downyup6b0.weebly.com Open in urlscan Pro
74.115.51.9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://downyup6b0.weebly.com/
Submission: On November 01 via api (November 1st 2024, 3:36:53 pm UTC) from US — Scanned from DE

Summary HTTP 126 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 38 domains to perform 126 HTTP transactions. The main IP is 74.115.51.9, located in United States and belongs to WEEBLY, US. The main domain is downyup6b0.weebly.com.
TLS certificate: Issued by E5 on October 28th 2024. Valid for: 3 months.

This is the only time downyup6b0.weebly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	74.115.51.9 74.115.51.9	27647 (WEEBLY) (WEEBLY)
10	2a04:4e42:400... 2a04:4e42:400::302	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275d:9600:1d:d7f6:39d3:d9e1	16509 (AMAZON-02) (AMAZON-02)
1	23.53.43.67 23.53.43.67	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2a04:4e42:400... 2a04:4e42:400::84	54113 (FASTLY) (FASTLY)
2	2a04:4e42::84 2a04:4e42::84	54113 (FASTLY) (FASTLY)
1	2a02:26f0:710... 2a02:26f0:7100:995::16c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:800::2016	15169 (GOOGLE) (GOOGLE)
2	18.66.192.119 18.66.192.119	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	151.106.118.109 151.106.118.109	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1	151.101.130.152 151.101.130.152	54113 (FASTLY) (FASTLY)
1 1	192.0.72.22 192.0.72.22	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.78.12 192.0.78.12	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a04:4e42:600... 2a04:4e42:600::720	54113 (FASTLY) (FASTLY)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	216.92.142.12 216.92.142.12	7859 (PAIR-NETW...) (PAIR-NETWORKS)
1	172.67.221.54 172.67.221.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.160.157.24 34.160.157.24	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:20:... 2606:4700:20::681a:816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	124.155.223.231 124.155.223.231	4657 (STARHUB-I...) (STARHUB-INTERNET StarHub Ltd)
1	83.222.126.244 83.222.126.244	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
1	2a02:4780:3:1... 2a02:4780:3:1200:0:2024:566b:2	47583 (AS-HOSTINGER) (AS-HOSTINGER)
1 1	192.0.79.8 192.0.79.8	2635 (AUTOMATTIC) (AUTOMATTIC)
10	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
9	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
4	151.101.129.46 151.101.129.46	54113 (FASTLY) (FASTLY)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
13	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	44.241.17.25 44.241.17.25	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
126	35

10 74.115.51.9 (United States)

ASN27647 (WEEBLY, US)
PTR: wildcard.weebly.com

downyup6b0.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a04:4e42:400::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:9600:1d:d7f6:39d3:d9e1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images-na.ssl-images-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.43.67 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-43-67.deploy.static.akamaitechnologies.com

static-s.aa-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::84 (United States) 1 redirects

ASN54113 (FASTLY, US)

s-media-cache-ak0.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:995::16c2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.dailymail.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.192.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-119.muc50.r.cloudfront.net

i630.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.106.118.109 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv119.niagahoster.com

penaindigo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.152 (San Francisco, United States)

ASN54113 (FASTLY, US)

image.slidesharecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.22 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

gatotkacatulanglunak.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.78.12 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

gatotkacatulanglunak.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ri32.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::720 (United States)

ASN54113 (FASTLY, US)

motionarray-content.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.92.142.12 (United States)

ASN7859 (PAIR-NETWORKS, US)
PTR: manifest-tech.com

www.manifest-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.221.54 (United States)

ASN13335 (CLOUDFLARENET, US)

vfxdownload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.157.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.157.160.34.bc.googleusercontent.com

images.template.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:816 (United States)

ASN13335 (CLOUDFLARENET, US)

image.winudf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.155.223.231 (Singapore, Singapore)

ASN4657 (STARHUB-INTERNET StarHub Ltd, SG)
PTR: 124.155.223-231.unknown.starhub.net.sg

assets.jalantikus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.126.244 (Russian Federation)

ASN47328 (TRI-AS DigitalOne AG, CH)

b1.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:4780:3:1200:0:2024:566b:2 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)

sixghakreasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.79.8 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

ri32.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

epimar.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.46 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.241.17.25 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-17-25.us-west-2.compute.amazonaws.com

ec.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 77
16	editmysite.com cdn2.editmysite.com — Cisco Umbrella Rank: 15020 ec.editmysite.com — Cisco Umbrella Rank: 16527	442 KB
15	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472 syndication.twitter.com — Cisco Umbrella Rank: 1829	30 KB
10	epimar.win epimar.win	13 KB
10	weebly.com downyup6b0.weebly.com	460 KB
9	gstatic.com fonts.gstatic.com	182 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 ajax.googleapis.com — Cisco Umbrella Rank: 412	38 KB
4	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 22681 3.bp.blogspot.com — Cisco Umbrella Rank: 19611 1.bp.blogspot.com — Cisco Umbrella Rank: 17648	567 KB
4	wordpress.com katagambarku.wordpress.com Failed gatotkacatulanglunak.files.wordpress.com gatotkacatulanglunak.wordpress.com ri32.files.wordpress.com ri32.wordpress.com	61 KB
3	pinimg.com 1 redirects s-media-cache-ak0.pinimg.com — Cisco Umbrella Rank: 89653 i.pinimg.com — Cisco Umbrella Rank: 2414	138 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	jalantikus.com assets.jalantikus.com — Cisco Umbrella Rank: 396688	133 KB
2	photobucket.com i630.photobucket.com	99 KB
1	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 927	17 KB
1	sixghakreasi.com sixghakreasi.com	72 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 8556	59 KB
1	b1.org b1.org	126 KB
1	winudf.com image.winudf.com — Cisco Umbrella Rank: 61683	25 KB
1	template.net images.template.net — Cisco Umbrella Rank: 75246	37 KB
1	vfxdownload.com vfxdownload.com	298 KB
1	manifest-tech.com www.manifest-tech.com	43 KB
1	wp.com i2.wp.com — Cisco Umbrella Rank: 8133	65 B
1	imgix.net motionarray-content.imgix.net	52 KB
1	slidesharecdn.com image.slidesharecdn.com — Cisco Umbrella Rank: 36118	8 KB
1	penaindigo.com penaindigo.com	9 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 99	1 KB
1	dailymail.co.uk i.dailymail.co.uk — Cisco Umbrella Rank: 11183	87 KB
1	ssl-images-amazon.com images-na.ssl-images-amazon.com — Cisco Umbrella Rank: 906	36 KB
1	aa-cdn.net static-s.aa-cdn.net — Cisco Umbrella Rank: 688410	526 KB
1	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 482	21 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	46 KB
0	magicplan.app Failed www.magicplan.app Failed
0	freeaetemplates.com Failed www.freeaetemplates.com Failed
0	burgers-lyon.com Failed burgers-lyon.com Failed
0	baidu.com Failed img.phone.baidu.com Failed
0	drawinglics.com Failed drawinglics.com Failed
0	sukipli.com Failed img.sukipli.com Failed
0	dramaqu.net Failed dramaqu.net Failed
126	38

	Domain	Requested by
18	www.youtube.com	downyup6b0.weebly.com
14	cdn2.editmysite.com	downyup6b0.weebly.com ajax.googleapis.com cdn2.editmysite.com
13	platform.twitter.com	downyup6b0.weebly.com platform.twitter.com
10	epimar.win	downyup6b0.weebly.com
10	downyup6b0.weebly.com	downyup6b0.weebly.com ajax.googleapis.com
9	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	downyup6b0.weebly.com
2	syndication.twitter.com	downyup6b0.weebly.com
2	ec.editmysite.com	cdn2.editmysite.com
2	connect.facebook.net	downyup6b0.weebly.com connect.facebook.net
2	assets.jalantikus.com	downyup6b0.weebly.com
2	4.bp.blogspot.com	downyup6b0.weebly.com
2	i630.photobucket.com	downyup6b0.weebly.com
2	i.pinimg.com	downyup6b0.weebly.com
1	ssl.google-analytics.com	downyup6b0.weebly.com
1	ri32.wordpress.com	downyup6b0.weebly.com
1	ri32.files.wordpress.com	1 redirects
1	sixghakreasi.com	downyup6b0.weebly.com
1	i.imgur.com	downyup6b0.weebly.com
1	b1.org	downyup6b0.weebly.com
1	1.bp.blogspot.com	downyup6b0.weebly.com
1	3.bp.blogspot.com	downyup6b0.weebly.com
1	image.winudf.com	downyup6b0.weebly.com
1	images.template.net	downyup6b0.weebly.com
1	vfxdownload.com	downyup6b0.weebly.com
1	www.manifest-tech.com	downyup6b0.weebly.com
1	i2.wp.com	downyup6b0.weebly.com
1	motionarray-content.imgix.net	downyup6b0.weebly.com
1	gatotkacatulanglunak.wordpress.com	downyup6b0.weebly.com
1	gatotkacatulanglunak.files.wordpress.com	1 redirects
1	image.slidesharecdn.com	downyup6b0.weebly.com
1	penaindigo.com	downyup6b0.weebly.com
1	i.ytimg.com	downyup6b0.weebly.com
1	i.dailymail.co.uk	downyup6b0.weebly.com
1	images-na.ssl-images-amazon.com	downyup6b0.weebly.com
1	s-media-cache-ak0.pinimg.com	1 redirects
1	static-s.aa-cdn.net	downyup6b0.weebly.com
1	m.media-amazon.com	downyup6b0.weebly.com
1	lh3.googleusercontent.com	downyup6b0.weebly.com
1	ajax.googleapis.com	downyup6b0.weebly.com
0	www.magicplan.app Failed	downyup6b0.weebly.com
0	www.freeaetemplates.com Failed	downyup6b0.weebly.com
0	burgers-lyon.com Failed	downyup6b0.weebly.com
0	katagambarku.wordpress.com Failed	downyup6b0.weebly.com
0	img.phone.baidu.com Failed	downyup6b0.weebly.com
0	drawinglics.com Failed	downyup6b0.weebly.com
0	img.sukipli.com Failed	downyup6b0.weebly.com
0	dramaqu.net Failed	downyup6b0.weebly.com
126	48

This site contains links to these domains. Also see Links.

Domain
www.weebly.com

Subject Issuer	Validity	Valid
weebly.com E5	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-15` - `2025-04-16`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2024-01-05` - `2024-12-08`	a year	crt.sh
*.aa-cdn.net DigiCert TLS RSA SHA256 2020 CA1	`2024-06-11` - `2025-06-12`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-05` - `2025-08-07`	a year	crt.sh
*.dailymail.co.uk DigiCert TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-23`	a year	crt.sh
edgestatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
photobucket.com Amazon RSA 2048 M02	`2024-06-07` - `2025-07-06`	a year	crt.sh
misc-sni.blogspot.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
penaindigo.com R10	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.slidesharecdn.com R11	`2024-10-19` - `2025-01-17`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2024 Q4	`2024-10-09` - `2025-11-10`	a year	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
manifest-tech.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-27` - `2025-03-29`	a year	crt.sh
vfxdownload.com WE1	`2024-10-23` - `2025-01-21`	3 months	crt.sh
*.template.net E6	`2024-10-21` - `2025-01-19`	3 months	crt.sh
winudf.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
jalantikus.com Go Daddy Secure Certificate Authority - G2	`2024-02-21` - `2025-03-24`	a year	crt.sh
b1.org R11	`2024-09-19` - `2024-12-18`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
sixghakreasi.com R10	`2024-10-28` - `2025-01-26`	3 months	crt.sh
epimar.win WE1	`2024-10-18` - `2025-01-16`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
ec.editmysite.com Amazon RSA 2048 M02	`2024-05-12` - `2025-06-10`	a year	crt.sh
syndication.twitter.com R10	`2024-10-11` - `2025-01-09`	3 months	crt.sh

This page contains 30 frames:

Primary Page: https://downyup6b0.weebly.com/
Frame ID: EAC1E3C71801222D69BE7715D8724A59
Requests: 96 HTTP requests in this frame

Frame: https://www.youtube.com/embed/eTmNhJZoqhM
Frame ID: AFDFDAA7F61F7A5059A8142FAB0DB558
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/O5l6MenfMQQ
Frame ID: 0163B147B56F70699DFB4E14AC102D41
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/VKFsmZhQWtg
Frame ID: 049EC9742F147168864938D068A60D62
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/t0JF-tMETg4
Frame ID: 563BFA02F1F272575B9E640111687A25
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/6597-gDq184
Frame ID: B6EECE4F3BAD6B0CF8D57690AFCD44A1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YwrpzzG7UrQ
Frame ID: 0100C4678816F76A253F233055E9A47A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/SnPa_h18LTg
Frame ID: FCF8C903DA08DA45BE8954C329E154AD
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/0WM6MkmODbY
Frame ID: 8BDACC3AE83EE2C2FA96035F00946E0C
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/1VB_e8ZvviM
Frame ID: 7F9EB1415BB6044B9A3402E58A2E9A9B
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c1wC61IP-TU
Frame ID: 6B018C3157B17FC8CFAC13BF93790946
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/DUm3fMmdbFA
Frame ID: 0E038A46206D59992A5DBCAD59BF6575
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vyZERVP266Y
Frame ID: 6643D22F602404936CFFAB085DA838B7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/2w_SOucguxY
Frame ID: 31891BB811368835C4DC16A7186332F8
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/D_f0WEEV_Ho
Frame ID: 993717729AABC2B55A2740B4D503983E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/RE9O_doW54I
Frame ID: A79EBA033240239EA9F6B062AD6BCED1
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Ydb7ZRS0KwE
Frame ID: 711D1BD34571B021475468BEAAC7DAFF
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/i6bDQBzEjZc
Frame ID: 50CA568ACD3CC9ED6E227326C00038C2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/aaz4haUWTTA
Frame ID: 6FCD712485FB66BBC453572DF03F9B3B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fdownyup6b0.weebly.com
Frame ID: E0E32A3DCB0AE4748C9BA3DCFEED6DC5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 58C4973C989CBC51339643ABDB67336F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: E2D5D6E85411FD2B3FE2F7CAFB435868
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 04CB53F67DF922E10BD06C44E8D2D177
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 40F478A65460E42AF5AE6A89D888B4CF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 9C7CDF83ECD5E88F89FB551E041A6B36
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 14101C6394A63D99368A3FAB9DEEFFD0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: CB2165693A57269FB67D067569585A91
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: D4ABC4CD84592D10F0ABEC5264293DB3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 98C7B8EF978A253F60F67736D142B8CB
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: E6197DBE04C3B6EA5DF7D6F1E0C0AB8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Backstage - Home

