URL: https://gfriend.my/
Submission: On December 23 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3030::6815:333b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gfriend.my.
TLS certificate: Issued by WE1 on December 23rd 2024. Valid for: 3 months.
This is the only time gfriend.my was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 46.105.222.162 16276 (OVH OVH SAS)
1 2 2.21.20.153 20940 (AKAMAI-AS...)
3 23.50.131.88 20940 (AKAMAI-AS...)
2 157.240.253.174 32934 (FACEBOOK)
4 199.232.188.157 54113 (FASTLY)
21 9
Apex Domain
Subdomains
Transfer
6 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18404
212 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1634
30 KB
3 ttwstatic.com
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7292
23 KB
2 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1931
20 KB
2 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4406
4 KB
2 googleusercontent.com
yt3.googleusercontent.com — Cisco Umbrella Rank: 2032
52 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
135 KB
1 gfriend.my
gfriend.my
6 KB
21 8
Domain Requested by
6 i.postimg.cc gfriend.my
4 platform.twitter.com gfriend.my
platform.twitter.com
3 sf16-website-login.neutral.ttwstatic.com gfriend.my
www.tiktok.com
2 www.instagram.com gfriend.my
www.instagram.com
2 www.tiktok.com 1 redirects sf16-website-login.neutral.ttwstatic.com
2 yt3.googleusercontent.com gfriend.my
2 cdnjs.cloudflare.com gfriend.my
cdnjs.cloudflare.com
1 gfriend.my
21 8

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
www.youtube.com
open.spotify.com
Subject Issuer Validity Valid
gfriend.my
WE1
2024-12-23 -
2025-03-23
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.googleusercontent.com
WR2
2024-12-02 -
2025-02-24
3 months crt.sh
postimg.cc
E6
2024-12-19 -
2025-03-19
3 months crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA
2024-10-17 -
2024-12-30
2 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
*.neutral.ttwstatic.com
RapidSSL TLS RSA CA G1
2024-07-02 -
2025-07-01
a year crt.sh
*.www.tiktok.com
RapidSSL TLS ECC CA G1
2024-11-11 -
2025-11-10
a year crt.sh

This page contains 5 frames:

Primary Page: https://gfriend.my/
Frame ID: 1DDC6C4365229188EB1674C22CBDAB92
Requests: 18 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgfriend.my
Frame ID: 192B0CB1E73729CF8DCC1E24C75F9B06
Requests: 1 HTTP requests in this frame

Frame: https://www.instagram.com/reel/DD1Uv5SSsq7/embed/captioned/?cr=1&v=14&wp=348&rd=https%3A%2F%2Fgfriend.my&rp=%2F
Frame ID: FF6A2755457571F8AB3ECD1E580AC8AA
Requests: 1 HTTP requests in this frame

Frame: https://www.tiktok.com/embed/v2/7450771143528598791?lang=de-DE&referrer=https%3A%2F%2Fgfriend.my%2F
Frame ID: B23EAE35FB3E497A674FEFDBE3F0FC92
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1863236930814787708&lang=ko&origin=https%3A%2F%2Fgfriend.my%2F&sessionId=2a16a97ed5d6f875e5bd4dad9ae607de7bbd52d9&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Frame ID: 2420413B53AC8E50E5527CD5D40FEE29
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

GFRIEND (여자친구)

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

21
Requests

95 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

478 kB
Transfer

680 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.tiktok.com/embed.js HTTP 302
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gfriend.my/
17 KB
6 KB
Document
General
Full URL
https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:333b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7316df637e226efc10c4c32e604b778cd49df9267269e7ab74da96bf16942f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f682805184730f3-FRA
content-encoding
zstd
content-type
text/html
date
Mon, 23 Dec 2024 11:54:20 GMT
last-modified
Mon, 23 Dec 2024 09:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pRlqJ7nf%2FgWweNlc%2FHtDUjbLvoPedHfzyZ4aUWLzL5iIBCE%2BeSDCmyqofWV%2FUxUlHQHWRYkTnhr66YCxpmkOeI7WZCQOKHYpaCodKSjTD1REy0N2CkXBwyf75E0p2jfa4%2BcXJMglGV%2Fv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=6959&min_rtt=6142&rtt_var=1910&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2277&delivery_rate=627378&cwnd=253&unsent_bytes=0&cid=05aa18295fe72dc0&ts=434&x=0"
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/
72 KB
18 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/all.min.css
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74005d7c17d4a02f2f25404ec0655d9bc2fdaa53166874c87d7b7eec69d9088a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gfriend.my
Referer

