHrmegkymLsR0eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac6f6dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 17868
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 8.jpg
fdd3k.jiw4.com/img/incubator/ 16 KB
17 KB 569ms
568ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/8.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a89f72eddd4c6b4447622c23bdde5e861bb7afd8a4d1edef030841d373093a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJSdmeXSYxKFf%2Fzzfc2qSBzz255KoMkuCdc3TrjeftMR0B8hPvVjL3K3PKibotRcCcTVmboGJN1F4hwbPJwvR4mpS2r5nvSNs%2FM62l8E%2FagpTA12sx9C9tInYmH1POGWvOMtOJvBwHH%2B0Qhdxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac706dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 16726
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 9.jpg
fdd3k.jiw4.com/img/incubator/ 18 KB
18 KB 584ms
582ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/9.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37e9b832341a9e17a95ef5f3d8d1175cc4d72cb67847b8a2eea9025ffe0570c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFyGYr6kKx3HBdT68mIatc9IJ2d0cQd8ktqW3bcQApX3qSoVw14p56L7xy1HU0cO9XPVvsOXYtY6g2k96VEh6KM8jitI8R6SceAoKOVguNlOToN9J0LCM0yCKk96gKOZr1ycxhiaZ8%2But4HALg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac716dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 17945
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 10.jpg
fdd3k.jiw4.com/img/incubator/ 15 KB
15 KB 567ms
566ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/10.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dad6721e95be42ff263df89e177b04725f23b7b37a2e7ab7f97e35e5fd02b16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYDxt64mm5K5r9vuVdUdBF%2FISgROO6gD1%2Fvhr8S3m39Qs%2BBrpg3%2BFjL6FzVkSphk%2Fcw8qIb%2FaF9BmXV6gBtbSiunhbWhEYlXDGGU%2B6X1GxpFOpveQC9yVeM4Nw6ejw6OOUuD3H8MczBFbKvpdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac726dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 15353
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 11.jpg
fdd3k.jiw4.com/img/incubator/ 16 KB
17 KB 609ms
607ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/11.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a738fedb10c230981aea2faeb99e56ba0f4b80d576559bbe99bc569abc28967f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3U3JUBRMtNaWJsFAS5pZgjq6pRcQkgyqn%2B0NgmPnDl5GPqgeWe8hVwKDKPgP4BJufjOs73MNtC5hWKp%2BxUfCsaOUobuvKeqJT9HbD9f0dEUnvLFIkeJJQD6abymt%2F1UDtf%2FowJn6%2B5d8lX21g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac746dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 16631
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 12.jpg
fdd3k.jiw4.com/img/incubator/ 16 KB
17 KB 570ms
568ms Image
image/jpeg 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/img/incubator/12.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da57aa220b2f676a0dfe336fa5410675c9801312cbd50ccb59f81028e6cb4213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cf-cache-status: MISS
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3EBUQH2NPveD%2Fa2NcxZse695C7xZjvwdsHy%2FqrbL62y2l6eJFc1RXhrYJn1SczcZYOkEy3oHT6cvCAojLJtr8W5zfoT%2Fc%2BoBV9b5OfPxTYGUJenjWn5A6340nOPw9UmqfaUfKNq80ryXfD23Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 85c4caa5ac756dee-CPH
alt-svc: h3=":443"; ma=86400
content-length: 16838
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 facebook_white.png
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/ 28 KB
29 KB 52ms
24ms Image
image/png 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3484
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28789
x-served-by: cache-fra-etou8220127-FRA, cache-lga21956-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMKOLzUgBBUoit9%2BT%2F1QG5z4Cvr7TW0%2FqjGePiy9Mrnu8p3L53LguFrGhd5%2BUWZgQqEb%2B7jiGHroAIIM8Gp9dJAmKFDF4QqDhOMd%2BmZvLbR1JWB80xr3lx2jKvm945yA0DTkNZJ78IznjJKHj4o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4caa5a8c02681-TXL

GET
H2 200 FfMaxx.jpg
i.postimg.cc/nVkV8M0W/ 36 KB
37 KB 137ms
40ms Image
image/jpeg 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/nVkV8M0W/FfMaxx.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 37166
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vk.webp
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/ 2 KB
2 KB 54ms
26ms Image
image/webp 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1604
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1594
x-served-by: cache-fra-eddf8230049-FRA, cache-lga21945-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"63a-pq435i0vIB0OeD3wiQ31W8EdUuA"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yKg7z%2FwPIIdlhvXqfu8oNlmcLOXKN1VABGkInHsadj5NAgNK%2Fm94dHOfSpr6bAbdO4ALb4o6XogoywH1r0mZq%2BZi8eZNHu7zl5oFq6nU%2BONBpKg5YxjUG9i%2Ba4DkGPcdK1IXJzoofncoG%2FmfOfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4caa5a8c12681-TXL