Detected technologies

Weebly (CMS) Expand

Overall confidence: 100%
Detected patterns

cdn\d+\.editmysite\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

90 %
HTTPS

41 %
IPv6

38
Domains

48
Subdomains

35
IPs

5
Countries

3701 kB
Transfer

5314 kB
Size

13
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer
Title: Powered by Create your own unique website with customizable templates. Get Started

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://katagambarku.files.wordpress.com/2015/08/gambar-kata-kata-cinta-lucu-modus-banget.jpg?w=450&h=450 HTTP 302
https://katagambarku.wordpress.com/wp-content/uploads/2015/08/gambar-kata-kata-cinta-lucu-modus-banget.jpg?w=450&h=450

Request Chain 25

https://s-media-cache-ak0.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg HTTP 301
https://i.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg

Request Chain 35

https://gatotkacatulanglunak.files.wordpress.com/2014/06/scribd1.png?w=300&h=224 HTTP 302
https://gatotkacatulanglunak.wordpress.com/wp-content/uploads/2014/06/scribd1.png?w=300&h=224

Request Chain 48

https://www.magic-plan.com/wp-content/uploads/skin-1-1024x786.png HTTP 301
https://magicplan.app/wp-content/uploads/skin-1-1024x786.png HTTP 301
https://www.magicplan.app/wp-content/uploads/skin-1-1024x786.png

Request Chain 52

https://ri32.files.wordpress.com/2010/11/absensi-online.png HTTP 302
https://ri32.wordpress.com/wp-content/uploads/2010/11/absensi-online.png

126 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
downyup6b0.weebly.com/ 97 KB
33 KB 432ms
341ms Document
text/html 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 94344aac936aec69b29a6b681a5b00056a17f3f26b1f99ad915e9d8f0d670be1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8dbcf64ecf9be532-TXL
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 01 Nov 2024 15:36:44 GMT
server: cloudflare
vary: X-W-SSL,Accept-Encoding,User-Agent
x-host: blu94.sf2p.intern.weebly.net
x-ua-compatible: IE=edge,chrome=1

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 206 KB
29 KB 166ms
58ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu109.sf2p.intern.weebly.net
content-encoding: gzip
etag: W/"671acccb-337f6"
age: 355585
expires: Mon, 11 Nov 2024 12:50:19 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 22:40:11 GMT
x-cache-hits: 44, 0
x-served-by: cache-sjc10058-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074649,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29663
server: nginx

GET
H2 200 fancybox.css
cdn2.editmysite.com/css/old/ 4 KB
1 KB 256ms
147ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/fancybox.css?1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu74.sf2p.intern.weebly.net
content-encoding: gzip
etag: "671accd2-f47"
age: 357060
expires: Mon, 11 Nov 2024 12:25:44 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css
last-modified: Thu, 24 Oct 2024 22:40:18 GMT
x-cache-hits: 129, 0
x-served-by: cache-sjc10038-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074150,VS0,VE4
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1218
server: nginx

GET
H2 200 social-icons.css
cdn2.editmysite.com/css/ 13 KB
2 KB 255ms
147ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fe92905bd2e3601891da87fd1f8475282213f14f3a7a73c38654c60a61328e7c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu83.sf2p.intern.weebly.net
content-encoding: gzip
etag: W/"67183d04-3319"
age: 797177
expires: Wed, 06 Nov 2024 10:10:27 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css
last-modified: Wed, 23 Oct 2024 00:02:12 GMT
x-cache-hits: 241, 0
x-served-by: cache-sjc1000140-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074166,VS0,VE3
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1639
server: nginx

GET
H2 200 main_style.css
downyup6b0.weebly.com/files/ 38 KB
7 KB 238ms
235ms Stylesheet
text/css 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/files/main_style.css?1558799481
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: b412779483065a97c2811af27399c94ba2907a8ff8d4d2e9b37b04d8617a2cef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-host: blu65.sf2p.intern.weebly.net
access-control-allow-methods: GET, POST, DELETE, OPTIONS
cf-ray: 8dbcf6510888e532-TXL
access-control-allow-origin: *
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, Authorization, Content-Type

GET
H2 200 css
fonts.googleapis.com/ 2 KB
503 B 154ms
62ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:400,300,700&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c37afc63e7b0d23871479d3ec0c5de7b1ae24354a2b568476b62b4facf4cf6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:36:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
613 B 150ms
58ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Pacifico&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

267c14bfa23e3178e3386b4622be0eebc8b846b9e17652c17f77ad147dbca7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:36:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 150ms
59ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5c89d59b365fc899550944397fd6b2351a6882aeb1aa4ea5e4fca595c2c6766

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:24:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
888 B 140ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=News+Cycle:400,700&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fd04f0f5e2e88de7e2dd96f35f6064aa59e93db3b517417831d003d5d0039011

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:36:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 5 KB
697 B 153ms
62ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f1d01a21d68d22f958b07f503dedba71bb7a07b7ddbb29512e2e69e6f0995d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 13:44:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 4 KB
610 B 151ms
61ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cardo:400,700,400italic&subset=latin,latin-ext

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

431b643d68767464579b7df161c5d4037a26ddb813a29d6725f3bd90bab00af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:36:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:36:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 templateArtifacts.js Show response
downyup6b0.weebly.com/files/ 7 KB
2 KB 241ms
239ms Script
application/x-javascript 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/files/templateArtifacts.js?1558799481
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
x-host: grn73.sf2p.intern.weebly.net
access-control-allow-methods: GET, POST, DELETE, OPTIONS
cf-ray: 8dbcf651088ee532-TXL
access-control-allow-origin: *
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/x-javascript
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, Authorization, Content-Type

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 133ms
41ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
age: 25901
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 08:25:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 08:25:04 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33593
x-xss-protection: 0
server: sffe

GET
H2 200 stl.js Show response
cdn2.editmysite.com/js/lang/en/ 184 KB
34 KB 158ms
52ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1558740950&
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f86eaecbb74174ebb700cc768966211e698a7e6bf6b19227cd0b89db43e14a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: grn26.sf2p.intern.weebly.net
content-encoding: gzip
etag: "671acc90-2e1ed"
age: 450098
expires: Sun, 10 Nov 2024 10:35:07 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 22:39:12 GMT
x-cache-hits: 168, 0
x-served-by: cache-sjc1000126-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074614,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34209
server: nginx

GET
H2 200 main.js Show response
cdn2.editmysite.com/js/site/ 470 KB
145 KB 156ms
50ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 55f966d09afc4a653a1f26b57e57412d5c42191d5692157d94110b23ca74c9d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu158.sf2p.intern.weebly.net
content-encoding: gzip
etag: "67190aaa-7568d"
age: 777421
expires: Wed, 06 Nov 2024 15:39:44 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 14:39:38 GMT
x-cache-hits: 40, 0
x-served-by: cache-sjc10069-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074625,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 147761
server: nginx

GET
H2 200 theme-plugins.js Show response
cdn2.editmysite.com/js/site/ 12 KB
4 KB 156ms
50ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/theme-plugins.js?buildTime=1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 31e2acd46027f7dd6c2910580dfbc039dd50280a0596afc845928f657857afaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu85.sf2p.intern.weebly.net
content-encoding: gzip
etag: "671acce8-314e"
age: 413838
expires: Sun, 10 Nov 2024 20:39:27 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Thu, 24 Oct 2024 22:40:40 GMT
x-cache-hits: 21, 0
x-served-by: cache-sjc1000146-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.074543,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3748
server: nginx

GET nonton-witchs-love-2018-subtitle-indonesia-236x350.jpg
dramaqu.net/wp-content/uploads/2018/08/ 0
0

GET parasyte-part-1-2014.jpg
img.sukipli.com/ 0
0

GET
H2 200 YL-cU_ckGbvX4x5mU-MyLtGkUIsQuYqQIOc_fHgmMi98PbDTkwgeSCvgUzEpZtiEH6iwcenQCNBS
lh3.googleusercontent.com/ 45 KB
46 KB 385ms
289ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YL-cU_ckGbvX4x5mU-MyLtGkUIsQuYqQIOc_fHgmMi98PbDTkwgeSCvgUzEpZtiEH6iwcenQCNBS

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0018b882be5277856098a1a1f753bf1d23cdad0939bcf1222e6ead7670b7be55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v1"
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 15:36:45 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46459
date: Fri, 01 Nov 2024 15:36:45 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="unnamed.jpg"

GET nonton-my-id-is-gangnam-beauty-subtitle-indonesia-236x350.jpg
dramaqu.net/wp-content/uploads/2018/07/ 0
0

GET
H2 200 MV5BMjYyNDczNTE0MF5BMl5BanBnXkFtZTgwNjkzNDYxMzE@._V1_UX182_CR0,0,182,268_AL_.jpg
m.media-amazon.com/images/M/ 20 KB
21 KB 160ms
46ms Image
image/jpeg 2600:9000:275d:9600:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/M/MV5BMjYyNDczNTE0MF5BMl5BanBnXkFtZTgwNjkzNDYxMzE@._V1_UX182_CR0,0,182,268_AL_.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:9600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 2b75c5b68ede508d5d679d4177a80e619585c62fd6ad8bad103d6eca38e83af9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-amz-ir-id: 21ec6d11-1252-4234-be8c-a599b1230633
surrogate-key: x-cache-542 /images/M/MV5BMjYyNDczNTE0MF5BMl5BanBnXkFtZTgwNjkzNDYxMzE@
age: 1322790
expires: Tue, 27 Sep 2044 10:55:56 GMT
alt-svc: h3=":443"; ma=86400
server-timing: provider;desc="cf"
x-cache: Hit from cloudfront
x-amz-cf-id: FvyqWiE5UslKZJd1xiW5MxeSrTJ_sEeqoSGuYM7RFcsvjXVnCLK_1g==
date: Wed, 02 Oct 2024 10:55:56 GMT
content-type: image/jpeg
last-modified: Thu, 30 Oct 2014 20:27:21 GMT
x-nginx-cache-status: HIT
edge-cache-tag: x-cache-542,/images/M/MV5BMjYyNDczNTE0MF5BMl5BanBnXkFtZTgwNjkzNDYxMzE@
cache-control: max-age=630720000,public
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20828
x-amz-cf-pop: FRA56-P11
server: Server

GET kumpulan-gambar-dan-foto-gerak-lucu-dp-bbm-gif-terbaru-2017-nah-buat-sobat-yang-sedang-mencari-gambar-bergerak-burung-kenari-admin-sudah-siapkan-dp-bbm-burung-canary-animasi-gif-terbaru-yang-dapat-...
drawinglics.com/view/1612595/ 0
0

GET de5cd4e9a9809bd588f78f45ead99432_200x200.png
img.phone.baidu.com/public/uploads/store_5/2/6/7/ 0
0

GET
H2 200 bUiqXd7C-VTzln9wALZLHijbBVzTHEJdnuHhVBvO8Zl9SdtqmjuD0qWSj_q34hj-rdw=h900
static-s.aa-cdn.net/img/gp/20600004960087/ 524 KB
526 KB 875ms
738ms Image
image/png 23.53.43.67
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static-s.aa-cdn.net/img/gp/20600004960087/bUiqXd7C-VTzln9wALZLHijbBVzTHEJdnuHhVBvO8Zl9SdtqmjuD0qWSj_q34hj-rdw=h900

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.53.43.67 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-53-43-67.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

be06ddd669cec07b8b445a7ae45859889881f78fb1bfa31b1389e47ac4e0b0cb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: ;script-src * 'self' 'unsafe-inline' 'unsafe-eval' ;worker-src * blob: ;style-src * 'unsafe-inline' data: ;frame-ancestors 'self' static-s.aa-cdn.net .appannie.com .appannie.com.cn .data.ai .appannie.org .sharepoint.com .officeapps.live.com https://onedrive.live.com rise.articulate.com scorm.thoughtindustries.com ;img-src * data: blob: ;font-src * data: ;media-src * data: blob: ;base-uri 'self' d6tizftlrpuof.cloudfront.net manifest.prod.boltdns.net secure.brightcove.com ;connect-src * data: blob: wss://api.appcues.net;report-uri https://o4504021391179776.ingest.sentry.io/api/4506500663869440/security/?sentry_key=400dd28a21b5f83ea17a22570010618a;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: default-src * data: blob: ;script-src * 'self' 'unsafe-inline' 'unsafe-eval' ;worker-src * blob: ;style-src * 'unsafe-inline' data: ;frame-ancestors 'self' static-s.aa-cdn.net *.appannie.com *.appannie.com.cn *.data.ai *.appannie.org *.sharepoint.com *.officeapps.live.com https://onedrive.live.com rise.articulate.com scorm.thoughtindustries.com ;img-src * data: blob: ;font-src * data: ;media-src * data: blob: ;base-uri 'self' d6tizftlrpuof.cloudfront.net manifest.prod.boltdns.net secure.brightcove.com ;connect-src * data: blob: wss://api.appcues.net;report-uri https://o4504021391179776.ingest.sentry.io/api/4506500663869440/security/?sentry_key=400dd28a21b5f83ea17a22570010618a;
cache-control: max-age=2591966
z_edgeip: 23.53.43.67
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:36:12 GMT
access-control-allow-origin: https://www.data.ai
content-length: 536910
x-xss-protection: 1; mode=block
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/png
last-modified: Mon, 09 Nov 2015 22:43:24 GMT
server: nginx
x-frame-options: SAMEORIGIN

