urlscan.io logo urlscan.io
SecurityTrails logo

3.217.106.26 Open in urlscan Pro
3.217.106.26  Public Scan

Go To Rescan Add Verdict Report
URL: http://3.217.106.26/
Submission: On July 16 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 21 domains to perform 114 HTTP transactions. The main IP is 3.217.106.26, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is 3.217.106.26.
This is the only time 3.217.106.26 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 3.217.106.26 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:3::485 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
20 2606:2800:234... 15133 (EDGECAST)
2 2a02:b48:2b::... 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 104.244.42.72 13414 (TWITTER)
42 151.101.13.140 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.197.235 9002 (RETN-AS)
2 52.207.197.196 14618 (AMAZON-AES)
2 2600:9000:219... 16509 (AMAZON-02)
3 2606:2800:134... 15133 (EDGECAST)
114 30
8    3.217.106.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-106-26.compute-1.amazonaws.com
3.217.106.26
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
20    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a02:b48:2b::7677:1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
www.bcloudhost.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
42    151.101.13.140 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
www.reddit.com
oauth.reddit.com
external-preview.redd.it
preview.redd.it
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    139.45.197.235 (United Kingdom)

ASN9002 (RETN-AS, GB)
native.propellerclick.com
2    52.207.197.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-197-196.compute-1.amazonaws.com
api.gfycat.com
2    2600:9000:2190:8c00:1:cde5:7345:88c1 (United States)

ASN16509 (AMAZON-02, US)
thumbs.gfycat.com
3    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
Domain Requested by
20 platform.twitter.com 3.217.106.26
platform.twitter.com
cdn.jsdelivr.net
19 preview.redd.it cdn.jsdelivr.net
15 external-preview.redd.it
5 pagead2.googlesyndication.com 3.217.106.26
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 oauth.reddit.com cdn.jsdelivr.net
4 www.reddit.com cdn.jsdelivr.net
4 syndication.twitter.com 1 redirects platform.twitter.com
3 cdn.jsdelivr.net 3.217.106.26
2 pbs.twimg.com platform.twitter.com
2 thumbs.gfycat.com
2 api.gfycat.com cdn.jsdelivr.net
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.facebook.com connect.facebook.net
2 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.bcloudhost.com 3.217.106.26
2 connect.facebook.net 3.217.106.26
connect.facebook.net
2 www.youtube.com 3.217.106.26
www.youtube.com
2 fonts.googleapis.com 3.217.106.26
1 cdn.syndication.twimg.com platform.twitter.com
1 native.propellerclick.com cdn.jsdelivr.net
1 www.google.com tpc.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com 3.217.106.26
114 29
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
propellerclick.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.redd.it
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-23 -
2021-11-18		 6 months crt.sh
gfycat.com
Amazon		 2021-03-21 -
2022-04-19		 a year crt.sh

This page contains 12 frames:

Primary Page: http://3.217.106.26/
Frame ID: 48E7D6EE9BB7BBBCF0D674CB579A54DB
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: 5228F1A56C077FB0B32FEF2CB6D6933A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1626470969&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F3.217.106.26%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626470969656&bpp=3&bdt=230&idt=75&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5936380501484&frm=20&pv=2&ga_vid=1859763483.1626470970&ga_sid=1626470970&ga_hid=38834647&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=3&pvsid=173037161471394&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: D608C5E21C0ACEDA89B46681225B984C
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F3.217.106.26
Frame ID: C516797BA0186FC796258D9730A90FD0
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2db4876b2d2f18%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Frame ID: 72F89FFDD4A1B9B387FAACCF98D13755
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33f574d66c878%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Frame ID: E3764C7670644C026D693030C0F172BF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 578D7332C1AAF2A7129F763DC3B8C9FC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A7E44A0CF5AD52B61253A862E30E3C8B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: F162D742CFBB015253025D55A257D245
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Frame ID: CA3420516D08A0F05D1E8170C8A616A8
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 8970752DB3346E49A3C6AD2F27DA2ACA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Frame ID: 3507A62ECBF0A9A783212464F903B544
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

114
Requests

91 %
HTTPS

79 %
IPv6

21
Domains

29
Subdomains

30
IPs

4
Countries

6378 kB
Transfer

11210 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

114 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
3.217.106.26/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
61ca2bda3fbe9807c67bf0dba06b622fe64545ec6199be79e6cb0e1e12dfd982