GET
H2 200 google.svg
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/ 2 KB
1 KB 53ms
25ms Image
image/svg+xml 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0562ef3624d99ef205211177586097eb7ebd8f5b31711d335a74d368c75ec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1604
x-jsd-version: main
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA, cache-lga21933-LGA
x-jsd-version-type: branch
server: cloudflare
etag: W/"7ea-l2/BYZ4UntYWHYNNXjw757eVdmk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2FyS3ma2L89NkXc4CxBe0oHPXDmHIiH1yAjiWxcOVVL2yvI8AojR01RSec8lBOVxWXi70vcCaJiPeDRZcJQZX9Muvu9N2r1UsI2G0Dr7VgfdwNk%2Fd2bq567v6GPH%2FIO3aJ77P7DmfRmIS1m%2BP7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85c4caa5a8bf2681-TXL

GET
H2 404 tiktok.png
fdd3k.jiw4.com/alexFrontEnd/ 1 KB
1 KB 391ms
390ms Image
text/html 2606:4700:3030::ac43:b8d5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fdd3k.jiw4.com/alexFrontEnd/tiktok.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b8d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BG%2FPMjnUI8dkRyUhfednIziHwNZ6TAQhpJ12pPAhYI%2FaKqku%2FJQB5FNcNoWJMldDuOL8m0zZh2CyngW%2BJlJhIYCJffn%2BXB%2BYwRKyrcoEcu4Xj%2BrdELdQcHLm5VpkeeHv9Ebj7Nl8qLK%2Fz485qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 85c4caa5ac776dee-CPH
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 61ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://fdd3k.jiw4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 528938
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkh7tEsQkSfnyeUIi3AzX43KkM%2BvjF%2BDoweIk087miRw6%2F25PeazzbT7Buj2tuzV%2FoQYrDv7z2cQmqVQXEG7lY8FmNQLVigvPBEDSrhtesb%2F45CKtcpltYVdQ1obaGAhRWHTYmC4lBZ%2BMSOGce%2BxvZtA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85c4caa5af2a453a-TXL
expires: Mon, 17 Feb 2025 01:11:05 GMT

GET
H2 200 fontawesome.js Show response
file.gifan.id/ 11 KB
5 KB 1039ms
380ms Script
application/javascript 2606:4700:3038::6815:ea22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://file.gifan.id/fontawesome.js

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Niagahoster

Resource Hash

051afcaea280590a5c6a5c472ad0852783d794a8923c4d26e388656fc9dcd791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-powered-by: Niagahoster
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 03 Jan 2023 12:39:32 GMT
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4yYTtwyRMIY3ob1Q4hY8mDxkyBXMtvxdU7SNwYANpvWchErowBc4HL5l3uJAmCuVKidJNYtiMTYJbQ2Xb21oRiajvJPOO2Kn6dO4D62tRMdKxyU4qYskTcsAYJuyEop%2B14hkC9uxv5840Do"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 85c4caa99d001d1e-CPH
expires: Wed, 06 Mar 2024 01:11:06 GMT

GET
H2 200 I7gy-VPjcKI Show response
www.youtube.com/embed/ Frame FD16 91 KB
39 KB 236ms
130ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com

Requested by

Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc14d1c160d337dcda5b9a0834800c36d7337df488bc97c04773193615478a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fdd3k.jiw4.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Feb 2024 01:11:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1677942245853.jpg
i.postimg.cc/cHSfkTc2/ 251 KB
251 KB 39ms
38ms Image
image/jpeg 162.19.61.80
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/cHSfkTc2/1677942245853.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3094918.ip-162-19-61.eu
Software: nginx /
Resource Hash: bb4bc1a504ddf57f52bdb35efb1cdbfac4c9f2c78f00d85c70a6424ec1aa498f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
last-modified: Sat, 04 Mar 2023 15:05:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 256707
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 IMG-20220417-184327.jpg
cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/ 0
0 378ms
377ms Image
text/plain 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 spin.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 9 KB
9 KB 34ms
34ms Image
image/png 2600:9000:211e:5800:12:3436:3dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/spin.png
Requested by: Host: fdd3k.jiw4.com
URL: https://fdd3k.jiw4.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:5800:12:3436:3dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: OBS /
Resource Hash: deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:48:43 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSn7Mb2flWx0XYdfxyffmFKQ9EmFVvBn
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 12:36:18 GMT
server: OBS
x-amz-cf-pop: FRA56-C2
age: 1343
etag: "616cd6e82d8ddc0fcd3b7c938ed61423"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
x-obs-request-id: 0000018DED2F67CF9949734504325550
accept-ranges: bytes
content-length: 8965
x-amz-cf-id: PugoC6UiYUiCF2B4mcq8v2194Qt4dQiE3SNpiQXIPg91BQ6RrYk09Q==

GET
H2 200 LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v20/ 15 KB
15 KB 198ms
98ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fdd3k.jiw4.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 11:07:52 GMT
x-content-type-options: nosniff
age: 396194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15044
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 11:07:52 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/95cde7ed/ Frame FD16 366 KB
47 KB 55ms
54ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