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6760ad4c-4707"
age
301153
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nHDTtGiS7sYYJqA315jfq%2FGOow6%2Fx7fGZJLoTxSuhZevX%2FTA1Ro4FISDWDkWfYyezh%2BXIl2OUWaN%2B%2F5uDX8LeiL6ApO8kp27ndODYgyQUXf27eUSb%2FzOPiCJ7ZReDjKxu%2BpsRsXm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 11:54:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 16 Dec 2024 22:44:28 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f682807dfcd3668-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
18183
server
cloudflare
1OrKkrdpQ0r9rxZLisQ5IFGzIrRKljAcBXcCWAYCTQh136-34BO3c-3o2cGvijfU4xnOECYvpA=w1707-fcrop64=1,00005a57ffffa5a8-k-c0xffffffff-no-nd-rj
yt3.googleusercontent.com/
48 KB
49 KB
Image
General
Full URL
https://yt3.googleusercontent.com/1OrKkrdpQ0r9rxZLisQ5IFGzIrRKljAcBXcCWAYCTQh136-34BO3c-3o2cGvijfU4xnOECYvpA=w1707-fcrop64=1,00005a57ffffa5a8-k-c0xffffffff-no-nd-rj
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
9c85e774d6725a65e4ab617676c827829957482e4a36fc57ee2efd9a10b469bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
7718
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 09:45:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 09:45:42 GMT
content-disposition
inline;filename="channels4_banner.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
49417
x-xss-protection
0
server
fife
GF-4.jpg
i.postimg.cc/9Q1TyHbY/
40 KB
40 KB
Image
General
Full URL
https://i.postimg.cc/9Q1TyHbY/GF-4.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
0a2eb0a84286c47eff020ffc2682b497f538f7ea8ed981740648110be6730b07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
41025
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:30:52 GMT
server
openresty
GF-5.jpg
i.postimg.cc/MHbXx1rm/
36 KB
36 KB
Image
General
Full URL
https://i.postimg.cc/MHbXx1rm/GF-5.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
c4c99bff911557fa87482a6af2287201459373bcb203c2d361b669f66581af6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
36665
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:33:41 GMT
server
openresty
GF-6.jpg
i.postimg.cc/FHS8KGxv/
33 KB
33 KB
Image
General
Full URL
https://i.postimg.cc/FHS8KGxv/GF-6.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
a96b286669855e59d86e9049f9ff56801bcd19c9f3c78248b2235ad2c4535fa9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
33895
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:34:51 GMT
server
openresty
GF-3.jpg
i.postimg.cc/02D0M4hV/
30 KB
30 KB
Image
General
Full URL
https://i.postimg.cc/02D0M4hV/GF-3.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
a4eff8e847c59c4f98a8bbf1e1b62352eb7a7690044ed50f5dac22a5b6425003