GET

gambar-kata-kata-cinta-lucu-modus-banget.jpg
katagambarku.wordpress.com/wp-content/uploads/2015/08/
Redirect Chain

https://katagambarku.files.wordpress.com/2015/08/gambar-kata-kata-cinta-lucu-modus-banget.jpg?w=450&h=450
https://katagambarku.wordpress.com/wp-content/uploads/2015/08/gambar-kata-kata-cinta-lucu-modus-banget.jpg?w=450&h=450

0
0

GET kimi-no-na-wa-720p-mp4.jpg
burgers-lyon.com/gallery/ 0
0

GET
H2

200

b445f3928f137f7da46aab044d4b8109.jpg
i.pinimg.com/originals/b4/45/f3/
Redirect Chain

https://s-media-cache-ak0.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg
https://i.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg

124 KB
124 KB

271ms
270ms

Image
image/jpeg

2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3cb145926fb659a96dc82f5cf36fee0ea92fd9798afe307e4055914443a6e87f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cache-control: max-age=31536000, immutable
etag: "8779f5a6f671158123791ef65839d7cb"
x-cdn: fastly
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 127287
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/jpeg
vary: Origin

Redirect headers

accept-ranges: bytes
retry-after: 0
location: https://i.pinimg.com/originals/b4/45/f3/b445f3928f137f7da46aab044d4b8109.jpg
content-length: 0
date: Fri, 01 Nov 2024 15:36:45 GMT
x-cdn: fastly
vary: Origin

GET
H2 200 b6e5b85b8b1900ce2a4e767c21c8630e.jpg
i.pinimg.com/236x/b6/e5/b8/ 14 KB
14 KB 302ms
180ms Image
image/jpeg 2a04:4e42::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/236x/b6/e5/b8/b6e5b85b8b1900ce2a4e767c21c8630e.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 77b4d70a9158355f9cb8e13db9dc67bb56da6d1ec28d4b8f57bde3c2c325a498

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cache-control: max-age=31536000, immutable
etag: "6372f4ea47cb0b63f6e257aa8e41a391"
x-cdn: fastly
accept-ranges: bytes
alt-svc: h3=":443";ma=600
content-length: 13895
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/jpeg
vary: Origin

GET
H2 200 51wXy21vkHL._SR600%2C315_PIWhiteStrip%2CBottomLeft%2C0%2C35_PIStarRatingFOURANDHALF%2CBottomLeft%2C360%2C-6_SR600%2C315_ZA(6%20Reviews)%2C445%2C291%2C400%2C400%2Carial%2C12%2C4%2C0%2C0%2C5_SCLZZZZZ...
images-na.ssl-images-amazon.com/images/I/ 35 KB
36 KB 321ms
318ms Image
image/jpeg 2600:9000:275d:9600:1d:d7f6:39d3:d9e1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-na.ssl-images-amazon.com/images/I/51wXy21vkHL._SR600%2C315_PIWhiteStrip%2CBottomLeft%2C0%2C35_PIStarRatingFOURANDHALF%2CBottomLeft%2C360%2C-6_SR600%2C315_ZA(6%20Reviews)%2C445%2C291%2C400%2C400%2Carial%2C12%2C4%2C0%2C0%2C5_SCLZZZZZZZ_.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:9600:1d:d7f6:39d3:d9e1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c50b15f613ee6404105bf7915feb42b8a1c564a43dc345bdfdf82db8170921cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-amz-ir-id: f5a64c70-831e-4f52-ad2f-e484d26899b6
surrogate-key: x-cache-888 /images/I/51wXy21vkHL
expires: Thu, 27 Oct 2044 15:36:45 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cdn-upstream-layer;desc="Origin Shield",cdn-upstream-dns;dur=0,cdn-upstream-connect;dur=0,cdn-upstream-fbl;dur=174,cdn-cache-miss,cdn-pop;desc="FRA56-P11",cdn-rid;desc="tKFvkKLlWTdZi1blIAtkmFV7jtdUYTAP44E-2FuBt38ZNqEoiXzsZA==",cdn-downstream-fbl;dur=272,provider;desc="cf"
x-cache: Miss from cloudfront
x-amz-cf-id: tKFvkKLlWTdZi1blIAtkmFV7jtdUYTAP44E-2FuBt38ZNqEoiXzsZA==
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/jpeg
last-modified: Thu, 01 Feb 2018 19:09:41 GMT
x-nginx-cache-status: MISS
edge-cache-tag: x-cache-888,/images/I/51wXy21vkHL
cache-control: max-age=630720000,public
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
via: 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35743
x-amz-cf-pop: FRA56-P11
server: Server

GET
H2 200 article-1363278-0D7B12AB000005DC-838_1024x615_large.jpg
i.dailymail.co.uk/i/pix/2011/03/05/ 87 KB
87 KB 233ms
116ms Image
image/jpeg 2a02:26f0:7100:995::16c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.dailymail.co.uk/i/pix/2011/03/05/article-1363278-0D7B12AB000005DC-838_1024x615_large.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:995::16c2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 89a154c36744031fee744c2d4ce24f269f73c84024ccb95fcd8153ce22d2b42b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

edge-cache-tag: /i/pix/2011/03/05/article-1363278-0D7B12AB000005DC-838_1024x615_large.jpg
cache-control: max-age=2592000
timing-allow-origin: *
etag: "5a0eadc64d2cd138948547e8b71a29fa:1299337561"
expires: Sun, 01 Dec 2024 15:36:45 GMT
accept-ranges: bytes
content-length: 88788
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/jpeg
last-modified: Sat, 05 Mar 2011 15:06:01 GMT
server: AkamaiNetStorage

GET
H2 404 hqdefault.jpg
i.ytimg.com/vi/StJGOZ7CWI0/ 1 KB
1 KB 153ms
52ms Image
image/jpeg 2a00:1450:4001:800::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/StJGOZ7CWI0/hqdefault.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cache-control: public, max-age=30
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:37:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1097
date: Fri, 01 Nov 2024 15:36:45 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: sffe

GET
H2 200 RM280-00061.jpg
i630.photobucket.com/albums/uu26/dramabeans/drama/2016/RM/RM_280/ 53 KB
54 KB 973ms
879ms Image
image/webp 18.66.192.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i630.photobucket.com/albums/uu26/dramabeans/drama/2016/RM/RM_280/RM280-00061.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-119.muc50.r.cloudfront.net

Software

photobucket /

Resource Hash

cd73a571154b0bdc8d12e14e063f5505245affa8f56b5a7a05c7abfd66d6bb8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-request-id: XijhEWmB0TKRqsrXNA_Bc
content-security-policy: script-src 'none'
cache-control: max-age=31536000, public
x-amzn-trace-id: Root=1-6724f58d-7c332c6b0c6428471b70a7c5
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 54296
x-amz-cf-id: 6ve4pluYdmJx7qbM1P_oO9aedsNAgld0_WN3babNyCzgOKMbMLfrDA==
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/webp
content-disposition: inline; filename="RM280-00061.webp"
server: photobucket
x-amz-cf-pop: MUC50-P1
vary: Accept, Origin

GET
H2 200 RM278-00234.jpg
i630.photobucket.com/albums/uu26/dramabeans/drama/2015/RM/RM_278/ 45 KB
45 KB 977ms
919ms Image
image/webp 18.66.192.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i630.photobucket.com/albums/uu26/dramabeans/drama/2015/RM/RM_278/RM278-00234.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-119.muc50.r.cloudfront.net

Software

photobucket /

Resource Hash

0acc829a9550d701f1777ff6b5cde6ba5a484a9fdb2e9f9b6fd7b34ba6748814

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-request-id: G6ZAjWX1lymnuYycrHGyn
content-security-policy: script-src 'none'
cache-control: max-age=31536000, public
x-amzn-trace-id: Root=1-6724f58d-39b9596548ca4fc14778eb0a
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 45960
x-amz-cf-id: Syh7eg6dqoEMMhQzG73oUw7bxQkYtWTqFik1rG0wQ1y7A73jHSTEeA==
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/webp
content-disposition: inline; filename="RM278-00234.webp"
server: photobucket
x-amz-cf-pop: MUC50-P1
vary: Accept, Origin

GET
H2 200 Cara-Download-File.jpg
4.bp.blogspot.com/-g7ebIPxma4o/WSQxOvcL7QI/AAAAAAAAGIc/fSA9ulfvLiEjUB-uO53hH71SHuV_r8ZxQCLcB/s1600/ 54 KB
55 KB 572ms
448ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-g7ebIPxma4o/WSQxOvcL7QI/AAAAAAAAGIc/fSA9ulfvLiEjUB-uO53hH71SHuV_r8ZxQCLcB/s1600/Cara-Download-File.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b42c49aff2a698ec8c21c7958cb22a79022fb50908727eb3ac49f7d91187f223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v188a"
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 15:36:46 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55699
date: Fri, 01 Nov 2024 15:36:46 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="Cara-Download-File.jpg"

GET
H2 200 cara-download-di-scribd-gratis-tanpa-login-dan-upload.png
penaindigo.com/wp-content/uploads/2016/03/ 9 KB
9 KB 971ms
201ms Image
image/png 151.106.118.109
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://penaindigo.com/wp-content/uploads/2016/03/cara-download-di-scribd-gratis-tanpa-login-dan-upload.png

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.106.118.109 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv119.niagahoster.com

Software

LiteSpeed /

Resource Hash

30cba2d2d1ff3a5e75fc70f38453e961a2b05fa614cfdfe4e8102cdd33b9f88a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=10368000,public
x-content-type-options: nosniff
expires: Sat, 01 Mar 2025 15:36:46 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9012
date: Fri, 01 Nov 2024 15:36:46 GMT
x-xss-protection: 1; mode=block
content-type: image/png
last-modified: Wed, 30 Nov 2016 04:27:34 GMT
server: LiteSpeed
platform: hostinger
vary: User-Agent,Accept-Encoding

GET
H2 200 buku-publikasi-efektif-di-internet-panduan-khusus-untuk-calon-ataupun-anggota-divisi-penerangan-kalam-upipdf-69-638.jpg
image.slidesharecdn.com/bukupublikasiefektifdiinternetpanduankhususuntukcalonataupunanggotadivisipenerangankalamupi-140126061009-phpapp01/95/ 7 KB
8 KB 363ms
248ms Image
image/webp 151.101.130.152
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.slidesharecdn.com/bukupublikasiefektifdiinternetpanduankhususuntukcalonataupunanggotadivisipenerangankalamupi-140126061009-phpapp01/95/buku-publikasi-efektif-di-internet-panduan-khusus-untuk-calon-ataupun-anggota-divisi-penerangan-kalam-upipdf-69-638.jpg?cb=1390716840
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.152 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c80349d807fc368a6fb2799f3dbfe8a18d1d1271d37381ebb41fd73cfb1ff2ee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

fastly-io-info: ifsz=16546 idim=638x826 ifmt=jpeg ofsz=7410 odim=638x826 ofmt=webp
etag: "Jin5gQS7pno9A3fA5fMe4//xPU/ebQ3oHlTR08W/LsY"
x-amz-version-id: null
age: 0
expires: Sat, 01 Nov 2025 15:36:45 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: MISS, MISS
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/webp
x-served-by: cache-iad-kcgs7200075-IAD, cache-fra-etou8220052-FRA
x-cache-hits: 0, 0
x-amz-id-2: 8DZ5y5rigAUVHZx95aBd978bEubGEwDwW+pJN9XoTMINrm6QiQzIERfONea21sH0+d5JYOFSjkI=
fastly-stats: io=1
vary: Accept
cache-control: max-age=31536000
x-timer: S1730475406.795201,VS0,VE177
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: GYDCCW9GCG82BJKV
accept-ranges: bytes
content-length: 7410
fastly-io-served-by: vpop-kiad7010216
server: AmazonS3

GET
H2

200

scribd1.png
gatotkacatulanglunak.wordpress.com/wp-content/uploads/2014/06/
Redirect Chain

https://gatotkacatulanglunak.files.wordpress.com/2014/06/scribd1.png?w=300&h=224
https://gatotkacatulanglunak.wordpress.com/wp-content/uploads/2014/06/scribd1.png?w=300&h=224

21 KB
22 KB

287ms
265ms

Image
image/webp

192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gatotkacatulanglunak.wordpress.com/wp-content/uploads/2014/06/scribd1.png?w=300&h=224

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ddc17134b4cdcf7ac6e2a836002de31591748a041e3fcb6a41cf21e5df72b938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

strict-transport-security: max-age=31536000
expires: Fri, 22 Nov 2024 07:10:06 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 21750
date: Fri, 01 Nov 2024 15:36:46 GMT
x-ac: 1.hhn _dfw MISS
content-type: image/webp
last-modified: Tue, 03 Jun 2014 07:33:14 GMT
server: nginx
vary: Accept