072ab5897156e054c8a2b0e9c9b32349dfdc703dfd340958a64bc0947c50e2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47517
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 20:02:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD16 15 KB
16 KB 59ms
46ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:03:23 GMT
x-content-type-options: nosniff
age: 58063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:03:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD16 15 KB
15 KB 72ms
60ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 11:07:48 GMT
x-content-type-options: nosniff
age: 396198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 11:07:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/95cde7ed/www-embed-player.vflset/ Frame FD16 319 KB
95 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55014dbf69631ed5825be787f9c494ca876a9504a85a82fd32806bfe724be1c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 19:29:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97450
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 19:29:36 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/ Frame FD16 2 MB
779 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c42a32e5a7a206b741b7cd38a9fa3bdf602bc96cc3830c547daff8bae6422a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:55:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58562
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 796764
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 08:55:04 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame FD16
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

54ms
54ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88e64fc7a9b3a38fed01df0a829a8f0357219558f9108c8353d460a52ad3419c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Feb 2024 01:11:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame FD16 29 B
495 B 146ms
46ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:03:41 GMT
x-content-type-options: nosniff
age: 445
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 01:18:41 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 154ms
54ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 28 Feb 2024 01:11:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FD16 87 KB
40 KB 62ms
62ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

697bc23f8dd7589f972f89b3c44ae6ba55d3b396c42add250ca2757db65a40c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40951
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame FD16 90 KB
32 KB 124ms
124ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

02b5c990cc42cfac020b098be37ffc9c4a7f331ee9b41cf1c249d3092881b72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240225.00.00
X-Goog-Visitor-Id: CgtKTktZb3ZVN243WSipkPquBjIKCgJERRIEEgAgMQ%3D%3D

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32463
x-xss-protection: 0

GET
H2 200 QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js Show response
www.google.com/js/th/ Frame FD16 51 KB
20 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 17:01:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29351
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Feb 2025 17:01:55 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/ Frame FD16 53 KB
16 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdef64506c2d40187da2a087990da97a54691710ac7d87ea5e00e0ba0eba739d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16855
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 09:00:50 GMT

GET
DATA 200
OK truncated
/ Frame FD16 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pEHdjvCqSKn7VSO1tSDnL2c1raglEXrSWg2GdtNLLYS1W3V-pzPK9sh2DePSpyveF5hjaWI1vQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame FD16 4 KB
5 KB 149ms
46ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/pEHdjvCqSKn7VSO1tSDnL2c1raglEXrSWg2GdtNLLYS1W3V-pzPK9sh2DePSpyveF5hjaWI1vQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

21aa5297ac1937c5e1a90132c42ce37eed9cd687b4b81daeced26abb4ed61bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 21:28:14 GMT
x-content-type-options: nosniff
age: 13372
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4389
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 28 Feb 2024 21:28:14 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame FD16 0
19 B 56ms
56ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=396&cpn=AyXlxtr4sD7JFbjP&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C36318%2C6271%2C26439494%2C4054%2C7111%2C9369%2C5694%2C5131%2C11592%2C4557%2C9954%2C27688%2C1598%2C3460%2C1908%2C2%2C1153%2C1717%2C4699%2C1127%2C17926%2C2791&cl=609813101&seq=1&docid=I7gy-VPjcKI&ei=KojeZbbhG6bD6dsPhOWTwAU&event=streamingstats&plid=AAYSZtE6O4oUGJsv&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FI7gy-VPjcKI%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBBeVhseHRyNHNEN0pGYmpQEAE&embargoed=0&cbr=Chrome&cbrver=122.0.6261.94&c=WEB_EMBEDDED_PLAYER&cver=1.20240225.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.160:B,0.160:B&cat=streaming&cmt=0.007:0.000,0.160:0.000&vfs=0.160:396:396::r&view=0.160:390:190&bwe=0.160:130000&bat=0.160:1:1&vis=0.160:0&bh=0.160:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
X-YouTube-Client-Version: 1.20240225.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKTktZb3ZVN243WSipkPquBjIKCgJERRIEEgAgMQ%3D%3D
X-YouTube-Ad-Signals: dt=1709082666348&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C390%2C190&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Wed, 28 Feb 2024 01:11:06 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-5go7ynlk.googlevideo.com/ Frame FD16 90 KB
91 KB 226ms
99ms Fetch
application/vnd.yt-ump 2a00:1450:400f:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1709104266&ei=KojeZbbhG6bD6dsPhOWTwAU&ip=2a03%3A1b20%3Ab%3Af011%3A%3A3e&id=o-AItxNfn0UwnrMBptZO6OW9MeQpDDN-mNW9LJxdFebGFw&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-5go7ynlk%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=1&pl=48&spc=UWF9f6U57Dw2LBu1ttnIOVn2KwWzy2tKKtsjoGRYLZLisRo&vprv=1&svpuc=1&mime=video%2Fmp4&ns=IU9za17yHdts3ztr-IGhEZQQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1709081722&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=h2AIkzsdnpbLdQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=APTiJQcwRAIgI3QegZzEg8irMoxaALDGJfJ6M4bQG2dcLr94ae42BUgCIFjtQX0ym6nUaxsG64HkEGhXHHVyrrWCmDvm5xMUbvyH&alr=yes&sig=AJfQdSswRgIhAM3_FOKeiqO7FOK5PlQFgbZu6diwz8wR1O05m0-rl2VXAiEAieSusZ8Bd4NC3j8gVng73MsDOUFx_Bpnd5-bjkHz1Rw%3D&cpn=AyXlxtr4sD7JFbjP&cver=1.20240225.00.00&range=0-92437&rn=1&rbuf=0&pot=IjiH0ofR4gwP-MS185nTufOI5eHdhMngs-HQge6i7IL2p8W4zpnEtc2X1YDOl8K1xrXKg6Lhw_e0lg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b96d17707d838aa43fc469b4327c8ca502fefe28defe1a00db18debb0489c2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:11:06 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 04 Feb 2024 01:08:30 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 28 Feb 2024 01:11:06 GMT