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
30803
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:28:43 GMT
server
openresty
GF-1.jpg
i.postimg.cc/wjN3F89m/
42 KB
42 KB
Image
General
Full URL
https://i.postimg.cc/wjN3F89m/GF-1.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
0c06eeb8a62709227f7bf395de009563923caceda77ec3181d1366e7d2ff2caa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
42504
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:23:47 GMT
server
openresty
GF-2.jpg
i.postimg.cc/P5vK4xLQ/
30 KB
30 KB
Image
General
Full URL
https://i.postimg.cc/P5vK4xLQ/GF-2.jpg
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.105.222.162 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3236472.ip-46-105-222.eu
Software
openresty /
Resource Hash
40180c9b3ddd6eb628bf8930073367f0c355afd9b95f7e0688abf38844af00a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
30323
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
image/jpeg
last-modified
Mon, 23 Dec 2024 07:26:53 GMT
server
openresty
embed_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
40 KB
14 KB
Script
General
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Server
23.50.131.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-131-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-md5
9V0JLxhpwMvoJafbvKO0pQ==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
b2f83e35-5705-4835-962f-dbe0d55871a0
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Wed, 22 Jan 2025 11:54:20 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-41-167-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
date
Mon, 23 Dec 2024 11:54:20 GMT
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-akamai-request-id
652b742
opc-request-id
iad-1:Q2p2Cahv8nMtZ2DQvH9I_QNNRg3sEHGKBHyhD07jYWGs0vzxYmjfy38SWXloulyA
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
13fb1b8e-79ca-40e8-8dec-c5db316da63b
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
13353