Request headers

Host
3.217.106.26
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By
Express
Content-Type
text/html; charset=utf-8
ETag
W/"15db-AP0aTDNyqWUNotnZY/AnM0N6VXk"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 16 Jul 2021 21:29:29 GMT
Connection
keep-alive
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		3 KB
744 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto|Varela+Round
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9eb622968023fca96413d0d4487796a709e5f01b742054af516ff9070b5104e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 21:08:56 GMT
server
ESF
date
Fri, 16 Jul 2021 21:29:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jul 2021 21:29:29 GMT
icon
fonts.googleapis.com/ 		568 B
438 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 21:29:29 GMT
server
ESF
date
Fri, 16 Jul 2021 21:29:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Jul 2021 21:29:29 GMT
scrolls.min.css
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/ 		517 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/scrolls.min.css?v=11
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26bb78ea1e4c6b1bc3159c83cd1702729e4e4b4e6c2266d5d5c1948b71ed9dc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
10861
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
59438
etag
W/"813c4-2z652LoWOZ2NEfyfrKf5GMrO+V4"
x-served-by
cache-fra19132-FRA
x-jsd-version-type
branch
date
Fri, 16 Jul 2021 21:29:29 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
spells.min.js
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/ 		2 MB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfb591c09c2d31711238d00f2877eaa42e76f47dfc2e8ae12657535369fd1a4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
8091
x-jsd-version
undefined
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
485974
etag
W/"1b09f5-vLBIetNX5o2c+91NW7fOpRjeONc"
x-served-by
cache-fra19132-FRA
x-jsd-version-type
branch
date
Fri, 16 Jul 2021 21:29:29 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
Snoocore-browser.min.js
cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/ 		179 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48c4e9a045b53a3b401198fa21daa873b4f2f7cb751a7acd6c46425328ef0fa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7035
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
59249
etag
W/"2cad7-FH4SbEMmtU7J6CPXZIF+YSXf/uI"
x-served-by
cache-fra19132-FRA
x-jsd-version-type
branch
date
Fri, 16 Jul 2021 21:29:29 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
iframe_api
www.youtube.com/ 		980 B
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0bdc6bc8aa2b1a2c4b103efe981e323ce88c032bc85b2d24804e47215e022bac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Fri, 16 Jul 2021 21:29:29 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-63873786-1
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
685e5be48bfd4c092c780db5966927f222a9f433036c59b5ebbb23a20c936f82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39666
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Jul 2021 21:29:29 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48389
x-xss-protection
0
server
cafe
etag
7904118586112407981
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 21:29:29 GMT
www-widgetapi.js
www.youtube.com/s/player/7ba2b998/www-widgetapi.vflset/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/7ba2b998/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43952cfb94c49e59f43f2ff0b7addd89271bced728d177f1efc77b153cfaaeca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 20:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 15 Jul 2021 00:47:14 GMT
server
sffe
age
4738
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42809
x-xss-protection
0
expires
Sat, 16 Jul 2022 20:10:31 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6c49a7ed282e5e61f720bbf731a9e1a960d421f04209db34937ed466aa608725
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ACDX1AXP6/UuZlAQ6yNpgg==
cross-origin-resource-policy
cross-origin
expires
Fri, 16 Jul 2021 21:32:31 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
cytyIjBpjhu2nHFkQeugd5mOHzZ8NlKscGBbzwlzqKSDjzftB9zh7/p38hn5FLmqAA0ydIpAq5khda1fgkq+gg==
x-fb-trip-id
686109401
x-fb-content-md5
0818a10a774fa314373ba04a2c97b474
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 16 Jul 2021 21:29:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"77c3abea65abf81eb87f0f614a04b1e2"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/668B)
Age
428
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
HTTP/1.1
Server
2a02:b48:2b::7677:1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jul 2021 21:29:29 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ 		244 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92395
x-xss-protection
0
server
cafe
etag
7826786853314341384
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 21:29:29 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame 5228 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210712/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 16 Jul 2021 03:29:55 GMT
expires
Fri, 30 Jul 2021 03:29:55 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
64774
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63873786-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5553
date
Fri, 16 Jul 2021 19:56:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 16 Jul 2021 21:56:56 GMT
sdk.js
connect.facebook.net/en_US/ 		229 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=fe9e0c2b57c0c994bff8bbf92d7ca1d3
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
054ce084af467cd9603854610351bca950d448cc0a40c1c81872859994cce489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://3.217.106.26
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
C+HoR+sXM1j8ZreH2V/oEA==
cross-origin-resource-policy
cross-origin
expires
Sat, 16 Jul 2022 21:03:26 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68112
x-fb-rlafr
0
x-fb-debug
qKJUh2qZHLwDbb3K45fxyaFsuLcOZAzW2aN7GVb4dDgkSQwGEdi0Y3m+su15+/1mKeShMMYdL7oeUTBSPd7Dbw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
b969b2c9683a524a5280052d290c40a0
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 16 Jul 2021 21:29:29 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"fc2ec44396c51e912e0a21af924662dd"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=38834647&t=pageview&_s=1&dl=http%3A%2F%2F3.217.106.26%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=376781886&gjid=175968829&cid=1859763483.1626470970&tid=UA-63873786-1&_gid=119362711.1626470970&_r=1&gtm=2ou7e0&z=849275924
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 21:29:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://3.217.106.26
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		199 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=3.217.106.26&callback=_gfp_s_&client=ca-pub-2409109107298024
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f2.1e100.net
Software
cafe /
Resource Hash
efc4fabb050a44b46c72704233cf851c0b9b53b35e578311e531dded8bed6829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=3.217.106.26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=3.217.106.26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D608 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1626470969&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F3.217.106.26%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626470969656&bpp=3&bdt=230&idt=75&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5936380501484&frm=20&pv=2&ga_vid=1859763483.1626470970&ga_sid=1626470970&ga_hid=38834647&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=3&pvsid=173037161471394&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2409109107298024&output=html&adk=1812271804&adf=3025194257&lmt=1626470969&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2F3.217.106.26%2F&ea=0&flash=0&pra=5&wgl=1&dt=1626470969656&bpp=3&bdt=230&idt=75&shv=r20210712&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5936380501484&frm=20&pv=2&ga_vid=1859763483.1626470970&ga_sid=1626470970&ga_hid=38834647&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060048&oid=3&pvsid=173037161471394&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Jul 2021 21:29:29 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Jul-2021 21:44:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Jul 2021 21:29:29 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626434913869424"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28061
x-xss-protection
0
expires
Fri, 16 Jul 2021 21:29:29 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-63873786-1&cid=1859763483.1626470970&jid=376781886&gjid=175968829&_gid=119362711.1626470970&_u=YEBAAUAAAAAAAC~&z=1869952998
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Jul 2021 21:29:29 GMT
content-type
text/plain
access-control-allow-origin
http://3.217.106.26
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
invoke.js
www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.bcloudhost.com/739971c9ef197eb5390ac21e3400ebcc/invoke.js
Requested by
Host: 3.217.106.26
URL: http://3.217.106.26/
Protocol
HTTP/1.1
Server
2a02:b48:2b::7677:1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Jul 2021 21:29:29 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
settings
3.217.106.26/api/settings/ 		34 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/api/settings/settings
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
778af31d1f99e545cfbcf7b160e16ec44de41a91a53e815b27c33be82e5b7c9f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
Connection
keep-alive
X-Powered-By
Express
ETag
W/"22-E3rnAh9v4Apk8HiX4AawUwe7KTs"
Content-Length
34
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
blacklist
3.217.106.26/api/ 		183 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/api/blacklist
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7ba6f9e210aefeb05ba0a3c0d71f8ae3d6156cf2f6fbaed816362de62b48cba7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
Connection
keep-alive
X-Powered-By
Express
ETag
W/"b7-JIaAPuYwHW8mB7CViUXfMMCQHzk"
Content-Length
183
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
logo.svg
3.217.106.26/icons/ 		939 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/icons/logo.svg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
8f03662a1599bc58e55a0b4f2cf9a9772bea698b679ae10d866c72bf224c6968