Redirect headers

location: https://gatotkacatulanglunak.wordpress.com/wp-content/uploads/2014/06/scribd1.png?w=300&h=224
x-nc: hhn 22 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: text/html
server: nginx

GET
H2 200 Free-Glitch-Premiere-Pro-Presets.jpg
motionarray-content.imgix.net/post-images/ 52 KB
52 KB 205ms
59ms Image
image/jpeg 2a04:4e42:600::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://motionarray-content.imgix.net/post-images/Free-Glitch-Premiere-Pro-Presets.jpg?w=3200&h=1200&fit=crop

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

5765b8a97aa9a8bf0c187a2deac6bb6b8d3b998f52054e77cd8e91762b57ea6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-served-by: cache-chi-klot8100127-CHI, cache-fra-eddf8230150-FRA, cache-mxp6928-MXP
cache-control: public, max-age=31536000
timing-allow-origin: *
age: 314693
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT, MISS
content-length: 53129
date: Fri, 01 Nov 2024 15:36:46 GMT
last-modified: Tue, 29 Oct 2024 00:11:53 GMT
content-type: image/jpeg
server: imgix
x-imgix-id: d7de54a3d4d904a761130424aaa021441d10fc14

GET
H2 404 C0011.00_04_41_07.Still001.jpg
i2.wp.com/bjkproduction.com/wp-content/uploads/2017/11/ 65 B
65 B 689ms
597ms Image
text/html 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.wp.com/bjkproduction.com/wp-content/uploads/2017/11/C0011.00_04_41_07.Still001.jpg?resize=1200%2C500&ssl=1
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: i1.wp.com
Software: nginx /
Resource Hash: 3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

alt-svc: h3=":443"; ma=86400
x-nc: MISS hhn 4
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 adobe_premiere_pro_cs4_scr.jpg
www.manifest-tech.com/images/links/vid_gallery_scr/ 43 KB
43 KB 871ms
247ms Image
image/jpeg 216.92.142.12
PAIR-NETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.manifest-tech.com/images/links/vid_gallery_scr/adobe_premiere_pro_cs4_scr.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.92.142.12 , United States, ASN7859 (PAIR-NETWORKS, US),
Reverse DNS: manifest-tech.com
Software: Apache /
Resource Hash: 96df56d9a6409713ea0e071bab760c3a521e158abd05a25d9869c09dda6af877

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

accept-ranges: bytes
content-length: 43527
etag: "aa07-55cf83abc68f5"
date: Fri, 01 Nov 2024 15:36:46 GMT
last-modified: Thu, 02 Nov 2017 04:14:50 GMT
content-type: image/jpeg
server: Apache

GET
H3 200 Elegant-Broadcast-Package-Free-Download-After-Effects-Templates.jpg
vfxdownload.com/wp-content/uploads/2015/10/ 297 KB
298 KB 489ms
413ms Image
image/jpeg 172.67.221.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfxdownload.com/wp-content/uploads/2015/10/Elegant-Broadcast-Package-Free-Download-After-Effects-Templates.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.221.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb8f3bae406f649e9436624f208efed4453831f552d50f31c17215064a476d27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTh8o1OhAY2xmhb8Ns1fZe9MH01i7q2zFrvj7rSkm3NKEQlfYxqqrVdI4tsaiUaygqIdPq2G00nnjA%2BwBPn80r5aN%2B%2BwUuQ7QJlBhbe6eVAoAsohXx%2BuQ06nmeeEPXNoclE%3D"}],"group":"cf-nel","max_age":604800}
expires: max-age=A10368000, public
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=55077&sent=13&recv=11&lost=2&retrans=2&sent_bytes=4211&recv_bytes=4551&delivery_rate=374&cwnd=8400&unsent_bytes=0&cid=6917e0d7f8f249b1&ts=417&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/jpeg
last-modified: Sat, 03 Dec 2022 08:03:59 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=10368000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8dbcf6594a56026d-CDG
accept-ranges: bytes
content-length: 304048
server: cloudflare

GET Movie_Poster_AE_Template.jpg
www.freeaetemplates.com/wp-content/uploads/2017/06/ 0
0

GET
H2 200 Best-After-Effect-Template-for-Youtube.jpg
images.template.net/wp-content/uploads/2015/08/ 37 KB
37 KB 499ms
402ms Image
image/jpeg 34.160.157.24
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.template.net/wp-content/uploads/2015/08/Best-After-Effect-Template-for-Youtube.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.157.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 24.157.160.34.bc.googleusercontent.com
Software: AmazonS3 /
Resource Hash: cbb33847091adc3a066c974949a35ad38613f9a6f6fcf6c203c12ee78a689267

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-cache-status: miss
cache-control: public,max-age=31622400
x-amz-version-id: null
etag: "a7549a7ff4648ad6904a04a75b0ae688"
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront), 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: Miss from cloudfront
content-length: 37782
x-amz-cf-id: LXI8lU6qm_EiNfK2bRSX-dKWWyEqExo4jZobhnSZR2KkkGraiGsqhA==
date: Fri, 01 Nov 2024 15:36:47 GMT
content-type: image/jpeg
last-modified: Fri, 22 Apr 2016 11:31:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5

GET
H2 200 screen-0.jpg
image.winudf.com/v2/image/c2VtYm9kby5uZXduYXJ1dG9zaGlwcHVkZW51bHRpbWF0ZW5pbmphc3Rvcm00Y2hlYXRfc2NyZWVuXzBfMTUwMzY3OTI0M18wMDM/ 24 KB
25 KB 329ms
236ms Image
image/jpeg 2606:4700:20::681a:816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image.winudf.com/v2/image/c2VtYm9kby5uZXduYXJ1dG9zaGlwcHVkZW51bHRpbWF0ZW5pbmphc3Rvcm00Y2hlYXRfc2NyZWVuXzBfMTUwMzY3OTI0M18wMDM/screen-0.jpg?h=355&fakeurl=1&type=.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:816 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b05985f00c15f154da2b8a88a695aa909130e3ef9df5cfdd07163853f76d835b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cf-cache-status: MISS
etag: 89cc8bad
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mp46vzZaH4GoocntiwvZnekgA7uXc37BqxsiHV3XKYh0PXoNNXuvqZX3VOQxmu0xsUAc88MGZz0oHGHP9FOzcGGRNTE%2BFke4hiVap8JjALG%2BzxseoKs2SHJKiNI7w%2F%2BwYvkWgSNCE5liemNxWQg%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/jpeg
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
cf-ray: 8dbcf65acfd1d275-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24620
server: cloudflare

GET
H2 200 na0.png
4.bp.blogspot.com/--iDr60T9FMM/VitLqCYu2nI/AAAAAAAAnDU/PO-iLEZAx4Y/s200/ 67 KB
68 KB 442ms
441ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/--iDr60T9FMM/VitLqCYu2nI/AAAAAAAAnDU/PO-iLEZAx4Y/s200/na0.png

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

78d41cb035242947847d1f96192c509b6cba6d2b93d9d937cf7b6a378b7893d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v9c36"
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 15:36:46 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69057
date: Fri, 01 Nov 2024 15:36:46 GMT
x-xss-protection: 0
content-type: image/png
vary: Origin
server: fife
content-disposition: inline;filename="na0.png"

GET
H2 200 naruto-shippuden-ultimate-ninja-storm-4-android-dan-pc-terbaru-1.jpg
3.bp.blogspot.com/-LFM5dYU4M3g/WMdUQLFtLsI/AAAAAAAABHQ/Qmvttch58uA_YdbTA2UVE1ntURHoaLNfgCLcB/s1600/ 277 KB
277 KB 457ms
443ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-LFM5dYU4M3g/WMdUQLFtLsI/AAAAAAAABHQ/Qmvttch58uA_YdbTA2UVE1ntURHoaLNfgCLcB/s1600/naruto-shippuden-ultimate-ninja-storm-4-android-dan-pc-terbaru-1.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

97f5ff171f57850fa82bee6fad3747efd6677cc9a18893b129d8a79cb8894468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-expose-headers: Content-Length
timing-allow-origin: *
cache-control: public, max-age=86400, no-transform
etag: "v476"
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 15:36:46 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283546
date: Fri, 01 Nov 2024 15:36:46 GMT
x-xss-protection: 0
content-type: image/jpeg
vary: Origin
server: fife
content-disposition: inline;filename="naruto-shippuden-ultimate-ninja-storm-4-android-dan-pc-terbaru-1.jpg"

GET
H2 200 bee%2Bmovie%2B1.jpg
1.bp.blogspot.com/-jC-AbQuk6AM/WCMxNtwi-2I/AAAAAAAAVxQ/i_4bf_Aqh9IIrneXSax3uQrN9ffAKGMtQCEw/s1600/ 167 KB
168 KB 419ms
419ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-jC-AbQuk6AM/WCMxNtwi-2I/AAAAAAAAVxQ/i_4bf_Aqh9IIrneXSax3uQrN9ffAKGMtQCEw/s1600/bee%2Bmovie%2B1.jpg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

02c29ae3cf494cc14747ccb7ef6792445b6589a8d2cd82ffc4133b884eb3f597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v5714"
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 15:36:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/jpeg
vary: Origin
content-disposition: inline;filename="bee movie 1.jpg"
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 171519
x-xss-protection: 0
server: fife

GET
H2 200 cara-download-video-facebook-di-android-5.jpeg
assets.jalantikus.com/assets/cache/560/500/userfiles/2016/09/07/ 85 KB
85 KB 824ms
406ms Image
image/jpeg 124.155.223.231
STARHUB-INTERNET ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.jalantikus.com/assets/cache/560/500/userfiles/2016/09/07/cara-download-video-facebook-di-android-5.jpeg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.155.223.231 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),

Reverse DNS

124.155.223-231.unknown.starhub.net.sg

Software

nginx / PHP/7.2.34

Resource Hash

7c3c69cfdb102104bddcf12230d5a3ca11af539ae3aa66676da1b9112ba97d12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cache-control: public, no-transform, max-age=604800
etag: cda647c2e18bb143539a9c7d13f5a678
expires: Fri, 08 Nov 2024 15:36:47 GMT
date: Fri, 01 Nov 2024 15:36:47 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
x-powered-by: PHP/7.2.34
server: nginx
last-modified: Fri, 01 Nov 2024 15:36:47 GMT

GET
H/1.1 200
OK win01.png
b1.org/img/win/ 125 KB
126 KB 365ms
116ms Image
image/png 83.222.126.244
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1.org/img/win/win01.png
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 83.222.126.244 , Russian Federation, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e3b02080857b50d32af31142b068a3d9f9e3fe2e91bba974409f0eb3497bd72d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

etag: W/"128313-1610357760000"
connection: close
accept-ranges: bytes
content-length: 128313
date: Fri, 01 Nov 2024 15:36:47 GMT
last-modified: Mon, 11 Jan 2021 09:36:00 GMT
content-type: image/png
server: Apache-Coyote/1.1

GET

skin-1-1024x786.png
www.magicplan.app/wp-content/uploads/
Redirect Chain

https://www.magic-plan.com/wp-content/uploads/skin-1-1024x786.png
https://magicplan.app/wp-content/uploads/skin-1-1024x786.png
https://www.magicplan.app/wp-content/uploads/skin-1-1024x786.png

0
0

GET
H2 200 banner-cara-hemat-kuota-streaming-video-youtube-hp-android.jpeg
assets.jalantikus.com/assets/cache/1380/600/tips/2015/11/24/ 48 KB
48 KB 687ms
647ms Image
image/jpeg 124.155.223.231
STARHUB-INTERNET ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.jalantikus.com/assets/cache/1380/600/tips/2015/11/24/banner-cara-hemat-kuota-streaming-video-youtube-hp-android.jpeg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

124.155.223.231 Singapore, Singapore, ASN4657 (STARHUB-INTERNET StarHub Ltd, SG),

Reverse DNS

124.155.223-231.unknown.starhub.net.sg

Software

nginx / PHP/7.2.34

Resource Hash

34f508542d40b6bd5c72c58eb3ecb4f8de67d70aa3a2c6ea9c6279b7f1129321

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cache-control: public, no-transform, max-age=604800
etag: 64ae164f1a98d42df60c9e5543899839
expires: Fri, 08 Nov 2024 15:36:47 GMT
date: Fri, 01 Nov 2024 15:36:47 GMT
x-xss-protection: 1; mode=block
content-type: image/jpeg
x-powered-by: PHP/7.2.34
server: nginx
last-modified: Fri, 01 Nov 2024 15:36:47 GMT

GET
H2 200 69IBqgf.png
i.imgur.com/ 59 KB
59 KB 265ms
177ms Image
image/png 199.232.192.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/69IBqgf.png

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

7269aa083f5a76e416c5e0c7bdd05eae45fee1f0ba15986ad1796c8cb42330c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

etag: "cf03419d1914db064c14c24d952c1af1"
age: 0
access-control-allow-methods: GET, OPTIONS
x-content-type-options: nosniff
x-cache: Miss from cloudfront, MISS, MISS
x-amz-cf-id: Diq3JNskTA0Ww8G_AQqcEoS7Yp8TsHAtPYFWwi_cmFWunBhdYaCkTw==
date: Fri, 01 Nov 2024 15:36:47 GMT
content-type: image/png
last-modified: Wed, 03 Jan 2018 03:34:06 GMT
x-cache-hits: 0, 0
x-served-by: cache-iad-kiad7000101-IAD, cache-fra-etou8220034-FRA
strict-transport-security: max-age=300
cache-control: public, max-age=31536000
x-timer: S1730475407.099075,VS0,VE137
accept-ranges: bytes
access-control-allow-origin: *
content-length: 60084
x-amz-cf-pop: IAD12-P2
server: cat factory 1.0