POST
H/1.1 200
OK videoplayback Show response
rr1---sn-5go7ynlk.googlevideo.com/ Frame FD16 64 KB
65 KB 186ms
59ms Fetch
application/vnd.yt-ump 2a00:1450:400f:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1709104266&ei=KojeZbbhG6bD6dsPhOWTwAU&ip=2a03%3A1b20%3Ab%3Af011%3A%3A3e&id=o-AItxNfn0UwnrMBptZO6OW9MeQpDDN-mNW9LJxdFebGFw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-5go7ynlk%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=1&pl=48&spc=UWF9f6U57Dw2LBu1ttnIOVn2KwWzy2tKKtsjoGRYLZLisRo&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=IU9za17yHdts3ztr-IGhEZQQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1709081722&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=h2AIkzsdnpbLdQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=APTiJQcwRgIhAKlbZBZF8q77ynkxCY-z2kuYbkBwLCa795cH099Dy4wiAiEAtgDBox4dOEA9pRnyXhVdH9T45_MX5JF_uY_MM_LTaSU%3D&alr=yes&sig=AJfQdSswRQIhAKBJhl1h4PNyF2Ypin_ryCX6gPlzh_Gl6j8PupvnrCsjAiAFsblVJQ-j5kk7BuV5hrkBzuWJSvQ5L5aq6mzrL0VG2g%3D%3D&cpn=AyXlxtr4sD7JFbjP&cver=1.20240225.00.00&range=0-65985&rn=2&rbuf=0&pot=IjiUc5Rw8a0cWdcU4DjAGOAp9kDOJdpBoEDDIP0D_yPlBtYZ3TjXFN42xiHdNtEU1RTZIrFA0FanNw==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7c1fd132b2dc94e63ab5024c0b3f48388c15a27ceec93a507442dc5fa370c7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:11:06 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 04 Feb 2024 00:52:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 28 Feb 2024 01:11:06 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/ Frame FD16 71 KB
24 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aded88488eaa9bd7a1f5099a232d2e13a4a31afeb4c2b425774e9d26651b056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:52:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58738
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24439
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 08:52:08 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/ Frame FD16 33 KB
8 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c050cd82480c48f8ffd8d51623818be1346c17a107b247d53315c0ea3564b66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:12:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8370
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 09:12:13 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/ Frame FD16 69 KB
19 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

632aff44c75fcc2f1778fea119a22436b405e485433a1721ea5f536e99e7f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:53:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18992
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 05:14:55 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 26 Feb 2025 08:53:11 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame FD16 35 KB
6 KB 238ms
238ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bb0cc68c41c7b783ad9aa229e9ecc092437cdfdc9d96d3e506a089cbe439b0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240225.00.00
X-Goog-Visitor-Id: CgtKTktZb3ZVN243WSipkPquBjIKCgJERRIEEgAgMQ%3D%3D

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5799
x-xss-protection: 0

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/I7gy-VPjcKI/ Frame FD16 46 KB
46 KB 160ms
47ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/I7gy-VPjcKI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gSShyMA8=&rs=AOn4CLB5ELBfYxB_OQSRhiGiqnBrzuBypg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84214d90a97eb88efaff581648c34345231c19f2fb34a3eb03dadeb53798548d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:31:08 GMT
x-content-type-options: nosniff
age: 2398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46985
x-xss-protection: 0
server: sffe
etag: "1677852174"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Feb 2024 02:31:08 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame FD16 0
10 B 45ms
45ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?LRAFmw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 54ms
53ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 28 Feb 2024 01:11:06 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame FD16 90 B
134 B 56ms
56ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c829c6bbbd0c4d3ff470bb07996799ffd0a7d02e6e01f403d5dd80e97348eefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/I7gy-VPjcKI/ Frame FD16 46 KB
46 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:828::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/I7gy-VPjcKI/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGE8gSShyMA8=&rs=AOn4CLB5ELBfYxB_OQSRhiGiqnBrzuBypg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84214d90a97eb88efaff581648c34345231c19f2fb34a3eb03dadeb53798548d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:31:08 GMT
x-content-type-options: nosniff
age: 2398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46985
x-xss-protection: 0
server: sffe
etag: "1677852174"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Feb 2024 02:31:08 GMT