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
ETag
W/"3ab-16feacc0f9b"
Last-Modified
Tue, 28 Jan 2020 06:17:19 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
939
config
3.217.106.26/api/reddit/ 		440 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/api/reddit/config
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
5d57e062b6875f05d511767519678fa3e339ae184a2381537d4e12e902c64de0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
Connection
keep-alive
X-Powered-By
Express
ETag
W/"1b8-fI2/B0DKVxYj6Wem6yNOyiJecRE"
Content-Length
440
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
sprite.svg
3.217.106.26/icons/sprite/ 		115 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/icons/sprite/sprite.svg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
7faaf7d35aa2be9c1eafb2bfe4a08f9c8fe3018efe56d8bf0ef47c253c7c7a8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
Content-Encoding
gzip
ETag
W/"1ca25-16feacc1f93"
Last-Modified
Tue, 28 Jan 2020 06:17:23 GMT
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Varela+Round
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://3.217.106.26
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
356586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Jul 2022 18:26:24 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame C516 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F3.217.106.26
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6723) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://3.217.106.26/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
348607
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jul 2021 21:29:30 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6723)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
like.php
www.facebook.com/v2.12/plugins/ Frame 72F8 		0
143 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2db4876b2d2f18%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fe9e0c2b57c0c994bff8bbf92d7ca1d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2db4876b2d2f18%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
Tpq3+Ya0FXhSfQU2rVLHElBP+1VS3LXYp1JkDi50HKkCbl+HHgcfG4gow3urklSU0bEwTPvVMh9MIxFIgw461A==
content-length
0
date
Fri, 16 Jul 2021 21:29:30 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
like.php
www.facebook.com/v2.12/plugins/ Frame E376 		0
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33f574d66c878%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=fe9e0c2b57c0c994bff8bbf92d7ca1d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df33f574d66c878%26domain%3D3.217.106.26%26origin%3Dhttp%253A%252F%252F3.217.106.26%252Ff3802248949657c%26relation%3Dparent.parent&container_width=8&href=https%3A%2F%2Fwww.facebook.com%2Freddupco%2F&layout=button&locale=en_US&sdk=joey&share=false&show_faces=false&size=small&width=57
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
2TxI89iN2WLevQOXar4DFITF1ATyCm6E0sQ80tRugKGUPL4mZY0VrRex638FJZSs9WhZMvtT8UyMutB+MI2ujw==
content-length
0
date
Fri, 16 Jul 2021 21:29:30 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v13/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto|Varela+Round
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://3.217.106.26
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Jul 2021 00:57:01 GMT
x-content-type-options
nosniff
age
333149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20416
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Jul 2022 00:57:01 GMT
settings
syndication.twitter.com/ Frame C516 		183 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2F3.217.106.26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:29 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 21:29:30 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c3502c62accce09c16f028bce1b8391e548ae8f9db41e47db82afee75bf6db7a
content-length
152
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08ce6314218655a867cb37b0a4c571bfcb7bec493ff77f984e41f5125355eb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Jul 2021 21:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8565
x-xss-protection
0
access_token
www.reddit.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/v1/access_token
Protocol
H2
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
http://3.217.106.26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Authorization,
access-control-allow-credentials
false
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ratelimit-remaining
295
x-ratelimit-used
5
x-ratelimit-reset
30
cache-control
max-age=0, must-revalidate
x-moose
majestic
accept-ranges
bytes
date
Fri, 16 Jul 2021 21:29:30 GMT
via
1.1 varnish
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
snooserv
x-clacks-overhead
GNU Terry Pratchett
content-length
0
access_token
www.reddit.com/api/v1/ 		212 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/v1/access_token
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8be7389f6466f3aaa43476d205d3c22a8f9f88e06cbe496b05e6040bb5f53131
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/
Authorization
Basic RUQxTU5JTkdQMnNib3c6Q3hFei1ocmVhbWo1SzBBNFhRSUNmUDBZZVQ0
Content-Type
application/x-www-form-urlencoded