GET
H2 200 Pengajuan-lembur-rekap-input2.PNG
sixghakreasi.com/lampiran/ 72 KB
72 KB 918ms
440ms Image
image/png 2a02:4780:3:1200:0:2024:566b:2
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sixghakreasi.com/lampiran/Pengajuan-lembur-rekap-input2.PNG

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:3:1200:0:2024:566b:2 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

b80426df10ac3371530a06ea7fb982a3de3980c5c0be3ba1dd28e1007b06ce21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-security-policy: upgrade-insecure-requests
cache-control: public, max-age=604800
etag: "11ff8-5fc891e5-90ccedf6869ad402;;;"
expires: Fri, 08 Nov 2024 15:36:47 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 73720
date: Fri, 01 Nov 2024 15:36:47 GMT
content-type: image/png
last-modified: Thu, 03 Dec 2020 07:21:09 GMT
server: LiteSpeed
platform: hostinger
panel: hpanel

GET
H2

200

absensi-online.png
ri32.wordpress.com/wp-content/uploads/2010/11/
Redirect Chain

https://ri32.files.wordpress.com/2010/11/absensi-online.png
https://ri32.wordpress.com/wp-content/uploads/2010/11/absensi-online.png

38 KB
39 KB

250ms
241ms

Image
image/png

192.0.78.12
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ri32.wordpress.com/wp-content/uploads/2010/11/absensi-online.png

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Server

192.0.78.12 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9d1e2ad9245d6d253da0b330b939cc15bb6153659976933e3f018ca8f7c03896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

strict-transport-security: max-age=31536000
expires: Wed, 04 Dec 2024 12:01:44 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 39260
date: Fri, 01 Nov 2024 15:36:47 GMT
x-ac: 1.hhn _dfw MISS
content-type: image/png
last-modified: Tue, 23 Nov 2010 07:07:27 GMT
server: nginx

Redirect headers

strict-transport-security: max-age=31536000
location: https://ri32.wordpress.com/wp-content/uploads/2010/11/absensi-online.png
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Fri, 01 Nov 2024 15:36:47 GMT
x-ac: 1.hhn _dfw BYPASS
content-type: text/html
server: nginx

GET
H2 200 bg_feed.gif
cdn2.editmysite.com/images/old/ 299 B
780 B 49ms
48ms Image
image/gif 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/old/bg_feed.gif
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 7082d702280aeb204b77e214abe9b35251155664449f8683c0290d9d71dce05a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-goog-metageneration: 6
x-goog-hash: crc32c=SE8U5w==, md5=l0qOoqi4bD2Zz+9d0eKIJw==
etag: "974a8ea2a8b86c3d99cfef5dd1e28827"
age: 218647
x-goog-stored-content-encoding: identity
expires: Fri, 18 Oct 2024 02:48:00 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 299
x-cache: HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
last-modified: Thu, 25 May 2017 18:44:03 GMT
content-type: image/gif
x-served-by: cache-mxp6930-MXP
x-cache-hits: 69
x-guploader-uploadid: AHmUCY0IiTLsJ6w2BOvXOPu8jZby8PIIlDGGFnLnY8w9VMw9NxJwBsrPvlXvj11zMWTVAewF-Nk
cache-control: public, max-age=86400, s-maxage=259200
x-goog-storage-class: STANDARD
x-timer: S1730475405.272273,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1495737843178700
content-length: 299
server: UploadServer

GET
H2 200 footer-toast-published-image-1.png
cdn2.editmysite.com/images/site/footer/ 9 KB
10 KB 50ms
48ms Image
image/png 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
age: 43209
x-goog-stored-content-encoding: identity
expires: Sat, 05 Oct 2024 03:33:52 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 9677
x-cache: HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
content-type: image/png
x-served-by: cache-mxp6930-MXP
x-cache-hits: 278
x-guploader-uploadid: AD-8ljvpRCxt6hCJrX4uNHQklpfEskP-JQl9kR8s4U_UWukpoHmPox8kH5qMeaGMFS70_OykePs
cache-control: public, max-age=86400, s-maxage=259200
x-goog-storage-class: STANDARD
x-timer: S1730475405.272664,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1549995548326466
content-length: 9677
server: UploadServer

GET
H2 200 footerSignup.js Show response
cdn2.editmysite.com/js/site/ 4 KB
2 KB 53ms
48ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1730420440
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu25.sf2p.intern.weebly.net
content-encoding: gzip
etag: "672412ba-e10"
age: 54873
expires: Fri, 15 Nov 2024 00:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Thu, 31 Oct 2024 23:28:58 GMT
x-cache-hits: 28, 347
x-served-by: cache-sjc1000110-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.271934,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1372
server: nginx

GET
H2 200 plugins.js Show response
downyup6b0.weebly.com/files/theme/ 83 KB
19 KB 216ms
211ms Script
application/javascript 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/files/theme/plugins.js
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"4cf5477130f7311a5f0af1ecaf425ee4"
x-amz-version-id: UExsGmciznuNnqi0UGAK3SsxfFoGVmJs
access-control-allow-methods: GET, POST, DELETE, OPTIONS
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Mon, 15 Apr 2024 21:34:34 GMT
vary: Accept-Encoding
x-storage-bucket: zb83c
x-amz-id-2: WfumPF/3wUBRyRegA1G/2Ehmiwd5LtUwkkKRJFjXuvjVULAEQfTJ04GZ20Oau5WFgm63fKysa8e+QWGpgBuGDw==
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cf-ray: 8dbcf652e8dbe532-TXL
x-amz-request-id: WDJ4MFWGFEFXJRJ2
access-control-allow-origin: *
x-storage-object: b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 custom.js Show response
downyup6b0.weebly.com/files/theme/ 3 KB
2 KB 237ms
232ms Script
application/javascript 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/files/theme/custom.js
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 2633e107e31ab6f570d822eb8a5dd35a61774468ae059119a017ee2a350708ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"975dabeca35d34f88438e998c2253463"
x-amz-version-id: NvIqYofCg.xgmluyOb0Ft8aLhIUxFAyb
access-control-allow-methods: GET, POST, DELETE, OPTIONS
x-amz-meta-mtime: 1681846376.796
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 12:55:55 GMT
vary: Accept-Encoding
x-storage-bucket: z2633
x-amz-id-2: qqjxQVhfDOczTKgVpD3YIxIMIzRR+0JsZLsOonlGwZje7Ho1zjE1MEfxwhIbojcPw21O6D3Rl1w=
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cf-ray: 8dbcf652e8dce532-TXL
x-amz-request-id: FS61Q5THN6GFB8PJ
access-control-allow-origin: *
x-storage-object: 2633e107e31ab6f570d822eb8a5dd35a61774468ae059119a017ee2a350708ba
x-amz-meta-btime: 2023-04-18T19:32:56.796Z
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 mobile.js Show response
downyup6b0.weebly.com/files/theme/ 10 KB
3 KB 840ms
835ms Script
application/javascript 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/files/theme/mobile.js
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: e73201bb09a6a17470f054c6941b24c51a2512fa2f6ab394ca32d42f5488198a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"b0c65f1ab616ec4033504e6404856092"
x-amz-version-id: UepzXmP65J_elzY1Tuq3qu0CFoQJjw8v
access-control-allow-methods: GET, POST, DELETE, OPTIONS
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: application/javascript
last-modified: Tue, 02 Apr 2024 05:27:43 GMT
vary: Accept-Encoding
x-storage-bucket: ze732
x-amz-id-2: RezX1EPzEc2O/TvYEJQbZDA6j5oCDx3a25LuekMoJjJI5WxfOfi4spX3a4HDwSHA9zdupgJa9Nd01mMidfOpIQ==
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cf-ray: 8dbcf652e8dfe532-TXL
x-amz-request-id: ZMRPEE41DVWGYGK2
access-control-allow-origin: *
x-storage-object: e73201bb09a6a17470f054c6941b24c51a2512fa2f6ab394ca32d42f5488198a
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 main-customer-accounts-site.js Show response
cdn2.editmysite.com/js/site/ 522 KB
156 KB 56ms
52ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1558740950
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c1cd4e7693f8c40d13259e8ac271cd0b6870875ca6c69b78d50aede9eeb63b67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu84.sf2p.intern.weebly.net
content-encoding: gzip
etag: "6717d60b-826d9"
age: 853400
expires: Tue, 05 Nov 2024 18:33:25 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: application/javascript
last-modified: Tue, 22 Oct 2024 16:42:51 GMT
x-cache-hits: 277, 0
x-served-by: cache-sjc1000128-SJC, cache-mxp6930-MXP
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475405.271898,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 159103
server: nginx

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 269ms
195ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?aYoiQMUx=S1FWAV1TDRZISFxYU1cCXg4AVABNUEBXQ1pAH1RYDVUTTwUXXRZNE11DXVAZQxNTEV0XDwQcW1hTXF1RQVgAFAEUVE9MCxZPW19VH1ZfEV9OB09PVBkABgYKHwYeA01RXBUtJxQ=
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd4ace1d68db90a11b0750e0c4b50f800eb8cf2c4b1dab1a5fc83e6cedb23d13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AUoS1VMbAsbGJcSPWsu4AmP3xVKo4lSdUv3lL4CqyqsZZ1AgtQCQsaMmrW8zs7WiS2QdMY6x92kXhNttHLDrns3DdXVxpyEj1JjYIAiHVauv2yh5s6MhksFtnZTW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=28&recv=14&lost=0&retrans=0&sent_bytes=15450&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=206&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa9722a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 eTmNhJZoqhM
www.youtube.com/embed/ Frame AFDF 0
0 286ms
192ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/eTmNhJZoqhM

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 O5l6MenfMQQ
www.youtube.com/embed/ Frame 0163 0
0 390ms
298ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/O5l6MenfMQQ

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 VKFsmZhQWtg
www.youtube.com/embed/ Frame 049E 0
0 201ms
109ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/VKFsmZhQWtg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 268ms
195ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?pwP=RFgBA1UPWxBISglZVFQBXl4GVlsdBhNRR1oSHlECXlNWQxgFUVYbCVNHBR5eUhFQHl4UW0RNWBwDHxVaRkhaX1MaVw5HVhtRHh9RGwcDVAgZAE0KHQgFHXp3TQ==
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 996157974d0b710839052a22ef35a271c43c2e3c2f6f465eaf225679ca8e1726

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yepH7Ctv94fly%2FveZ11%2BqCXH%2BeeQs3F7yelkzzZ3pEj44%2Bbonsc9%2FEs8BnVEjsWhE8eB6Z76u3084hkpP15cSZaZFUIR7qVygdhLyJgfd3j3NgFzeYJLRiLtFLSD"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=26&recv=14&lost=0&retrans=0&sent_bytes=14055&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=206&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa9322a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 t0JF-tMETg4
www.youtube.com/embed/ Frame 563B 0
0 352ms
261ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/t0JF-tMETg4

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6597-gDq184
www.youtube.com/embed/ Frame B6EE 0
0 356ms
266ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/6597-gDq184

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 265ms
192ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?LeVaXRT=R1AKVgBUXUVMTVxUWF4HVgoBA1YbV0IAQA9FHVhaXV8fV1cfCwJBVh1HRFoSUA1dDhkNGQccRA5ETV9YVxhUWUNXEwdJTwMZBAQAARULTwtNXFAYfnQc
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00d851399b56aa8fb76f1330f4666f312075f42ad9d31fd49a611417d6174522

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RE0AIkdq4Ohux83sqEUkonniAoPGMIPuEUJcsZl7MLp8qbfwnX8aqYibxTDOWO8%2F3jvz12o%2FqofnwQo%2FF%2FsXZlYgSsW9ULJmioglbJY2YMp3bnhPqKOu8x1nvuj0"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=22&recv=14&lost=0&retrans=0&sent_bytes=11264&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=203&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa8f22a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 YwrpzzG7UrQ
www.youtube.com/embed/ Frame 0100 0
0 357ms
269ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YwrpzzG7UrQ

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-X6PiJzsCTRmYMdm6rkpoFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 270ms
197ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?tqNzpIKyw=Fg0GVlwBWhcYQF9UVVNUW1oCBVEbBBYDQVFCSBdEW18MClMfVFdfTlAOChNRWlcfQkNQHg5PVE5BV0FIDF9RGgELQ1oSBR1JVxcACAUNHAYdBB5bU04tJhk=
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc55754271ceaf1d78fb6c90c927849fe308a8d5c6bc224679197d4efddc919e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pn3%2BNYRLmtWaQ5pVA7qZ0rdKKCgM%2FCE3M49AH4kCtsp240sR6NTH4VwePUiIuBA82w7IogPCwVPV2KaQv%2BEIigLIrt86g%2Fx8DQu6eohqm95X%2FrB2trNQONiz6Zk5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=30&recv=14&lost=0&retrans=0&sent_bytes=16850&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=207&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa9122a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 SnPa_h18LTg
www.youtube.com/embed/ Frame FCF8 0
0 247ms
160ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/SnPa_h18LTg

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 262ms
190ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?bDCo=S15TUlZRCEVCTAgPVVFVVghRUQYUVENWRV5KSloHFwATUwBCWk0QVEpcBwcfQlBXEwRNB1lKUEUdDhVRFRIKERNeD1QYAgxAVh5WTxgDHwtTVF9JCh8DG1hTFCh9Sg==
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e27e23961195928ae3f1a64c093440603a0780dee12a4cb956c14e35322441d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5v2wB%2Fz8yYXyaokIDwrY1%2BeiH1FsGhdRvZWRM%2F3eNeBypGILL0e2%2FLzTGdDP1F1ob0fB4Jsfh4IPKojbIhNeQYqT0x74uvscxX70RfXwdL0H34RPn66rlucvOvMl"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=20&recv=14&lost=0&retrans=0&sent_bytes=9864&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=202&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa8a22a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 0WM6MkmODbY
www.youtube.com/embed/ Frame 8BDA 0
0 399ms
313ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/0WM6MkmODbY