Redirect headers

proxy-status
0000201302026000
x-cache-remote
TCP_MISS from a23-55-100-235.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
expires
Mon, 23 Dec 2024 11:54:20 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=2
x-cache
TCP_MISS from a23-206-213-23.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
text/html
x-akamai-request-id
69ff663b.46e2435f
x-tt-trace-host
011e59c2d9ea1a636ed2d7d9af29e982329f3d541121efb5905872919e8eb72ad4147875e1a75a9083f4c370327ec7252cd03df0b5cd809ed9d687fffe5d066c37ac26dcd356906fd592947d9217d5ec60
reporting-endpoints
csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
x-origin-response-time
3,23.55.100.235
content-security-policy
default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com static.captchami.com t.co tikitoks.com tiktok.captchami.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/legal/report/verification/uploader-oversea-crc32.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js; report-to csp-endpoint; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&p=Bft85SohKpT3hn5_VgkV2&v=6; script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.tiktokcdn-eu.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.tiktokcdn-eu.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com static.captchami.com tiktok.captchami.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com; upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
location
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_v1.0.12.js
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
content-security-policy-report-only
report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&p=Bft85SohKpT3hn5_VgkV2&v=1; report-to csp-endpoint
x-tt-trace-id
00-24122311541964F7EC84C067E8147D10-5F7020F20D2DC501-00
content-length
136
x-parent-response-time
89,23.206.213.23
x-tt-logid
2024122311541964F7EC84C067E8147D10
server
TLB
embed.js
www.instagram.com/
57 KB
20 KB
Script
General
Full URL
https://www.instagram.com/embed.js
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.174 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
instagram-p42-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
79b546a15709ff2537a230e7b930d80d8eea5efc04b260be16afc6c5a7b32748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-md5
G3su8OTjY/PYUrIEaF43Sg==
access-control-expose-headers
X-FB-Content-MD5
x-stack
www
content-encoding
zstd
etag
"5db10a0404ddeb3625438e637c296afe"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Mon, 23 Dec 2024 12:14:20 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=1200s
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
x-fb-debug
YbA589Dv8pGxxFrdskuLom5B2W8I1pixEsDJkVrXK8iGFqOG+TKwA96eKVzuYIn1fN71kAHDxW6IJi4vtQqv9w==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
x-fb-content-md5
010132c1acac120192d2bc41d8c3d4d5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
20727
origin-agent-cluster
?1
widgets.js
platform.twitter.com/
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: gfriend.my
URL: https://gfriend.my/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Mon, 23 Dec 2024 11:54:20 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-muc13970-MUC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/webfonts/
116 KB
117 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7236a19bf23cbb2027280e8f51dc99d6c45976a2ed60de73382b034b18a2b68
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://gfriend.my
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.7.2/css/all.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"6760ad4c-1cf9c"
age
541708
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o1ni2GEASdod4r3ShJlV6jCGtyTd%2Bje3znKQ%2FCsf4tHuOyAfyAdFpJef%2FiANo%2Fo3M4oMEmilq8rW5UfXKtn5nKokBWcAzJ%2FTHox9hffij7DiZFYvxyXBkiM6l3NjC1WKkKIsD8er"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 13 Dec 2025 11:54:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 23 Dec 2024 11:54:20 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 16 Dec 2024 22:44:28 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8f6828081ff53668-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
118684
server
cloudflare
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 192B
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fgfriend.my
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gfriend.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 11:54:20 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-muc13939-MUC
/
www.instagram.com/reel/DD1Uv5SSsq7/embed/captioned/ Frame FF6A
0
0
Document
General
Full URL
https://www.instagram.com/reel/DD1Uv5SSsq7/embed/captioned/?cr=1&v=14&wp=348&rd=https%3A%2F%2Fgfriend.my&rp=%2F
Requested by
Host: www.instagram.com
URL: https://www.instagram.com/embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.174 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
instagram-p42-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.instagram.com static.cdninstagram.com *.facebook.com *.fbcdn.net *.facebook.net 'nonce-NShzmKXJ' blob: data: 'self' 'wasm-unsafe-eval' https://accounts.google.com;style-src *.instagram.com static.cdninstagram.com data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com;connect-src *.instagram.com wss://edge-chat.instagram.com connect.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.instagram.com static.cdninstagram.com data: *.fbcdn.net *.intern.facebook.com *.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: *.cdninstagram.com *.whatsapp.net blob: *.fbsbx.com android-webview-video-poster: *.oculuscdn.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfriend.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src *.facebook.com *.fbcdn.net *.instagram.com data: blob:;script-src *.instagram.com static.cdninstagram.com *.facebook.com *.fbcdn.net *.facebook.net 'nonce-NShzmKXJ' blob: data: 'self' 'wasm-unsafe-eval' https://accounts.google.com;style-src *.instagram.com static.cdninstagram.com data: blob: 'unsafe-inline' *.fbcdn.net *.facebook.com;connect-src *.instagram.com wss://edge-chat.instagram.com connect.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* blob: *.cdninstagram.com wss://*.instagram.com:* 'self';font-src *.instagram.com static.cdninstagram.com data: *.fbcdn.net *.intern.facebook.com *.facebook.com;img-src *.instagram.com *.facebook.com *.fbcdn.net data: *.cdninstagram.com *.whatsapp.net blob: *.fbsbx.com android-webview-video-poster: *.oculuscdn.com;media-src *.facebook.com *.fbcdn.net *.instagram.com *.cdninstagram.com cdn.fbsbx.com data: blob:;frame-src *.instagram.com *.facebook.com *.fbsbx.com fbsbx.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
same-origin
date
Mon, 23 Dec 2024 11:54:21 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(self), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(self), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown", permissions_policy="https://www.instagram.com/error/ig_web_error_reports/"
strict-transport-security
max-age=31536000; preload; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
GfqC4PWvT8n/QRZrjm+qe2egGmB/YtTNaqgahBkectT/cLDo983i/LWZPJJU/JszCOdZesk4jpnaYgn4dxbRVg==
x-stack
www
x-xss-protection
0
embed_lib_v1.0.12.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
4 KB
2 KB
Stylesheet
General
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-131-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-md5
Ii2KDY04c+qhyedihYMYdg==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-encoding
br
etag
39224e5f-f8d6-4c55-ae56-505ef909cad1
x-check-cacheable
YES
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Wed, 22 Jan 2025 11:54:20 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-41-167-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
date
Mon, 23 Dec 2024 11:54:20 GMT
last-modified
Mon, 22 Jan 2024 19:32:26 GMT
content-type
text/css
vary
Accept-Encoding
x-akamai-request-id
652b7be
opc-request-id
iad-1:F-GmYTpkYt4vDKCxQ32P6nxr9VDw3mn9AP2-fBr-X2mRyQIYr7QV2qcFWqYCRzTY
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
13b130cc-bbd0-4b27-8c6e-b602952002cb
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1323
embed_lib_v1.0.12.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/
14 KB
6 KB
Script
General
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.131.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-131-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-md5
VdrKLRPQL3RIZZVN/2qAoQ==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,version-id,x-api-id
content-encoding
br
etag
68841bda-6450-4a08-b6f6-faff4077f49a
x-check-cacheable
YES
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Wed, 22 Jan 2025 11:54:20 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-41-167-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
date
Mon, 23 Dec 2024 11:54:20 GMT
last-modified
Mon, 22 Jan 2024 19:32:27 GMT
content-type
application/javascript
vary
Accept-Encoding
x-akamai-request-id
652b7bf
opc-request-id
iad-1:yvN4bg8V8-n5uytG9lmowXEj__qYpCIackWLttBw9Erfjec96OfeMYVrdXo-gqes
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
b9e60eac-0991-435a-9f2a-a3f1f27e2397
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
5716
7450771143528598791
www.tiktok.com/embed/v2/ Frame B23E
0
0
Document
General
Full URL
https://www.tiktok.com/embed/v2/7450771143528598791?lang=de-DE&referrer=https%3A%2F%2Fgfriend.my%2F
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok/falcon/embed/embed_lib_v1.0.12.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-21-20-153.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
Security Headers
Name Value
Content-Security-Policy worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/legal/report/verification/uploader-oversea-crc32.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js; report-to csp-endpoint; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&p=Bft85SohKpT3hn5_VgkV2&v=6; script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.tiktokcdn-eu.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.tiktokcdn-eu.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com static.captchami.com tiktok.captchami.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com static.captchami.com t.co tikitoks.com tiktok.captchami.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com