Response headers

x-ratelimit-used
6
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
212
x-xss-protection
1; mode=block
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Fri, 16 Jul 2021 21:29:30 GMT
x-reddit-loid
0000000000dcgvnrfi.2.1626470970565.Z0FBQUFBQmc4Zm82YXVfTFZTQVp2RXZENG1CTXNpNnBUcXNPUjhMeU5ZODZNQ202RDhHT2xzN3JpRnQ0SlV2a2VEbGJSd1o3WVFCLUhKazA4NHU0UVJ0c3JQVWlUYUQtbjQ4ajJwUEVLV3ZoamdtNlg1Tk1sYmFidDJpTFZiQmxCU3RPVDYyM0lNYUo
x-ratelimit-remaining
294
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
false
x-ratelimit-reset
30
accept-ranges
bytes
access-control-allow-headers
Authorization,
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2409109107298024&plah=3.217.106.26&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 16 Jul 2021 21:29:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 578D 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 16 Jul 2021 20:11:12 GMT
expires
Sat, 16 Jul 2022 20:11:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A7E4 		783 B
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b2cfd6378ce143c43148a5e0a8da3d6b2461ce7ff484dfbffe017224c81626d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LbBQX6PgT1FVSqsQmrEm+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://3.217.106.26/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

expires
Fri, 16 Jul 2021 21:29:30 GMT
date
Fri, 16 Jul 2021 21:29:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-LbBQX6PgT1FVSqsQmrEm+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js
pagead2.googlesyndication.com/bg/ Frame 578D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/5bBTaxHOq5TSRFVJXWhLxsmBBziAFdA6dJtppmZzzq8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 10:54:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
38106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13391
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 09:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Jul 2022 10:54:24 GMT
button.5573c974dc31bbdab5ea7923a0bd5cf3.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5573c974dc31bbdab5ea7923a0bd5cf3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/668B)
Age
348608
Etag
"382be2960021b88f6ce982d997cdbd01+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=173037161471394&bg=!LyylLGjNAAZjFomlYxY7ACkAdvg8WgkN2u3-UaC3Qsas4_98mPEZsaroSng_tXreZ535WY2-IKBUCQIAAABfUgAAAA5oAQcKAP_jpL2atJaurag7ShVHg3K-qGoZyPOSxLGUHx1Q9wYcyWozuGxoLWMOrlA6t4acTVE8nm18Z_UObqz8qskPuaCgD9tzfQebyhTvTL_ZK7tdwZTB7L7-votfmqkHuXIxU9hdhEjxq4ALz8jWYCJJW8LmLADh5saqsfe0CgsfFWZ7D-cfk17sIMczHa5WcNBAcswUVaxHmIXQuFB9rsGMS9B3G5G2nCrk4WrYxRgSdhIQgix9vX33JnZr0U_u9OgAHdVl1RM2sC_EEYp__tq5JEcVTLeQee3r2BZ0HhG0NlGHjxsWu4kU0s9AcqAOlVxjGM4ir4iWz15wFM6B12FL6duZAngnVuWaLouz0PzMnP_wkYnFOvo1v29_e1t41ZPtcnPdP3ARo7YKUwjPyWudscB10HK-hbIO0UNfnPVWPCBjIU5Y3nA-tdbG0Tqf2SIADThaYpxZ2n8XBQ6sfVkQH7_fQS9LJ7PaHgAlQiGFWG19vW5fjUmbsKb3PTG-Bgk9jvGa3vnlH54CXeFFmRzeczZSGJSTila5NjHqsbc8TP7m-n_x3iJeLDCcQ-L7sUtBgg5r3YSERRUkO7tStXcWEus4gE8oeK61y3_sXbWDpC4XzvnIsS05oAbK1eKDvubEaxW6vZJ71-I_n3Q6AL-cry7SFH5qVqCuX1ZH8U92ZKY3BYRXxwBO6LTJyUF5MdG1AV5C2gLb-DVFHhhMggiyoaOK1OGdfGBuO6MRRcms3-Kh3d1FPzRDUpti5RZlcIZaFa3DXg86gZUYiyO7-fxWHmACxU9CnAfpqbPIpTarEXfcN3CXKaAdp4DivQTp9zadvqJQ5YBE1k68iuTzw3ukXCA9BB6x8facnsInC1P3j_hbJp7hHA-Dq62Ra-uAebSuHZWJ7vke5u1JG3CRLuswUmXGtAb6VfFzwpoc6MDsoI068gaXwHKgp_7dyXlR3iAzh_WRDLhgp65xlYtC-oP-IYNli5O8ebGbgWZbtBbZc1OxpTbQuPHSn8c3f07mHRBo2aZy9O59LrDobpAfz9pgfvjKJDIrBVmCJogU7iUNzc3Ff74q7Z2rxYxU3q8bSjZQLACZPzNIzebVq3SO8aU5bGGOBGqbIplMIhBb3o_gLUPSa4se3dtX77pOYsDtEkXC2c9JGEGMf0hGFiTQPoT27x36Zlvw3HHYOTXJLg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Jul 2021 21:29:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow_button.06c6ee58c3810956b7509218508c7b56.en.html
platform.twitter.com/widgets/ Frame F162 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://3.217.106.26/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
348606
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jul 2021 21:29:30 GMT
Etag
"2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:42 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13632
follow_button.06c6ee58c3810956b7509218508c7b56.en.html
platform.twitter.com/widgets/ Frame CA34 		36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/follow_button.06c6ee58c3810956b7509218508c7b56.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://3.217.106.26/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
348606
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jul 2021 21:29:30 GMT
Etag
"2619db8370b1a8c68c62850e51110674+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:42 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
13632
truncated
/ Frame CA34 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot.html
platform.twitter.com/ Frame 8970
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
80 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
http://3.217.106.26
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
348607
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jul 2021 21:29:30 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