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 265ms
194ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?AAux=RAsGA1ABCkIYSQhfVgEHV10CUgYeA0tWRg1EE1ZdXVRSSUQTUFsIVRBVTkNFCUhbRQNOA0ABXBsLSAcUQ1ZCHV4MUEpRWRZeSQNJHwJIUQgHD0lXHlYVXlZJfnwb
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c33271c9f37f971b486ea77f5102d9c1ef368754516bc52a2e0aa5ed5b9ba3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w07E4yLiI%2FNIxyOufTCPVlp2vp4Y49LHVwwMk0qGD%2FKH0%2F%2Bx%2FgNsxdCN%2FwAOPswGB8nlRv1WAc0ZMGrURTk%2BCkraUctkdc7srMMxu4E%2B8xNseJsKKOH5Go6ZCgvv"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=24&recv=14&lost=0&retrans=0&sent_bytes=12659&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=204&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa8622a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 1VB_e8ZvviM
www.youtube.com/embed/ Frame 7F9E 0
0 367ms
283ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/1VB_e8ZvviM

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c1wC61IP-TU
www.youtube.com/embed/ Frame 6B01 0
0 401ms
319ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/c1wC61IP-TU

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1121023864.jpg
downyup6b0.weebly.com/uploads/1/1/7/8/117886239/background-images/ 390 KB
391 KB 237ms
237ms Image
image/jpeg 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downyup6b0.weebly.com/uploads/1/1/7/8/117886239/background-images/1121023864.jpg
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 9843c39b96888e30a7861731a8b49f79cd0f5d410ca9661e8a8a64063e1f8f8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

cf-cache-status: DYNAMIC
etag: "9cacaadf88f852a7a327fc2876965343"
x-amz-version-id: AS0DhPKn0P6pwaA64YkrZf3bwgJ5BU5F
access-control-allow-methods: GET, POST, DELETE, OPTIONS
x-amz-meta-mtime: 1605906939.948
x-amz-storage-class: INTELLIGENT_TIERING
expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/jpeg; charset=binary
last-modified: Fri, 12 Apr 2024 23:52:51 GMT
vary: Accept-Encoding
x-storage-bucket: z9843
x-amz-id-2: TjMM3eZs/8dNlW+PvxKM9Hmlk0Mca6KgFHrcHrnnFeyZRsQR96gXnlCxglJIc09uACzTYvvqMvM0fRXKdSOLLA==
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
cf-ray: 8dbcf652e917e532-TXL
x-amz-request-id: PMBTRF6AK9VB8MDV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 399630
x-storage-object: 9843c39b96888e30a7861731a8b49f79cd0f5d410ca9661e8a8a64063e1f8f8c
x-amz-meta-btime: 2020-11-20T21:15:39.948Z
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 scroll.png
downyup6b0.weebly.com/files/theme/images/ 1 KB
1 KB 251ms
251ms Image
image/png 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downyup6b0.weebly.com/files/theme/images/scroll.png?1558799481
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/files/main_style.css?1558799481
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 02c09d6ffd8e19d8aaaf17216527470189c5ff1645d2d54836e2b6bd12345291

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/files/main_style.css?1558799481

Response headers

cf-cache-status: DYNAMIC
etag: "a21fbf08fe3c7d7f2a382f1898f3c01b"
x-amz-version-id: AmWv27mo83jQdIa2wcrAsGsUQ09bwP2K
access-control-allow-methods: GET, POST, DELETE, OPTIONS
x-amz-meta-mtime: 1693319020.28
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: image/png; charset=binary
last-modified: Sat, 30 Mar 2024 09:18:15 GMT
vary: Accept-Encoding
x-storage-bucket: z02c0
x-amz-id-2: FH6eCGgyB15H5LIuDiq7mGSw540mmAxSOJR2kPA5dtSmEw9Zmf0lIMgqi6lU1yidkrtMZ574KC0=
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cf-ray: 8dbcf652e919e532-TXL
x-amz-request-id: DT2B2209MDQXWH1T
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1115
x-storage-object: 02c09d6ffd8e19d8aaaf17216527470189c5ff1645d2d54836e2b6bd12345291
x-amz-meta-btime: 2023-08-29T14:23:40.28Z
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/ 28 KB
28 KB 133ms
82ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,300,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 14944
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 11:27:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 11:27:41 GMT
last-modified: Tue, 15 Aug 2023 18:44:12 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28512
x-xss-protection: 0
server: sffe

GET
H3 200 wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v19/ 15 KB
15 KB 159ms
109ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cardo/v19/wlp_gwjKBV1pqhv43IE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 172356
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:44:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:44:09 GMT
last-modified: Thu, 21 Apr 2022 17:05:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14880
x-xss-protection: 0
server: sffe

GET
H3 200 CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2
fonts.gstatic.com/s/newscycle/v23/ 13 KB
13 KB 149ms
99ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/newscycle/v23/CSR54z1Qlv-GDxkbKVQ_dFsvWNReuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle:400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 173456
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:25:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:25:49 GMT
last-modified: Tue, 02 May 2023 16:45:33 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13436
x-xss-protection: 0
server: sffe

GET
H3 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 118ms
68ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 173628
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:22:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:22:57 GMT
last-modified: Mon, 09 May 2022 18:30:51 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16172
x-xss-protection: 0
server: sffe

GET
H3 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v35/ 37 KB
37 KB 169ms
119ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 173814
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:19:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:19:51 GMT
last-modified: Wed, 31 Jan 2024 23:11:20 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37764
x-xss-protection: 0
server: sffe

GET
H3 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 174ms
124ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,300,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 173785
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:20:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:20:20 GMT
last-modified: Mon, 09 May 2022 18:31:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16348
x-xss-protection: 0
server: sffe

GET
H3 200 0QIvMX1D_JOuM2T7I-NP.woff2
fonts.gstatic.com/s/lora/v35/ 17 KB
17 KB 109ms
60ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuM2T7I-NP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cad3b1ada4a65658a5d313074b69062c1b996bd2ade8df36f30e2e8239bfcd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 315016
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 00:06:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 00:06:29 GMT
last-modified: Wed, 31 Jan 2024 23:11:39 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17288
x-xss-protection: 0
server: sffe

GET
H2 200 DUm3fMmdbFA
www.youtube.com/embed/ Frame 0E03 0
0 343ms
272ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/DUm3fMmdbFA

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 143ms
94ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?gfUrmq=EQ1WVAdRChZCH1xYVVYAVw0EBwYUVUBURg9DHhUBW0gOBRBTSQQUCUgDQx9VVxBdFBtVA15XUUEZAEJQBEgPFFJIEFkSTQgKXE1VW0NfTwtKHAVLCgIDDB5UHAdNDVIVKyBI
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c149099ed0c8b4eb450acf822d91a2c3689c962152eb2b4fc22fa7d4c7a365

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DG4VpEfrRci5A8sOValsK64udVD8YattF%2FR2QWcrVuaXh7dKz%2FBDk5f4JxJVenPapF3PBOZc0vjBK1eAHDJ2EXtYJ9EbmZ1nycan6StZ0UEH4Wj5GSh8URnGnNGB"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=46955&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4131&recv_bytes=4857&delivery_rate=10863&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=106&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf65369c722a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 vyZERVP266Y
www.youtube.com/embed/ Frame 6643 0
0 369ms
302ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/vyZERVP266Y

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 144ms
96ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?dceq=F1tWVlZRWxBDSAgNA1NWDFkDDwFKUBdXEQxBTkBYFlsJUxBRGAhZDFNQThIWW0AOGQMTAwhTF1kMAR5cGQRORgtCT11dAhsGVkYLSlEYHlYcBQhTXxtXGldJWwEYfSYe
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c68deec39d6a31fefc01c112b910482151569ae0783bb9ea4f9f7291f8fe081

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRRqX%2Fj5rLo7gDL%2FmNvXx%2FyUzsdae%2B%2FXz7Sn7kwI7X%2BlYTTeQR27%2Fka0qxcJNrfsZzTzYv%2BrorELgt4G0vmhKMEDfBTJMEgErqWI%2BWaGarWNI%2BBvRYuZ1nz59kjf"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=47039&sent=13&recv=10&lost=0&retrans=0&sent_bytes=5610&recv_bytes=4904&delivery_rate=12421&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=107&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf65369c922a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 2w_SOucguxY
www.youtube.com/embed/ Frame 3189 0
0 268ms
202ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/2w_SOucguxY

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 D_f0WEEV_Ho
www.youtube.com/embed/ Frame 9937 0
0 327ms
262ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/D_f0WEEV_Ho

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 214ms
168ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?PKLlICBMt=QQgHWlFSXEscSQ9cVVFTXgkMAQFJV0MDTFlETgJXSwQZF1xcUQocVghcC15RHVNYSVlYBhdfWAYUCRtVTUJWFRkIW1wfAVhOCBtRHBgDGQNSCQ9OVxwDTlFUGiwlGg==
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d096758a0b069eaabad0ad3ff274fec623e2f506b7e7ecc77902b595dbb9cdc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eSV9zhzhMb3GWzCkcYMLPqPO%2Bg56407oFYB09OihVR04U7ZtaJnyPpk4xi%2BnEdjXG29%2BO8mPp9Iom%2FQzC1vt3uNNqEnk4DnKB1uS6bzP1gPt0AZmqz0i6Wi6uuRK"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=18&recv=14&lost=0&retrans=0&sent_bytes=8466&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=180&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa8022a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 RE9O_doW54I
www.youtube.com/embed/ Frame A79E 0
0 370ms
307ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/RE9O_doW54I

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Ydb7ZRS0KwE
www.youtube.com/embed/ Frame 711D 0
0 321ms
259ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Ydb7ZRS0KwE

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
epimar.win/ 1 KB
1 KB 209ms
168ms XHR
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://epimar.win/?QIcoaMR=RF4HVFMGCUdPSFpZUl5WDAgEU1ZIVBRRFl4SHwVHDV1cVkZfHUEHW1JWVl9aWFxICFEWTAVEB15JUwRaA1YPH0dfRRoPHVIZQV5HHlpXVkgHXxNbTwBKHFcZUwRVDk0GGwUZX1IcK3EZ
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b556f3dd16a728dfa212d2d02b2512e5c3919b473fe6910f0aaf46ac1154f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

access-control-max-age: 86400
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ocJ87WuDNpYXL%2F09TpH50337MXwpqlIfj5X8kqJVidBiHNtncMYlAf%2BGpYPaloozN6yhOPHLN7QByz4%2BpHPfteumbsXwNqbUqtkP%2BAiCXnuw%2BQFl3X3diHTeelhx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=48534&sent=16&recv=14&lost=0&retrans=0&sent_bytes=7043&recv_bytes=8121&delivery_rate=58947&cwnd=12000&unsent_bytes=0&cid=25b81428d0e4fd21&ts=180&x=1", cfExtPri, cfHdrFlush;dur=0
date: Fri, 01 Nov 2024 15:36:45 GMT
content-type: text/javascript;charset=UTF-8
priority: u=1,i
access-control-allow-headers: X-Requested-With
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8dbcf653fa7d22a0-CDG
access-control-allow-origin: https://downyup6b0.weebly.com
server: cloudflare

GET
H2 200 i6bDQBzEjZc
www.youtube.com/embed/ Frame 50CA 0
0 559ms
500ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/i6bDQBzEjZc

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-G9E_FmfVP5SdgClgzFf7iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aaz4haUWTTA
www.youtube.com/embed/ Frame 6FCD 0
0 363ms
310ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/aaz4haUWTTA

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 15:36:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 CSR64z1Qlv-GDxkbKVQ_fOAKTQ.woff2
fonts.gstatic.com/s/newscycle/v23/ 13 KB
13 KB 63ms
42ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/newscycle/v23/CSR64z1Qlv-GDxkbKVQ_fOAKTQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=News+Cycle:400,700&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

b1c4853f87ee676fa7610760cb0d33da5d53e1c011be7a34d9de03ec4b7b4f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 172185
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:47:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:47:00 GMT
last-modified: Tue, 02 May 2023 16:44:43 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13360
x-xss-protection: 0
server: sffe

GET
H3 200 0QIvMX1D_JOuM3b7I-NP.woff2
fonts.gstatic.com/s/lora/v35/ 28 KB
28 KB 41ms
40ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v35/0QIvMX1D_JOuM3b7I-NP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

4653d92d887cc5abe45fa51857ddccb343334f7b3db228aecb28bac23a8c9827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://fonts.googleapis.com/

Response headers

age: 173009
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 30 Oct 2025 15:33:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 30 Oct 2024 15:33:16 GMT
last-modified: Wed, 31 Jan 2024 23:12:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 28224
x-xss-protection: 0
server: sffe

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 289ms
42ms Script
text/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
age: 5944
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:215:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:57:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 13:57:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:215:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 17168
server: Golfe2

GET
H3 200 snowday262.js Show response
cdn2.editmysite.com/js/wsnbn/ 73 KB
26 KB 40ms
40ms Script
application/javascript 151.101.129.46
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.46 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu8.sf2p.intern.weebly.net
content-encoding: gzip
etag: "67190a84-124fe"
age: 776643
expires: Wed, 06 Nov 2024 15:52:42 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: application/javascript
last-modified: Wed, 23 Oct 2024 14:39:00 GMT
x-cache-hits: 14091, 11809
x-served-by: cache-sjc10061-SJC, cache-fra-etou8220126-FRA
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475406.139250,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25752
server: nginx