Request headers

Referer
https://gfriend.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-security-policy
worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/legal/report/verification/uploader-oversea-crc32.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js; report-to csp-endpoint; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&p=Bft85SohKpT3hn5_VgkV2&v=6; script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.tiktokcdn-eu.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.tiktokcdn-eu.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com static.captchami.com tiktok.captchami.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com static.captchami.com t.co tikitoks.com tiktok.captchami.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com
content-security-policy-report-only
report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&p=Bft85SohKpT3hn5_VgkV2&v=1; report-to csp-endpoint
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 11:54:21 GMT
expires
Mon, 23 Dec 2024 11:54:21 GMT
pragma
no-cache
reporting-endpoints
csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server
TLB
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=158 inner; dur=155
x-akamai-request-id
1ac4772.63670616
x-cache
TCP_MISS from a23-206-213-22.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
x-cache-remote
TCP_MISS from a23-55-100-229.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-)
x-origin-response-time
158,23.55.100.229
x-parent-response-time
251,23.206.213.22
x-pumbaa-web-avail
1
x-tt-logid
202412231154205B2D5A7E059A35131A70
x-tt-trace-host
011e59c2d9ea1a636ed2d7d9af29e98232d45e6777fe358852cafce16639132b74f094c5fbce40d713d98a945dc6120363b4b72e270f4fd05c2aeee40518f175530eece30e56d63e0665b57558d918dc9e45b944338807da5841ecb7a5030d6f92c5a623f8f9e13d04e45e24f77ae684ad
x-tt-trace-id
00-2412231154205B2D5A7E059A35131A70-042B753600A6D38A-00
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
truncated
/
515 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5627593dfdcee05df1c67367479100ccd75ba5e075c16d11589823852fb5f06f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
tweet.d7aeb21a88e025d2ea5f5431a103f586.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/tweet.d7aeb21a88e025d2ea5f5431a103f586.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