date
Fri, 16 Jul 2021 21:29:30 GMT
pragma
no-cache
server
tsa_o
status
302 Found
expires
Tue, 31 Mar 1981 05:00:00 GMT
location
https://platform.twitter.com/jot.html
content-type
text/html;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified
Fri, 16 Jul 2021 21:29:30 GMT
x-transaction
713a7c2706de6799
content-length
0
x-frame-options
SAMEORIGIN
x-xss-protection
0
x-content-type-options
nosniff
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
x-connection-hash
c3502c62accce09c16f028bce1b8391e548ae8f9db41e47db82afee75bf6db7a
access_token
www.reddit.com/api/v1/ 		212 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/v1/access_token
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4e9ef48c83ce614a6d316aabefa0df572c1191ed23f6aa7a01de15d6068c03c5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/
Authorization
Basic RUQxTU5JTkdQMnNib3c6Q3hFei1ocmVhbWo1SzBBNFhRSUNmUDBZZVQ0
Content-Type
application/x-www-form-urlencoded

Response headers

x-ratelimit-used
8
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
212
x-xss-protection
1; mode=block
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Fri, 16 Jul 2021 21:29:31 GMT
x-reddit-loid
0000000000dcgvndrc.2.1626470971481.Z0FBQUFBQmc4Zm83cl8xeW5LbUlzSXZhRFFPZjFrbnpoZFNoZTYzcWNWU2doZUphRnB6azl4RHNFZ0NDeWc0ZEkwaWVXU1MwWkV0STBXZ1JUSUV4NDRUNGd2eUxEaFdhRTBpOVBIalFzNmZBSEhtRjgtLXpqbUxMYkJTaE5DX0NlOFo5ZzFpY2lqYkc
x-ratelimit-remaining
292
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control
max-age=0, must-revalidate
access-control-allow-credentials
false
x-ratelimit-reset
29
accept-ranges
bytes
access-control-allow-headers
Authorization,
access_token
www.reddit.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.reddit.com/api/v1/access_token
Protocol
H2
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
authorization
Origin
http://3.217.106.26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Authorization,
access-control-allow-credentials
false
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ratelimit-remaining
293
x-ratelimit-used
7
x-ratelimit-reset
29
cache-control
max-age=0, must-revalidate
x-moose
majestic
accept-ranges
bytes
date
Fri, 16 Jul 2021 21:29:31 GMT
via
1.1 varnish
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
snooserv
x-clacks-overhead
GNU Terry Pratchett
content-length
0
default
oauth.reddit.com/subreddits/ 		763 KB
151 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oauth.reddit.com/subreddits/default?limit=50&api_type=json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
870854423bf7060b0675de875b1f83a553aa478365f67737670e38a405c19469
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/
Authorization
bearer -6gFFmTwh6RXkPkfK1p26qWgMx-XgiA
Content-Type
application/x-www-form-urlencoded

Response headers

x-ratelimit-used
1
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
accept-encoding
content-length
153785
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Fri, 16 Jul 2021 21:29:33 GMT
x-ratelimit-remaining
299
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
via
1.1 varnish
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
access-control-allow-credentials
false
x-ratelimit-reset
27
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type, X-Reddit-Web-Client,
expires
-1
default
oauth.reddit.com/subreddits/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oauth.reddit.com/subreddits/default?limit=50&api_type=json
Protocol
H2
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
http://3.217.106.26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
access-control-allow-headers
Authorization, Content-Type, X-Reddit-Web-Client,
access-control-allow-credentials
false
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
x-ua-compatible
IE=edge
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
-1
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-moose
majestic
accept-ranges
bytes
date
Fri, 16 Jul 2021 21:29:32 GMT
via
1.1 varnish
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
snooserv
x-clacks-overhead
GNU Terry Pratchett
content-length
0
hot
oauth.reddit.com/ 		652 KB
85 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://oauth.reddit.com/hot?after=&limit=48&t=week&api_type=json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist/Snoocore-browser.min.js?v=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4a55f4f5cb797bc76d790f9f7b86a0b7db2886ac78c51c1e54f638f802ba1873
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/
Authorization
bearer -jcGq0B2-0Bl5ZdT32cHMU8F1BCv3ng
Content-Type
application/x-www-form-urlencoded

Response headers

x-ratelimit-used
1
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
accept-encoding
content-length
85476
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
x-moose
majestic
x-clacks-overhead
GNU Terry Pratchett
server
snooserv
x-frame-options
SAMEORIGIN
date
Fri, 16 Jul 2021 21:29:33 GMT
x-ratelimit-remaining
299
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
via
1.1 varnish
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
access-control-allow-credentials
false
x-ratelimit-reset
28
accept-ranges
bytes
access-control-allow-headers
Authorization, Content-Type, X-Reddit-Web-Client,
expires
-1
hot
oauth.reddit.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://oauth.reddit.com/hot?after=&limit=48&t=week&api_type=json
Protocol
H2
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
http://3.217.106.26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE
access-control-allow-headers
Authorization, Content-Type, X-Reddit-Web-Client,
access-control-allow-credentials
false
access-control-expose-headers
X-Ratelimit-Used, X-Ratelimit-Remaining, X-Ratelimit-Reset, X-Moose
x-ua-compatible
IE=edge
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
expires
-1
cache-control
private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-moose
majestic
accept-ranges
bytes
date
Fri, 16 Jul 2021 21:29:32 GMT
via
1.1 varnish
strict-transport-security
max-age=15552000; includeSubDomains; preload
server
snooserv
x-clacks-overhead
GNU Terry Pratchett
content-length
0
1
native.propellerclick.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://native.propellerclick.com/1?z=2822429&_=1626470969532
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.235 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:31 GMT
x-sc
4KdnrdofxFOHMlcU
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
access-control-expose-headers
X-Sc
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length
7
mB51tv3HrxqBK1ablm0EigquoJXOPmjJoxIhYmWtP9k.jpg
external-preview.redd.it/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/mB51tv3HrxqBK1ablm0EigquoJXOPmjJoxIhYmWtP9k.jpg?auto=webp&s=cbb9ad0009a5c46d08e77539864b63e448c0fc03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d251f23341f27346af586ac49fe6f591030d4872b041fda3a36c8de6c0afdd10