GET
H3 200 sdk.js Show response
connect.facebook.net/undefined/ 3 KB
2 KB 252ms
131ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/undefined/sdk.js

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

70db2893574efba755f7e3b1d9f3b8ad0ede8b8c3d4c7d9a977b3d8d4e324ac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-md5: 5pfI21oELNzL0E2zkmHX3Q==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "5f22f6a7743bd729002508e51dec43c2"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:51:24 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:36:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: d298f5332823f719ae91b2f97c83fcd8
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4560, tp=11, tpl=0, uplat=1, ullat=-1
x-fb-debug: pRBtSLaFKy/51WS70YSHjZIPWN6RO3451Etm53sEFyXvRIkAJjSBSxYM0pgEq42JjAlVuWkyH9HZi5VapzQEjQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 widgets.js Show response
platform.twitter.com/ 91 KB
27 KB 131ms
39ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Fri, 01 Nov 2024 15:36:47 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-fra-etou8220034-FRA
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H3 200 free-footer-v3.css
cdn2.editmysite.com/css/ 3 KB
1 KB 41ms
40ms Stylesheet
text/css 151.101.129.46
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1730420440
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.46 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: blu23.sf2p.intern.weebly.net
content-encoding: gzip
etag: "6724129f-a49"
age: 54873
expires: Fri, 15 Nov 2024 00:22:12 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 23:28:31 GMT
x-cache-hits: 32, 461
x-served-by: cache-sjc10056-SJC, cache-fra-etou8220126-FRA
vary: Accept-Encoding
cache-control: max-age=1209600
x-timer: S1730475406.152338,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 886
server: nginx

GET
H2 200 nav-handle.png
downyup6b0.weebly.com/files/theme/images/ 960 B
1 KB 247ms
247ms Image
image/png 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://downyup6b0.weebly.com/files/theme/images/nav-handle.png?1558799481
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/files/main_style.css?1558799481
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: 88ae76a4e1a08ef8f80f2c49472c2d4cefa8bfe486da0d1f9ab4a8d913a53b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/files/main_style.css?1558799481

Response headers

cf-cache-status: DYNAMIC
etag: "addad38c459125f115b1facd69b3b659"
x-amz-version-id: zmZ7EDLrjgvFhb8WqOfM6QzRVfJFzfqg
access-control-allow-methods: GET, POST, DELETE, OPTIONS
x-amz-meta-mtime: 1628694161.444
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: image/png; charset=binary
last-modified: Thu, 11 Apr 2024 13:28:30 GMT
vary: Accept-Encoding
x-storage-bucket: z88ae
x-amz-id-2: RzXaRvlP6H+ZsNZ5sRwS0REgRxIpy9UffDxoc2EUjok6mn3oDxSORZY4bkKXhNtURgK3E2Ucb88=
access-control-allow-headers: Origin, Authorization, Content-Type
x-amz-replication-status: COMPLETED
cf-ray: 8dbcf6586f49e532-TXL
x-amz-request-id: 3XZ24DR7WWJXADCZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 960
x-storage-object: 88ae76a4e1a08ef8f80f2c49472c2d4cefa8bfe486da0d1f9ab4a8d913a53b36
x-amz-meta-btime: 2021-08-11T15:02:41.444Z
server: cloudflare
x-amz-server-side-encryption: AES256

POST
H2 200 / Show response
downyup6b0.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ 348 B
359 B 264ms
263ms XHR
application/json 74.115.51.9
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://downyup6b0.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.115.51.9 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: wildcard.weebly.com
Software: cloudflare /
Resource Hash: adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49

Request headers

Referer: https://downyup6b0.weebly.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Content-Type: application/json; charset=UTF-8

Response headers

x-host: grn96.sf2p.intern.weebly.net
cf-cache-status: DYNAMIC
content-encoding: gzip
cf-ray: 8dbcf6587f8ae532-TXL
x-ua-compatible: IE=edge,chrome=1
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: application/json
vary: X-W-SSL,User-Agent, Accept-Encoding
server: cloudflare

OPTIONS
H2 200 tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 0
0 634ms
204ms Preflight 44.241.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.17.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-17-25.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://downyup6b0.weebly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://downyup6b0.weebly.com
access-control-max-age: 600
content-length: 0
date: Fri, 01 Nov 2024 15:36:46 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 sqmarket-medium.woff2
cdn2.editmysite.com/fonts/SQ_Market/ 30 KB
30 KB 80ms
39ms Font
font/woff2 151.101.129.46
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
Requested by: Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.46 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://downyup6b0.weebly.com/

Response headers

x-host: grn110.sf2p.intern.weebly.net
etag: "671a8899-7830"
age: 365349
expires: Mon, 11 Nov 2024 10:07:36 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:36:46 GMT
content-type: font/woff2
last-modified: Thu, 24 Oct 2024 17:49:13 GMT
x-cache-hits: 460, 1856
x-served-by: cache-sjc1000119-SJC, cache-fra-etou8220055-FRA
cache-control: max-age=1209600
x-timer: S1730475406.254798,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30768
server: nginx

GET
H3 200 logotype.svg
cdn2.editmysite.com/images/landing-pages/global/ 3 KB
2 KB 42ms
42ms Image
image/svg+xml 151.101.129.46
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/landing-pages/global/logotype.svg
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1730420440
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.46 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1730420440

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
content-encoding: gzip
etag: "bc61dcb431a14c508075eeff4f74523a"
age: 5139
x-goog-stored-content-encoding: identity
expires: Fri, 27 Oct 2023 05:02:23 GMT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-goog-stored-content-length: 3507
x-cache: HIT
date: Fri, 01 Nov 2024 15:36:46 GMT
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
content-type: image/svg+xml
x-served-by: cache-fra-etou8220126-FRA
x-cache-hits: 1859
x-guploader-uploadid: ABPtcPrbw-AbC4RwqUPtZ2B2M0xe3rGYFOaLqP-_394rFyodgYR8gzvONnEAvc_i7pqvvr0NluF8ScdvXgzXrDIfWwmk
vary: Accept-Encoding
cache-control: public, max-age=86400, s-maxage=259200
x-goog-storage-class: STANDARD
x-timer: S1730475406.210917,VS0,VE0
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1539207420450301
content-length: 1488
server: UploadServer

POST
H2 200 tp2 Show response
ec.editmysite.com/com.snowplowanalytics.snowplow/ 2 B
285 B 630ms
214ms XHR
text/plain 44.241.17.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2

Requested by

Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.17.25 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-17-25.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: https://downyup6b0.weebly.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://downyup6b0.weebly.com
content-length: 2
date: Fri, 01 Nov 2024 15:36:47 GMT
server: nginx
access-control-allow-credentials: true

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 251 KB
74 KB 42ms
41ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=cdd859782f6771e66db11f1c52de992f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/undefined/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

2bf69380f5d61ffdbd9e74bd3f86b1956275c76826bf646c001fd012c66c920e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://downyup6b0.weebly.com
Referer: https://downyup6b0.weebly.com/

Response headers

content-md5: g7Vc2gOJVJHD1VEu0GMipw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "0085121ee48cbe7e7e7761f41ce30fbd"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 13:31:15 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:36:47 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: b5163a1b02e8f5f0b240cddf9c52a3f5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=1, ullat=-1
x-fb-debug: V5FkoyE16bPm2cx1Vgtb0J0eckkERljVm68+euGdhyj4VXAPJbMHHDhuGbn94ogapaEoJBG9dniGGiIFs1rLbA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75433
origin-agent-cluster: ?1

GET
H2 200 widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E0E3 0
0 118ms
40ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fdownyup6b0.weebly.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 105429
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:47 GMT
etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified: Mon, 11 Dec 2023 17:19:49 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-etou8220063-FRA

GET
H2 200 button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 41ms
40ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-encoding: gzip
etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Fri, 01 Nov 2024 15:36:48 GMT
last-modified: Mon, 11 Dec 2023 17:19:47 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200086-IAD, cache-fra-etou8220034-FRA
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=315360000
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2620
x-amz-server-side-encryption: AES256

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 58C4 0
0 46ms
46ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame E2D5 0
0 47ms
47ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 04CB 0
0 48ms
48ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 40F4 0
0 47ms
47ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 9C7C 0
0 49ms
48ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 1410 0
0 48ms
48ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame CB21 0
0 49ms
49ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame D4AB 0
0 49ms
49ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 98C7 0
0 49ms
49ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame E619 0
0 49ms
49ms Document
text/html 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://downyup6b0.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 12332
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 15:36:48 GMT
etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
last-modified: Mon, 11 Dec 2023 17:19:48 GMT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn: FT
vary: Accept-Encoding
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
x-served-by: cache-iad-kjyo7100127-IAD, cache-fra-etou8220063-FRA

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
96 B 234ms
145ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdownyup6b0.weebly.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1730475408596%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d941edee39fb6b4beb63f2f190e694de7e914389

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-type: image/gif
strict-transport-security: max-age=631138519
x-transaction-id: d7d7b99ef5e8fb10
cache-control: must-revalidate, max-age=600
x-connection-hash: 1191f072b9e7ad6f057515c8d54e48088edaeacee18f4efbe690812f7ddc8a5f
x-response-time: 104
content-length: 43
date: Fri, 01 Nov 2024 15:36:48 GMT
last-modified: Fri, 01 Nov 2024 15:36:48 GMT
perf: 7402827104
vary: Origin
server: tsa_o

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 231ms
143ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fdownyup6b0.weebly.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1730475408597%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=d941edee39fb6b4beb63f2f190e694de7e914389

Requested by

Host: downyup6b0.weebly.com
URL: https://downyup6b0.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://downyup6b0.weebly.com/

Response headers

content-type: image/gif
strict-transport-security: max-age=631138519
x-transaction-id: 6258830aadfcb3c3
cache-control: must-revalidate, max-age=600
x-connection-hash: 1191f072b9e7ad6f057515c8d54e48088edaeacee18f4efbe690812f7ddc8a5f
x-response-time: 102
content-length: 43
date: Fri, 01 Nov 2024 15:36:48 GMT
last-modified: Fri, 01 Nov 2024 15:36:48 GMT
perf: 7402827104
vary: Origin
server: tsa_o

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dramaqu.net
URL: https://dramaqu.net/wp-content/uploads/2018/08/nonton-witchs-love-2018-subtitle-indonesia-236x350.jpg

Domain: img.sukipli.com
URL: https://img.sukipli.com/parasyte-part-1-2014.jpg

Domain: dramaqu.net
URL: https://dramaqu.net/wp-content/uploads/2018/07/nonton-my-id-is-gangnam-beauty-subtitle-indonesia-236x350.jpg

Domain: drawinglics.com
URL: https://drawinglics.com/view/1612595/kumpulan-gambar-dan-foto-gerak-lucu-dp-bbm-gif-terbaru-2017-nah-buat-sobat-yang-sedang-mencari-gambar-bergerak-burung-kenari-admin-sudah-siapkan-dp-bbm-burung-canary-animasi-gif-terbaru-yang-dapat-didownload-gratis.gif

Domain: img.phone.baidu.com
URL: https://img.phone.baidu.com/public/uploads/store_5/2/6/7/de5cd4e9a9809bd588f78f45ead99432_200x200.png

Domain: katagambarku.wordpress.com
URL: https://katagambarku.wordpress.com/wp-content/uploads/2015/08/gambar-kata-kata-cinta-lucu-modus-banget.jpg?w=450&h=450

Domain: burgers-lyon.com
URL: https://burgers-lyon.com/gallery/kimi-no-na-wa-720p-mp4.jpg

Domain: www.freeaetemplates.com
URL: https://www.freeaetemplates.com/wp-content/uploads/2017/06/Movie_Poster_AE_Template.jpg

Domain: www.magicplan.app
URL: https://www.magicplan.app/wp-content/uploads/skin-1-1024x786.png

Verdicts & Comments Add Verdict or Comment

146 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.downyup6b0.weebly.com/	1969-12-31 23:59:59	Name: is_mobile Value: 0
downyup6b0.weebly.com/	1970-01-21 01:01:25	Name: language Value: de_DE
.weebly.com/	1970-01-21 00:41:17	Name: __cf_bm Value: nD3RzGNMNfdIhF5pEUogy4vyS_Z8X_mxuAyoQm1Kth0-1730475404-1.0.1.1-17HiUjOF_ZN.K7YIGLs8kPE87IYo1V.hD3ljIUzpHNDbhG64ldomDLfz7R4eTsmWKdoH3FWNxCUzEEaDeiVoEg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zOJzr9dSlG8
.youtube.com/	1970-01-21 05:00:27	Name: VISITOR_INFO1_LIVE Value: ABVcwdrKbS4
.youtube.com/	1970-01-21 05:00:27	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgHA%3D%3D
downyup6b0.weebly.com/	1970-01-21 00:41:17	Name: _snow_ses.3c09 Value: *
downyup6b0.weebly.com/	1970-01-21 10:17:15	Name: _snow_id.3c09 Value: d35b40b2-6eba-41de-95b3-a124529bbc81.1730475406.1.1730475406.1730475406.1b01e804-def2-4f5f-bd2e-19e73d006851
.magicplan.app/	1970-01-21 00:41:17	Name: __cf_bm Value: OYdJduoQ5LhFsEPldvzK3QrtyE_2Zg4nfNzi1am4HDc-1730475407-1.0.1.1-nn2m27t6DtT_nZqI77yKG0AjvqDBU40w1oLezfWks4fmUEVSyHqzqJKiENnAzxWsSUoh6IfoqGL40S0HpqQbeA
.magicplan.app/	1969-12-31 23:59:59	Name: __cfruid Value: c47166ca63a9c8683a95d67cd00cd1e05bf701ac-1730475407
ec.editmysite.com/	1970-01-21 09:26:51	Name: sp Value: 2820fabd-78a5-4b6e-aa7e-afd262612ac7
.www.magicplan.app/	1970-01-21 00:41:17	Name: __cf_bm Value: sbeP_YPhsZkUuAI0ex8D5JvW9s3dNS1_bi06LTWzWW0-1730475408-1.0.1.1-JcZlYF4B8DKwgYX.FkLZDqdFTSS7087T0vLH_NwEAzRsA8_05Fim83QKcmQFjcRlZcgAradJB0zVirZWIE66EQ
.www.magicplan.app/	1969-12-31 23:59:59	Name: __cfruid Value: 53c9e0cd71397a97762366011f43544d74858093-1730475408