content-encoding
gzip
etag
"1836187c57e3f0873abebe6985a39f5a+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Mon, 23 Dec 2024 11:54:21 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200124-IAD, cache-muc13970-MUC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2725
x-amz-server-side-encryption
AES256
Tweet.html
platform.twitter.com/embed/ Frame 2420
0
0
Document
General
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1863236930814787708&lang=ko&origin=https%3A%2F%2Fgfriend.my%2F&sessionId=2a16a97ed5d6f875e5bd4dad9ae607de7bbd52d9&theme=light&widgetsVersion=2615f7e52b7e0%3A1702314776716&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gfriend.my/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=1800
content-encoding
gzip
content-length
213
content-type
text/html; charset=utf-8
date
Mon, 23 Dec 2024 11:54:21 GMT
etag
"0d60462b44e0e0c34f053fa13e86675d+gzip"
last-modified
Thu, 05 Sep 2024 16:06:30 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200058-IAD, cache-muc13939-MUC
rWpvfaie6hfpZ2A-vxr3Ov3ionP-49l81BZp4-YPw9FVTWre80zYZ0M7AkIrsOB-MTn3CnxFzw=s160-c-k-c0x00ffffff-no-rj
yt3.googleusercontent.com/
3 KB
3 KB
Other
General
Full URL
https://yt3.googleusercontent.com/rWpvfaie6hfpZ2A-vxr3Ov3ionP-49l81BZp4-YPw9FVTWre80zYZ0M7AkIrsOB-MTn3CnxFzw=s160-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4dde4cfe23f93f6a5898b318ff8c6ce4ca2e46187940e09a64c5bc499ac2be8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gfriend.my/

Response headers

access-control-expose-headers
Content-Length
etag
"v1"
age
0
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 11:54:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 11:54:22 GMT
content-disposition
inline;filename="channels4_profile.jpg"
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
access-control-allow-origin
*
content-length
3306
x-xss-protection
0
server
fife

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| __twttrll object| twttr object| __twttr object| instgrm object| regeneratorRuntime object| core object| __core-js_shared__ object| tiktokEmbed

2 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: ttwid
Value: 1%7CyjrxfZAKQ9YRhpA_jYEFreh8rQecn5mM-RmlHm1kajk%7C1734954861%7Cc6d97ae0c09726bc8fd9d8398c5a70cbba6c22c105b1ac39dabe181a1d565a56
.tiktok.com/ Name: msToken
Value: vyhxpi0F0tcJGI2f8LcCoYKaeBNO46qhmMe_G2jQoXCVSM9qzw_TElci128taIqGL3vcY-YjtppxsQiGTjDwPScR4oB9CUNDknvBmER24N7a

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
gfriend.my
i.postimg.cc
platform.twitter.com
sf16-website-login.neutral.ttwstatic.com
www.instagram.com
www.tiktok.com
yt3.googleusercontent.com
104.17.24.14
157.240.253.174
199.232.188.157
2.21.20.153
23.50.131.88
2606:4700:3030::6815:333b
2a00:1450:4001:81d::2001
46.105.222.162
0a2eb0a84286c47eff020ffc2682b497f538f7ea8ed981740648110be6730b07
0c06eeb8a62709227f7bf395de009563923caceda77ec3181d1366e7d2ff2caa
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
40180c9b3ddd6eb628bf8930073367f0c355afd9b95f7e0688abf38844af00a1
4dde4cfe23f93f6a5898b318ff8c6ce4ca2e46187940e09a64c5bc499ac2be8c
5627593dfdcee05df1c67367479100ccd75ba5e075c16d11589823852fb5f06f
74005d7c17d4a02f2f25404ec0655d9bc2fdaa53166874c87d7b7eec69d9088a
79b546a15709ff2537a230e7b930d80d8eea5efc04b260be16afc6c5a7b32748
837952667afe5b3e25ecaea19e3884e52add3125525a16d5c513270c9c50a8a9
8c107541703c4d748d507c1827566254c8a950dc913e83f6ec490e5cec3eca0f
9c85e774d6725a65e4ab617676c827829957482e4a36fc57ee2efd9a10b469bf
a4eff8e847c59c4f98a8bbf1e1b62352eb7a7690044ed50f5dac22a5b6425003
a96b286669855e59d86e9049f9ff56801bcd19c9f3c78248b2235ad2c4535fa9
b69773dcbb510737999108690126d5326d529d8aa853492f94464fc0826adb59
b7316df637e226efc10c4c32e604b778cd49df9267269e7ab74da96bf16942f8
c4c99bff911557fa87482a6af2287201459373bcb203c2d361b669f66581af6b
d7236a19bf23cbb2027280e8f51dc99d6c45976a2ed60de73382b034b18a2b68
dc15d2dbaaafa80d89a77adf365ea3a2a728c8eefc36b9872b06b78d7d919b49