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"oM1mhnScpY8EVWAikKHFP8oZBziq3Npy1RH1N45AxmI"
vary
Accept
fastly-io-info
ifsz=79393 idim=1200x675 ifmt=jpeg ofsz=44360 odim=1200x675 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
44360
6gjowkbgtlb71.png
preview.redd.it/ 		559 KB
559 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/6gjowkbgtlb71.png?auto=webp&s=bd178cdc31ab7ea150d5bb04d53d31f48925a56a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
4c3d64721312826b9d5be4dce960942ff0069a46f9a028eafdd810af324c3a16

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"+/PUiSkDppvoWtWyoODDk23cC57HI2EuXheBTu+Ujvs"
vary
Accept,Origin
fastly-io-info
ifsz=855081 idim=702x1641 ifmt=png ofsz=572394 odim=702x1641 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
572394
expires
Thu, 31 Dec 2037 23:59:59 GMT
xuorntzlljb71.jpg
preview.redd.it/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/xuorntzlljb71.jpg?auto=webp&s=e4c4cd380aec779b140baab29abab73843baf790
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2e54f34647488ce29c8ec148130900e3aaa9f621950800526db868ed6d77ca0b

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"nr/lsUiANrSN+9lTFCYx+u8a+ZaoR8sgl3T+60vyo3c"
vary
Accept,Origin
fastly-io-info
ifsz=92888 idim=1080x559 ifmt=jpeg ofsz=30106 odim=1080x559 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
30106
expires
Thu, 31 Dec 2037 23:59:59 GMT
vb0tcq17ymb71.jpg
preview.redd.it/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/vb0tcq17ymb71.jpg?auto=webp&s=d6b2e27bce69321d3b330913b8d99382d99a0261
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
319657a486f6ddc3bdb57423c165e69c9242ea446af4320cabb5798032148fbf

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"AMpUijjdsDiTDee8/ff0MZwtcRGprx9qp1JAqh2gzxM"
vary
Accept,Origin
fastly-io-info
ifsz=42032 idim=704x335 ifmt=jpeg ofsz=39030 odim=704x335 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
39030
expires
Thu, 31 Dec 2037 23:59:59 GMT
wqopulx3yjb71.jpg
preview.redd.it/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/wqopulx3yjb71.jpg?auto=webp&s=9257b432894b8138edd31023974cfd3d1c3c3e46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
f98f1ea1508c3ed25e01b914703096cd752053e6c7b8e5af25536c7475008faa

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"SiTq+0ZEGF6UoceJyzLHPmMRBXtk8ftLmfZxyqP1cCg"
vary
Accept,Origin
fastly-io-info
ifsz=70101 idim=1892x1080 ifmt=jpeg ofsz=39472 odim=1892x1080 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
39472
expires
Thu, 31 Dec 2037 23:59:59 GMT
5Uyyej-V08dqnKR2yXQv3WUpCszkFd7i7B8b801Jlj4.jpg
external-preview.redd.it/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/5Uyyej-V08dqnKR2yXQv3WUpCszkFd7i7B8b801Jlj4.jpg?auto=webp&s=3aec93097e4d74af4c93649f7cf57e8f83cc5d00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
41219209e2b3aad8325d772defce5e549f6d2caa0c0969ff26a9ba71c0c064fb

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"PeFfkpk3wLrXl7J3HuNANx6bzP3d4pWAEF09p4Jqs4U"
vary
Accept
fastly-io-info
ifsz=79166 idim=885x500 ifmt=jpeg ofsz=49248 odim=885x500 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
49248
05QejIz4m_Cw44SGLZhjGf7_2EOmm285Hs9v9T-ycsA.png
external-preview.redd.it/ 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/05QejIz4m_Cw44SGLZhjGf7_2EOmm285Hs9v9T-ycsA.png?auto=webp&s=ea3e441aea45d05e789f8099fd25175f41c2c076
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
5ed7667cfea8b4dde5f43c9f51dbfba821163c20ed9c58a65ebc9255ed9f0df9

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"uePdA7AwvQjULvrkojm1jytZXTPhdb/qYGk6p3jRCYE"
vary
Accept
fastly-io-info
ifsz=149251 idim=427x208 ifmt=png ofsz=50652 odim=427x208 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
50652
dZbvE6VCdsP8fLh06YCdmE65X8oFf-q3WP50IDeoHsA.jpg
external-preview.redd.it/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/dZbvE6VCdsP8fLh06YCdmE65X8oFf-q3WP50IDeoHsA.jpg?auto=webp&s=b4e7ae45d3c992658f6bddd432ec86e49a6e063d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
24ca1b944231a73f608e4f421990d54a817c585a893eaed4f2ab00d5240846f1