GET
H2 200 pEHdjvCqSKn7VSO1tSDnL2c1raglEXrSWg2GdtNLLYS1W3V-pzPK9sh2DePSpyveF5hjaWI1vQ=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame FD16 6 KB
6 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/pEHdjvCqSKn7VSO1tSDnL2c1raglEXrSWg2GdtNLLYS1W3V-pzPK9sh2DePSpyveF5hjaWI1vQ=s88-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

06a254a9520941ead4944a4f80c20f60f0a97c6eeea9b92ae9945b88f0999933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 00:55:18 GMT
x-content-type-options: nosniff
age: 948
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6236
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 29 Feb 2024 00:55:18 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FD16 28 B
50 B 63ms
61ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time: 1709082666838
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
X-YouTube-Client-Version: 1.20240225.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKTktZb3ZVN243WSipkPquBjIKCgJERRIEEgAgMQ%3D%3D
X-YouTube-Ad-Signals: dt=1709082666241&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C390%2C190&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.0.0/css/ 88 KB
19 KB 126ms
49ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
via: 1.1 76a5975e559091e5f81e2804be07dd0c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"345f5ecc270c94968998574a2d37e31a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1nmR56AK4KwAtxgc1sYEE5QmuNIKwMlNNvVssrErFFY5eTNGgYRE%2BXARe%2FeQvnzl9EbPt%2BlYwXjBFon%2BAVovmy94pRIQOy7EOhtusylLF1%2Fxd5swPk6i4XyDGUjsP54L3JqdmzoY%2F6RGG9KUW6Ic3YLJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c4caac89eb3ca1-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: k_pqUmFSwrv6fDhUuuTtHB6ckW1lmXVYqM3Xud7FBSx0GFD0JpxtCg==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.0.0/css/ 26 KB
5 KB 135ms
58ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
via: 1.1 adb83a3a3628f104e6d1d9d74c07d92c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZ2qzxxQaEEVFk4Q5Q1IKx2Kkb9JsWwQG3YID%2FUeb29HsAqluH8ftTJRR0NVrzenzE1fCg2x%2BjFWrcpRS%2FL%2FtjdRcZjCzZzpJ83oG6HJO%2BGMwO6sOb74eI8LfkNCGLR2JThlDSDoI7As1HqPp03ITrB5YA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c4caac89ef3ca1-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: LPWgLbpPbnHyqr4LKrqSpxcUUXrWQk5K2rh7TTy_VlCcONwYI4fcrQ==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.0.0/css/ 823 B
721 B 133ms
57ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e751f751587617116614deaf11f087ea82f7644196c1d0571f71fd549b556b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
via: 1.1 442140e40576f40d5aa1ef69d1669f8c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"e8ee688b3310772b65f39c69b76f4720"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FR9MvKf%2BVi8MA%2BNEGar0UIxXuDP9pXxgDuIv0b1PGfmEDMqfZXT1OLN03oDOuAqiTn1KZrJJt2ohG9Hky4Rw5CL%2BmhIJWJ23Pt52QDdjdmRXJxxWkxYwGga96%2B8RyfoQoR32QKoccPkVLQ%2FPU3hX%2BqomVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c4caac89ed3ca1-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Ajxhfg4wqotBywYeZlIYtCb0cmgXRXUK1RiW7JezyjlKF1Llny3HFA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.0.0/css/ 2 KB
1 KB 132ms
55ms Fetch
text/css 2606:4700:e6::ac40:cc14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803
Requested by: Host: file.gifan.id
URL: https://file.gifan.id/fontawesome.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:cc14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b4b6b94b60580f6b44fd4f8152947eefdaf52fd5866219d86d5cfea0ee010d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fdd3k.jiw4.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:11:06 GMT
via: 1.1 8b20ff9a1799265d378bf510ac3db6de.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
server: cloudflare
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znhTJCmxAs3PzaNeDw1yq0Njx6C2bIoeOVbxo4fmoPQFD5Tey7Vz7puHDBA7S5Kwa31opNvwflPt16OPOTQ3oBVR%2B3smUBtM1mn0MkUfyg2FLEnmT9jmh6PWu5zyc9Ef2IDYKyFwQEqrYGsjWpRMNoGK8w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 85c4caac89ee3ca1-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Dif3i9EDGfbcgz57zM0naHfQJ86qq4HmjGndJ2rx7ZpGrOqxOsZo8A==