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://dramaqu.net/wp-content/uploads/2018/08/nonton-witchs-love-2018-subtitle-indonesia-236x350.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://img.sukipli.com/parasyte-part-1-2014.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://dramaqu.net/wp-content/uploads/2018/07/nonton-my-id-is-gangnam-beauty-subtitle-indonesia-236x350.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://img.phone.baidu.com/public/uploads/store_5/2/6/7/de5cd4e9a9809bd588f78f45ead99432_200x200.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://burgers-lyon.com/gallery/kimi-no-na-wa-720p-mp4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://i630.photobucket.com/albums/uu26/dramabeans/drama/2016/RM/RM_280/RM280-00061.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://i630.photobucket.com/albums/uu26/dramabeans/drama/2015/RM/RM_278/RM278-00234.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://img.sukipli.com/parasyte-part-1-2014.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://vfxdownload.com/wp-content/uploads/2015/10/Elegant-Broadcast-Package-Free-Download-After-Effects-Templates.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/ Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/--iDr60T9FMM/VitLqCYu2nI/AAAAAAAAnDU/PO-iLEZAx4Y/s200/na0.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 296) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://dramaqu.net/wp-content/uploads/2018/08/nonton-witchs-love-2018-subtitle-indonesia-236x350.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 296) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://img.sukipli.com/parasyte-part-1-2014.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 296) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://dramaqu.net/wp-content/uploads/2018/07/nonton-my-id-is-gangnam-beauty-subtitle-indonesia-236x350.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 359) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://img.phone.baidu.com/public/uploads/store_5/2/6/7/de5cd4e9a9809bd588f78f45ead99432_200x200.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 426) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://burgers-lyon.com/gallery/kimi-no-na-wa-720p-mp4.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 489) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://i630.photobucket.com/albums/uu26/dramabeans/drama/2016/RM/RM_280/RM280-00061.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 489) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://i630.photobucket.com/albums/uu26/dramabeans/drama/2015/RM/RM_278/RM278-00234.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://burgers-lyon.com/gallery/kimi-no-na-wa-720p-mp4.jpg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	URL: https://downyup6b0.weebly.com/(Line 690) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://vfxdownload.com/wp-content/uploads/2015/10/Elegant-Broadcast-Package-Free-Download-After-Effects-Templates.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://downyup6b0.weebly.com/(Line 763) Message: Mixed Content: The page at 'https://downyup6b0.weebly.com/' was loaded over HTTPS, but requested an insecure element 'http://4.bp.blogspot.com/--iDr60T9FMM/VitLqCYu2nI/AAAAAAAAnDU/PO-iLEZAx4Y/s200/na0.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://i.ytimg.com/vi/StJGOZ7CWI0/hqdefault.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.phone.baidu.com/public/uploads/store_5/2/6/7/de5cd4e9a9809bd588f78f45ead99432_200x200.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i2.wp.com/bjkproduction.com/wp-content/uploads/2017/11/C0011.00_04_41_07.Still001.jpg?resize=1200%2C500&ssl=1 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
4.bp.blogspot.com
ajax.googleapis.com
assets.jalantikus.com
b1.org
burgers-lyon.com
cdn2.editmysite.com
connect.facebook.net
downyup6b0.weebly.com
dramaqu.net
drawinglics.com
ec.editmysite.com
epimar.win
fonts.googleapis.com
fonts.gstatic.com
gatotkacatulanglunak.files.wordpress.com
gatotkacatulanglunak.wordpress.com
i.dailymail.co.uk
i.imgur.com
i.pinimg.com
i.ytimg.com
i2.wp.com
i630.photobucket.com
image.slidesharecdn.com
image.winudf.com
images-na.ssl-images-amazon.com
images.template.net
img.phone.baidu.com
img.sukipli.com
katagambarku.wordpress.com
lh3.googleusercontent.com
m.media-amazon.com
motionarray-content.imgix.net
penaindigo.com
platform.twitter.com
ri32.files.wordpress.com
ri32.wordpress.com
s-media-cache-ak0.pinimg.com
sixghakreasi.com
ssl.google-analytics.com
static-s.aa-cdn.net
syndication.twitter.com
vfxdownload.com
www.freeaetemplates.com
www.magicplan.app
www.manifest-tech.com
www.youtube.com
burgers-lyon.com
dramaqu.net
drawinglics.com
img.phone.baidu.com
img.sukipli.com
katagambarku.wordpress.com
www.freeaetemplates.com
www.magicplan.app
104.244.42.136
124.155.223.231
142.250.186.99
146.75.120.157
151.101.129.46
151.101.130.152
151.106.118.109
157.240.0.6
172.67.221.54
18.66.192.119
188.114.96.3
192.0.72.22
192.0.77.2
192.0.78.12
192.0.79.8
199.232.192.193
216.92.142.12
23.53.43.67
2600:9000:275d:9600:1d:d7f6:39d3:d9e1
2606:4700:20::681a:816
2a00:1450:4001:800::2016
2a00:1450:4001:802::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2008
2a00:1450:4001:82a::200e
2a02:26f0:7100:995::16c2
2a02:4780:3:1200:0:2024:566b:2
2a04:4e42:400::302
2a04:4e42:400::84
2a04:4e42:600::720
2a04:4e42::84
34.160.157.24
44.241.17.25
74.115.51.9
83.222.126.244
0018b882be5277856098a1a1f753bf1d23cdad0939bcf1222e6ead7670b7be55
00d851399b56aa8fb76f1330f4666f312075f42ad9d31fd49a611417d6174522
02c09d6ffd8e19d8aaaf17216527470189c5ff1645d2d54836e2b6bd12345291
02c29ae3cf494cc14747ccb7ef6792445b6589a8d2cd82ffc4133b884eb3f597
0acc829a9550d701f1777ff6b5cde6ba5a484a9fdb2e9f9b6fd7b34ba6748814
0c68deec39d6a31fefc01c112b910482151569ae0783bb9ea4f9f7291f8fe081
0f86eaecbb74174ebb700cc768966211e698a7e6bf6b19227cd0b89db43e14a0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1f1d01a21d68d22f958b07f503dedba71bb7a07b7ddbb29512e2e69e6f0995d7
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c
2633e107e31ab6f570d822eb8a5dd35a61774468ae059119a017ee2a350708ba
267c14bfa23e3178e3386b4622be0eebc8b846b9e17652c17f77ad147dbca7ba
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b75c5b68ede508d5d679d4177a80e619585c62fd6ad8bad103d6eca38e83af9
2bf69380f5d61ffdbd9e74bd3f86b1956275c76826bf646c001fd012c66c920e
2c37afc63e7b0d23871479d3ec0c5de7b1ae24354a2b568476b62b4facf4cf6c
30cba2d2d1ff3a5e75fc70f38453e961a2b05fa614cfdfe4e8102cdd33b9f88a
31e2acd46027f7dd6c2910580dfbc039dd50280a0596afc845928f657857afaa
34f508542d40b6bd5c72c58eb3ecb4f8de67d70aa3a2c6ea9c6279b7f1129321
3a90c56bbc2ea3fae7e089cc529bc02869c5035ee31c3111d829b9ae974cf42d
3cb145926fb659a96dc82f5cf36fee0ea92fd9798afe307e4055914443a6e87f
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
431b643d68767464579b7df161c5d4037a26ddb813a29d6725f3bd90bab00af7
4653d92d887cc5abe45fa51857ddccb343334f7b3db228aecb28bac23a8c9827
55f966d09afc4a653a1f26b57e57412d5c42191d5692157d94110b23ca74c9d2
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
5765b8a97aa9a8bf0c187a2deac6bb6b8d3b998f52054e77cd8e91762b57ea6d
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
60b556f3dd16a728dfa212d2d02b2512e5c3919b473fe6910f0aaf46ac1154f6
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
64c149099ed0c8b4eb450acf822d91a2c3689c962152eb2b4fc22fa7d4c7a365
7082d702280aeb204b77e214abe9b35251155664449f8683c0290d9d71dce05a
70db2893574efba755f7e3b1d9f3b8ad0ede8b8c3d4c7d9a977b3d8d4e324ac9
7269aa083f5a76e416c5e0c7bdd05eae45fee1f0ba15986ad1796c8cb42330c6
77b4d70a9158355f9cb8e13db9dc67bb56da6d1ec28d4b8f57bde3c2c325a498
78d41cb035242947847d1f96192c509b6cba6d2b93d9d937cf7b6a378b7893d3
7c3c69cfdb102104bddcf12230d5a3ca11af539ae3aa66676da1b9112ba97d12
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
88ae76a4e1a08ef8f80f2c49472c2d4cefa8bfe486da0d1f9ab4a8d913a53b36
89a154c36744031fee744c2d4ce24f269f73c84024ccb95fcd8153ce22d2b42b
94344aac936aec69b29a6b681a5b00056a17f3f26b1f99ad915e9d8f0d670be1
96df56d9a6409713ea0e071bab760c3a521e158abd05a25d9869c09dda6af877
97f5ff171f57850fa82bee6fad3747efd6677cc9a18893b129d8a79cb8894468
9843c39b96888e30a7861731a8b49f79cd0f5d410ca9661e8a8a64063e1f8f8c
996157974d0b710839052a22ef35a271c43c2e3c2f6f465eaf225679ca8e1726
9d1e2ad9245d6d253da0b330b939cc15bb6153659976933e3f018ca8f7c03896
9e27e23961195928ae3f1a64c093440603a0780dee12a4cb956c14e35322441d
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
b05985f00c15f154da2b8a88a695aa909130e3ef9df5cfdd07163853f76d835b
b1c33271c9f37f971b486ea77f5102d9c1ef368754516bc52a2e0aa5ed5b9ba3
b1c4853f87ee676fa7610760cb0d33da5d53e1c011be7a34d9de03ec4b7b4f3c
b412779483065a97c2811af27399c94ba2907a8ff8d4d2e9b37b04d8617a2cef
b42c49aff2a698ec8c21c7958cb22a79022fb50908727eb3ac49f7d91187f223
b519c652777c636add992fcfc14ff1360572af19ba11151ea78c17d3c44d153b
b80426df10ac3371530a06ea7fb982a3de3980c5c0be3ba1dd28e1007b06ce21
b83c1bdb86ae601a4a54799c364306dd922e98d5fddc177d404611bf1a2706f3
bb8f3bae406f649e9436624f208efed4453831f552d50f31c17215064a476d27
bc55754271ceaf1d78fb6c90c927849fe308a8d5c6bc224679197d4efddc919e
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
be06ddd669cec07b8b445a7ae45859889881f78fb1bfa31b1389e47ac4e0b0cb
c1cd4e7693f8c40d13259e8ac271cd0b6870875ca6c69b78d50aede9eeb63b67
c50b15f613ee6404105bf7915feb42b8a1c564a43dc345bdfdf82db8170921cc
c5c89d59b365fc899550944397fd6b2351a6882aeb1aa4ea5e4fca595c2c6766
c80349d807fc368a6fb2799f3dbfe8a18d1d1271d37381ebb41fd73cfb1ff2ee
cad3b1ada4a65658a5d313074b69062c1b996bd2ade8df36f30e2e8239bfcd96
cbb33847091adc3a066c974949a35ad38613f9a6f6fcf6c203c12ee78a689267
cd73a571154b0bdc8d12e14e063f5505245affa8f56b5a7a05c7abfd66d6bb8b
d096758a0b069eaabad0ad3ff274fec623e2f506b7e7ecc77902b595dbb9cdc2
ddc17134b4cdcf7ac6e2a836002de31591748a041e3fcb6a41cf21e5df72b938
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96
e3b02080857b50d32af31142b068a3d9f9e3fe2e91bba974409f0eb3497bd72d
e73201bb09a6a17470f054c6941b24c51a2512fa2f6ab394ca32d42f5488198a
e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
fd04f0f5e2e88de7e2dd96f35f6064aa59e93db3b517417831d003d5d0039011
fd4ace1d68db90a11b0750e0c4b50f800eb8cf2c4b1dab1a5fc83e6cedb23d13
fe92905bd2e3601891da87fd1f8475282213f14f3a7a73c38654c60a61328e7c

downyup6b0.weebly.com Open in urlscan Pro 74.115.51.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

90 %HTTPS

41 %IPv6

38 Domains

48 Subdomains

35 IPs

5 Countries

3701 kBTransfer

5314 kBSize

13 Cookies

1 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

downyup6b0.weebly.com Open in urlscan Pro
74.115.51.9 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

90 %
HTTPS

41 %
IPv6

38
Domains

48
Subdomains

35
IPs

5
Countries

3701 kB
Transfer

5314 kB
Size

13
Cookies

126 HTTP transactions
0 data transactions