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"eY3Xj/rJcanCdKTeOQu4xzYDgxeUqJUX1e+pbNq77P8"
vary
Accept
fastly-io-info
ifsz=63759 idim=1200x630 ifmt=jpeg ofsz=36480 odim=1200x630 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
36480
jxg28kcgujb71.jpg
preview.redd.it/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/jxg28kcgujb71.jpg?auto=webp&s=fe9b0f1816eb2269dd94fdf9874c1b80dc92fe3d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
10a353dd9da521ae840d8118ac85fdb9a1cafc414349d907038732b1f1d16c84

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"z9Et/fVQb2dCmqP5M8Orzlq6BJ5qMB/QLBVzGzcB8ow"
vary
Accept,Origin
fastly-io-info
ifsz=76842 idim=1080x1080 ifmt=jpeg ofsz=82308 odim=1080x1080 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
82308
expires
Thu, 31 Dec 2037 23:59:59 GMT
wk29lqy61jb71.png
preview.redd.it/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/wk29lqy61jb71.png?auto=webp&s=4cd51b367db3fe5a2fd746195a5a91c891d741d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8b7beb51d6c6c18983d9feb2b7fc4822b422607ed24bd6877f0b6fe6813efafe

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"1C4eSrOCVgqHq/eb4JDXbujUvkOeFOb9Eh2kbPNi7ms"
vary
Accept,Origin
fastly-io-info
ifsz=177546 idim=539x178 ifmt=png ofsz=126966 odim=539x178 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
126966
expires
Thu, 31 Dec 2037 23:59:59 GMT
npy6y5anu1331.jpg
preview.redd.it/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/npy6y5anu1331.jpg?auto=webp&s=f7d3aeb2379db3aa480eabdab60f5bc47d2a6ad3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
702b3b4866f80ad1c5fe9a01d2518287af7d41a92a782c7ecdde284bb8e08b50

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"eP61PVB/6P3X7PfEXlMyoh6YWB5HKXGNN6yyOpH71dU"
vary
Accept,Origin
fastly-io-info
ifsz=94280 idim=1242x1438 ifmt=jpeg ofsz=62996 odim=1242x1438 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
62996
expires
Thu, 31 Dec 2037 23:59:59 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
%7B%7Bpost%20%7C%20rpMediaGetImageUrlFilter%7D%7D
3.217.106.26/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://3.217.106.26/%7B%7Bpost%20%7C%20rpMediaGetImageUrlFilter%7D%7D
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:34 GMT
Content-Encoding
gzip
ETag
W/"15db-AP0aTDNyqWUNotnZY/AnM0N6VXk"
X-Powered-By
Express
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
S35fzJxb7Zo4hv4hymrAN0D7HaFnuZRtzr_AgYiXBDY.png
external-preview.redd.it/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/S35fzJxb7Zo4hv4hymrAN0D7HaFnuZRtzr_AgYiXBDY.png?format=pjpg&auto=webp&s=a2db8d29eaa25896be2ff392aa2cea2fb4de102e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
6fa906481c0aefb15d587f0a9a66c97315ea43008d43bda3ee0f182ffd5afd9d

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"rIAeL5abGhnV1/L1pJgVt8pj4kMDvJtjL6ebsQ3G7u0"
vary
Accept
fastly-io-info
ifsz=207985 idim=576x1024 ifmt=png ofsz=46384 odim=576x1024 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
46384
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
elasticaggressivedamselfly
api.gfycat.com/v1test/gfycats/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.gfycat.com/v1test/gfycats/elasticaggressivedamselfly
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.197.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-197-196.compute-1.amazonaws.com
Software
/
Resource Hash
6181f503b00c38caf04a5d5c327b6265e631de41b993164451406f3315d79316

Request headers

Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:35 GMT
Content-Encoding
gzip
X-Cache-SRCache
MISS
X-Cache-Status
MISS
Access-Control-Allow-Methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
990
8r1igp-RC6WGl0Qxg7yapV5mtXJB4_scQODu6T_9bHU.png
external-preview.redd.it/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/8r1igp-RC6WGl0Qxg7yapV5mtXJB4_scQODu6T_9bHU.png?format=pjpg&auto=webp&s=120a84db3731336d62d1d4f42e37562333e75e44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
9d2578d7772d1cf3c09d5935e19eee3e6fe2689c20ed5ffb5bae079532b0a009

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:34 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"yMYq82wSYyDhmeOueu1NkvanA8E1xvnjK0s1tZOouro"
vary
Accept
fastly-io-info
ifsz=149788 idim=410x360 ifmt=png ofsz=13490 odim=410x360 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
13490
5y6thv6h9mb71.png
preview.redd.it/ 		369 KB
370 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/5y6thv6h9mb71.png?auto=webp&s=1c40be60390ee01c0053f2c83c671e2a5cade2e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
ca6d2b34646eaf689d20cc314a2f0a18942442bfc1a87992215baee794190eb8

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"E67INAk61Mkps0FwfIC2y+xezStmVzICBNUdCRFH+E8"
vary
Accept,Origin
fastly-io-info
ifsz=622379 idim=1382x1956 ifmt=png ofsz=378364 odim=1382x1956 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
378364
expires
Thu, 31 Dec 2037 23:59:59 GMT
m3xt7styiib71.jpg
preview.redd.it/ 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/m3xt7styiib71.jpg?auto=webp&s=9c11d23709a217ecc05e01b2f856a3303dd61efe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
a382a304d25d78900e36047f07051e7e27697b4d78493fa014eb2ce97a7961d6