POST
H3 200 videoplayback Show response
rr1---sn-5go7ynlk.googlevideo.com/ Frame FD16 64 KB
64 KB 89ms
44ms Fetch
application/vnd.yt-ump 2a00:1450:400f:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1709104266&ei=KojeZbbhG6bD6dsPhOWTwAU&ip=2a03%3A1b20%3Ab%3Af011%3A%3A3e&id=o-AItxNfn0UwnrMBptZO6OW9MeQpDDN-mNW9LJxdFebGFw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-5go7ynlk%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=1&pl=48&spc=UWF9f6U57Dw2LBu1ttnIOVn2KwWzy2tKKtsjoGRYLZLisRo&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=IU9za17yHdts3ztr-IGhEZQQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1709081722&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=h2AIkzsdnpbLdQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=APTiJQcwRgIhAKlbZBZF8q77ynkxCY-z2kuYbkBwLCa795cH099Dy4wiAiEAtgDBox4dOEA9pRnyXhVdH9T45_MX5JF_uY_MM_LTaSU%3D&alr=yes&sig=AJfQdSswRQIhAKBJhl1h4PNyF2Ypin_ryCX6gPlzh_Gl6j8PupvnrCsjAiAFsblVJQ-j5kk7BuV5hrkBzuWJSvQ5L5aq6mzrL0VG2g%3D%3D&cpn=AyXlxtr4sD7JFbjP&cver=1.20240225.00.00&range=65986-131704&rn=3&rbuf=4057&pot=MnTcEtNoMhMjQtwqgp7p9z_Y70OkoPxZEPqAJVowgu4xgJ3KggP7BSSXAaNu1aHcCNNJwu7KSeLxKY2Ro9zx-VZvzLzLeFoeeV-LQJpTU3UbgHZgXyXGAiN9B6qAYrjBvKUv3vodEbfgVr5DO2CI-FrtrUu9ug==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9ef571aff23f25ca164fac0905f0796252c15a48829fe966b0ae0075ba35ca84

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 28 Feb 2024 01:11:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Wed, 28 Feb 2024 01:11:06 GMT

POST
H3 200 videoplayback Show response
rr1---sn-5go7ynlk.googlevideo.com/ Frame FD16 258 KB
258 KB 44ms
44ms Fetch
application/vnd.yt-ump 2a00:1450:400f:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1709104266&ei=KojeZbbhG6bD6dsPhOWTwAU&ip=2a03%3A1b20%3Ab%3Af011%3A%3A3e&id=o-AItxNfn0UwnrMBptZO6OW9MeQpDDN-mNW9LJxdFebGFw&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-5go7ynlk%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=1&pl=48&spc=UWF9f6U57Dw2LBu1ttnIOVn2KwWzy2tKKtsjoGRYLZLisRo&vprv=1&svpuc=1&mime=video%2Fmp4&ns=IU9za17yHdts3ztr-IGhEZQQ&gir=yes&clen=3723516&dur=105.699&lmt=1707008910988573&mt=1709081722&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5537434&n=h2AIkzsdnpbLdQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=APTiJQcwRAIgI3QegZzEg8irMoxaALDGJfJ6M4bQG2dcLr94ae42BUgCIFjtQX0ym6nUaxsG64HkEGhXHHVyrrWCmDvm5xMUbvyH&alr=yes&sig=AJfQdSswRgIhAM3_FOKeiqO7FOK5PlQFgbZu6diwz8wR1O05m0-rl2VXAiEAieSusZ8Bd4NC3j8gVng73MsDOUFx_Bpnd5-bjkHz1Rw%3D&cpn=AyXlxtr4sD7JFbjP&cver=1.20240225.00.00&range=92438-356417&rn=4&rbuf=5773&pot=MnTcEtNoMhMjQtwqgp7p9z_Y70OkoPxZEPqAJVowgu4xgJ3KggP7BSSXAaNu1aHcCNNJwu7KSeLxKY2Ro9zx-VZvzLzLeFoeeV-LQJpTU3UbgHZgXyXGAiN9B6qAYrjBvKUv3vodEbfgVr5DO2CI-FrtrUu9ug==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

19712fd8ce8ccb13eb0d7f0474313bd82ea8a4a53628baaf240978d174aa3ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 01:11:07 GMT
date: Wed, 28 Feb 2024 01:11:07 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 04 Feb 2024 01:08:30 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr1---sn-5go7ynlk.googlevideo.com/ Frame FD16 129 KB
129 KB 44ms
44ms Fetch
application/vnd.yt-ump 2a00:1450:400f:8::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr1---sn-5go7ynlk.googlevideo.com/videoplayback?expire=1709104266&ei=KojeZbbhG6bD6dsPhOWTwAU&ip=2a03%3A1b20%3Ab%3Af011%3A%3A3e&id=o-AItxNfn0UwnrMBptZO6OW9MeQpDDN-mNW9LJxdFebGFw&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=jt&mm=31%2C29&mn=sn-5go7ynlk%2Csn-5goeenez&ms=au%2Crdu&mv=u&mvi=1&pl=48&spc=UWF9f6U57Dw2LBu1ttnIOVn2KwWzy2tKKtsjoGRYLZLisRo&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=IU9za17yHdts3ztr-IGhEZQQ&gir=yes&clen=1617624&dur=105.721&lmt=1707007942638408&mt=1709081722&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=h2AIkzsdnpbLdQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=APTiJQcwRgIhAKlbZBZF8q77ynkxCY-z2kuYbkBwLCa795cH099Dy4wiAiEAtgDBox4dOEA9pRnyXhVdH9T45_MX5JF_uY_MM_LTaSU%3D&alr=yes&sig=AJfQdSswRQIhAKBJhl1h4PNyF2Ypin_ryCX6gPlzh_Gl6j8PupvnrCsjAiAFsblVJQ-j5kk7BuV5hrkBzuWJSvQ5L5aq6mzrL0VG2g%3D%3D&cpn=AyXlxtr4sD7JFbjP&cver=1.20240225.00.00&range=131705-263324&rn=5&rbuf=8125&pot=MnTcEtNoMhMjQtwqgp7p9z_Y70OkoPxZEPqAJVowgu4xgJ3KggP7BSSXAaNu1aHcCNNJwu7KSeLxKY2Ro9zx-VZvzLzLeFoeeV-LQJpTU3UbgHZgXyXGAiN9B6qAYrjBvKUv3vodEbfgVr5DO2CI-FrtrUu9ug==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400f:8::6 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

aeb851c6337375fe365854d88351a611969ad614d0e0e5d34077bb83e0fedca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

client-protocol: quic
date: Wed, 28 Feb 2024 01:11:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 04 Feb 2024 00:52:22 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Wed, 28 Feb 2024 01:11:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame FD16 28 B
50 B 58ms
58ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/95cde7ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-Goog-Request-Time: 1709082668905
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/I7gy-VPjcKI?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
X-YouTube-Client-Version: 1.20240225.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtKTktZb3ZVN243WSipkPquBjIKCgJERRIEEgAgMQ%3D%3D
X-YouTube-Ad-Signals: dt=1709082666241&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C390%2C190&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 28 Feb 2024 01:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rawcdn.githack.com
URL: https://rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css

Domain: rawcdn.githack.com
URL: https://rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css

Domain: rawcdn.githack.com
URL: https://rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 5SpVbzz7ERU
			.youtube.com/	1970-01-20 23:03:54	Name: VISITOR_INFO1_LIVE Value: JNKYovU7n7Y

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://fdd3k.jiw4.com/ Message: Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://fdd3k.jiw4.com/ Message: Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security	error	URL: https://fdd3k.jiw4.com/ Message: Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://fdd3k.jiw4.com/alexFrontEnd/tiktok.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://fdd3k.jiw4.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
fdd3k.jiw4.com
file.gifan.id
filebagasarya.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.postimg.cc
i.ytimg.com
jnn-pa.googleapis.com
ka-f.fontawesome.com
rawcdn.githack.com
rr1---sn-5go7ynlk.googlevideo.com
site-assets.fontawesome.com
stackpath.bootstrapcdn.com
static.doubleclick.net
www.google.com
www.youtube.com
yt3.ggpht.com
rawcdn.githack.com
162.19.61.80
2600:9000:211e:5800:12:3436:3dc0:93a1
2606:4700:3030::ac43:b8d5
2606:4700:3038::6815:ea22
2606:4700:4400::6812:2844
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6812:bcf
2606:4700:e6::ac40:cc14
2a00:1450:4001:803::2004
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:828::2016
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2002
2a00:1450:400f:8::6
2a06:98c1:3120::3
02b5c990cc42cfac020b098be37ffc9c4a7f331ee9b41cf1c249d3092881b72f
051afcaea280590a5c6a5c472ad0852783d794a8923c4d26e388656fc9dcd791
06a254a9520941ead4944a4f80c20f60f0a97c6eeea9b92ae9945b88f0999933
072ab5897156e054c8a2b0e9c9b32349dfdc703dfd340958a64bc0947c50e2c4
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560
0e751f751587617116614deaf11f087ea82f7644196c1d0571f71fd549b556b5
0eb6a14eeb1c27e7c3c471db0f10c25eea89a65df20b2dbeea6c9ee3ccc0c78f
10bc32127a5ceb3f33fc38029145931334f6f49bd7274b62697036fd59be2f65
19712fd8ce8ccb13eb0d7f0474313bd82ea8a4a53628baaf240978d174aa3ca8
1a91aa8dc8c721db22e66f1f0911319aed59816a8c7e709970fbe9ca6b0c9773
21aa5297ac1937c5e1a90132c42ce37eed9cd687b4b81daeced26abb4ed61bb1
258a47a929eb483613c81aae8432b705d949ac9facf5a5c02d7d8d4a3db823af
2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e
323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
35d68e25f22f6688e3a8f7cb2f354cd45b09c8523ba6d4ff53c7ca64d3c9e1bd
37e9b832341a9e17a95ef5f3d8d1175cc4d72cb67847b8a2eea9025ffe0570c9
3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
3aded88488eaa9bd7a1f5099a232d2e13a4a31afeb4c2b425774e9d26651b056
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
43de460f27a0d3e43b13b5e75ac00da6ea6b54fb468afc4cffbd53709ee556b4
46a89f72eddd4c6b4447622c23bdde5e861bb7afd8a4d1edef030841d373093a
480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050
51646465be1a3b745191c5cb6dceda47fb9be8a1c859beb345660fca8291e824
516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
54fad0de66506819441abb12f48b499596b374f441fe0aaa7a6e9d7ec0668a5e
55014dbf69631ed5825be787f9c494ca876a9504a85a82fd32806bfe724be1c2
5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
585cf192d586d254d46a7a066980137a06e5a23592e66dfc4b54bd6c4b63e088
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
622b5322352025505e01c71ff1d6520e62ce1f1211fc11efb3ede9d24a110c75
632aff44c75fcc2f1778fea119a22436b405e485433a1721ea5f536e99e7f6d1
63fbe80d8ea4766ecc80faddd1387ef9681cb2ec2b4ad45164f4b36ffb4e2e43
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
697bc23f8dd7589f972f89b3c44ae6ba55d3b396c42add250ca2757db65a40c8
6afcc18ffa172755862f5c6dc3f20d9c3d6ee6f5f399df00e8568bf747e1cdb9
6cc42f3ad3aa5606237a601793c1fb42458386d888adab6cf9077d23887eefed
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
762fe8a43c859633d41642dd93c10478d3dacf62ff1310ddcefa17db5fa61f29
788c47722a4dc77173ab620f196bfc24a2d8668bcf08f9fd296574545cf700f1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
7c1fd132b2dc94e63ab5024c0b3f48388c15a27ceec93a507442dc5fa370c7ae
7dad6721e95be42ff263df89e177b04725f23b7b37a2e7ab7f97e35e5fd02b16
7eb51057deb30db7c6c2900040a45178726b5a63c262f50ff58fdcf876cfa463
84214d90a97eb88efaff581648c34345231c19f2fb34a3eb03dadeb53798548d
85b4b6b94b60580f6b44fd4f8152947eefdaf52fd5866219d86d5cfea0ee010d
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
88e64fc7a9b3a38fed01df0a829a8f0357219558f9108c8353d460a52ad3419c
8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e
8e50767bd0edcca88b3b611cd905e3d05b34b04447076fcf6a3567cf55f3bb20
8ed2ebbb47a51b8fffb523a1d6654a8cabc41fa2ed10398d0ce64f76fcc63eb0
908c3acad2bff2c347166113be45b73a35869eed538a900acca3fedd81ff5183
9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a
9e5329360a8a2ef8a4ab0ce77f3230be443c093a3a3f02a007641e3f6fca5f5a
9ef571aff23f25ca164fac0905f0796252c15a48829fe966b0ae0075ba35ca84
a04ed1b5cf22b5ae79a1bbca52ee14f9ca03a83a36c6ce16e7ecb870e95aab55
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a738fedb10c230981aea2faeb99e56ba0f4b80d576559bbe99bc569abc28967f
a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759
a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
abc14d1c160d337dcda5b9a0834800c36d7337df488bc97c04773193615478a4
ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98
aeb851c6337375fe365854d88351a611969ad614d0e0e5d34077bb83e0fedca0
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b8f4fec91600d5be6d465792f7f7fab635d01019e148fe8b6f7bf59f717041de
b96d17707d838aa43fc469b4327c8ca502fefe28defe1a00db18debb0489c2f8
b9b545590950ff252a5b53bfc9b3d64ed373aee3ae94dec68033d0c857e8b3d8
bb0cc68c41c7b783ad9aa229e9ecc092437cdfdc9d96d3e506a089cbe439b0c6
bb4bc1a504ddf57f52bdb35efb1cdbfac4c9f2c78f00d85c70a6424ec1aa498f
bdef64506c2d40187da2a087990da97a54691710ac7d87ea5e00e0ba0eba739d
c050cd82480c48f8ffd8d51623818be1346c17a107b247d53315c0ea3564b66f
c42a32e5a7a206b741b7cd38a9fa3bdf602bc96cc3830c547daff8bae6422a64
c829c6bbbd0c4d3ff470bb07996799ffd0a7d02e6e01f403d5dd80e97348eefb
cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe
cbfc929b005b468835c50e4c16b2fe61676e3a17ca6057086326ab8a1cb0f160
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da57aa220b2f676a0dfe336fa5410675c9801312cbd50ccb59f81028e6cb4213
de9e872524b79699ce8b0624de9bba409dd246d16dd48f171e4ed1072c00cfeb
de9ffee95ca76c960fe4e473d63b680ef321f2e0edb1d0aefbdcec8275d40839
deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e436ac38500431763697f5bd387d494324f320b76b25c97e29938d90bd7b1557
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c
f0562ef3624d99ef205211177586097eb7ebd8f5b31711d335a74d368c75ec27
f3c3093e4cc9c4988c843918b523d35b42ea7d5ebca79ea89c04c0e661def0cd
f451a298d4843315ecb7bf2500d946295ecd6776aaf12cb69574bde1aa1f395c
f95ed204614a3599b0bb6ffdcceecb74cd5dc7a60e26ca4e235f1a2a82c5c518
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

fdd3k.jiw4.com Open in urlscan Pro 2606:4700:3030::ac43:b8d5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

106 Requests

96 %HTTPS

95 %IPv6

18 Domains

21 Subdomains

21 IPs

4 Countries

4801 kBTransfer

8193 kBSize

2 Cookies

0 Outgoing links

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fdd3k.jiw4.com Open in urlscan Pro
2606:4700:3030::ac43:b8d5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

96 %
HTTPS

95 %
IPv6

18
Domains

21
Subdomains

21
IPs

4
Countries

4801 kB
Transfer

8193 kB
Size

2
Cookies

106 HTTP transactions
1 data transactions