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"31/16wsIp9hr5bP3DnG1N0DFs5fxfg0aQbfJYhSRagE"
vary
Accept,Origin
fastly-io-info
ifsz=576847 idim=1622x2728 ifmt=jpeg ofsz=504358 odim=1622x2728 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
504358
expires
Thu, 31 Dec 2037 23:59:59 GMT
qk87tc1nslb71.jpg
preview.redd.it/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/qk87tc1nslb71.jpg?auto=webp&s=5a0faa6ad415677ed50ea7754ffda05ba6010073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
41748d9a8867807c2e291a157292f5883faf63d3a93a23ccc44fa967ddeea7f9

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"wxx1Pr2oySdRoChaUPfCX2zvixpDK8J+4592qrKn/Qo"
vary
Accept,Origin
fastly-io-info
ifsz=67765 idim=860x500 ifmt=jpeg ofsz=49944 odim=860x500 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
49944
expires
Thu, 31 Dec 2037 23:59:59 GMT
euamaw2kgib71.jpg
preview.redd.it/ 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/euamaw2kgib71.jpg?auto=webp&s=f46d282d0749d69bdb9200e3a166d4e5a0b996a5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d24b988f0f3359cedc77ff0c7e06a474049cea9db70be226b778e731a8f7463b

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"bUXP893yf0u5+wCUkGmUR8qYoKieW5/axJ7dm+p7QPc"
vary
Accept,Origin
fastly-io-info
ifsz=126291 idim=1024x1001 ifmt=jpeg ofsz=112568 odim=1024x1001 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
112568
expires
Thu, 31 Dec 2037 23:59:59 GMT
ElasticAggressiveDamselfly-poster.jpg
thumbs.gfycat.com/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbs.gfycat.com/ElasticAggressiveDamselfly-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:1:cde5:7345:88c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31e2bec53a0e020bc0f78e9d2f541b6193f84994a697b83e92fecd6deaa3969d

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 17:14:35 GMT
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified
Fri, 16 Jul 2021 16:48:07 GMT
server
AmazonS3
age
15301
etag
"dc0e8991a2c011592439e6ac2f8e274b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=946707779, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
16826
x-amz-cf-id
e06poOv78VMHYzPk8RCNRG81ECKAh27fD6Og3OgDZ8f4lrh8XdiG7g==
48chq3tbrlb71.jpg
preview.redd.it/ 		96 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/48chq3tbrlb71.jpg?auto=webp&s=1f17efe863c70460c698379e3237fc044d60d197
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
7a0e1b88556cec6b389c48566b5f1e8c6e53c07f95dcf4f2cf70e98a09011cf8

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"HN0cFDKwsmv8ehgzlB1tK8DfUB+O6SLhib7kF+fWiJg"
vary
Accept,Origin
fastly-io-info
ifsz=120567 idim=1170x1124 ifmt=jpeg ofsz=98290 odim=1170x1124 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
98290
expires
Thu, 31 Dec 2037 23:59:59 GMT
YN1v-hx84mA-v-FH3jJ6SrOu5dbSSSndWEI64dcRw0U.png
external-preview.redd.it/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/YN1v-hx84mA-v-FH3jJ6SrOu5dbSSSndWEI64dcRw0U.png?format=pjpg&auto=webp&s=1bcd4ab5c1f40e6d3fdcaea27940313a52d1a400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
25f29e8d072c9a775f26f602dc06816bd66168c5a32d46c6a3b8026c3fefb97b

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"2aFSYDvEhxdHl+EWE9xRuBwmsqsQ6ZrhF1I0Y9HGwlY"
vary
Accept
fastly-io-info
ifsz=680759 idim=1024x576 ifmt=png ofsz=56238 odim=1024x576 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
56238
4uv75RfdkWs83iaVp5_Dj74c7OPoYXTUyegeHyBSD_w.jpg
external-preview.redd.it/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/4uv75RfdkWs83iaVp5_Dj74c7OPoYXTUyegeHyBSD_w.jpg?auto=webp&s=280e0b217c4b52c063eefabb92e49febab0c9b01
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
989ab53ab9f5256fcd6a4ac295acc91c05db036ffce1571d04ba2d11b47b394f

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"IRI2fnMmK+Hm5q+vMqNUAodPhnzuwUpBAmetLKWdpk4"
vary
Accept
fastly-io-info
ifsz=92031 idim=1280x720 ifmt=jpeg ofsz=78226 odim=1280x720 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
78226
7dvkw3dn4mb71.jpg
preview.redd.it/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/7dvkw3dn4mb71.jpg?auto=webp&s=747cdf7cf0091abc64e0af35ccfd0afc431099c4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
a330f02edd5c39996065f70776f52873bf47a46840a683694ba9ae0f6df349c8

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"rlIt5FRsEm91nRiVTlALC5MWX+3aw4kmNqMVtnvpBcg"
vary
Accept,Origin
fastly-io-info
ifsz=72781 idim=1170x652 ifmt=jpeg ofsz=64214 odim=1170x652 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
64214
expires
Thu, 31 Dec 2037 23:59:59 GMT
myeK2KesGe9AojkOTqmkS34l89XE-0I-2HW4bwrEs6Q.jpg
external-preview.redd.it/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/myeK2KesGe9AojkOTqmkS34l89XE-0I-2HW4bwrEs6Q.jpg?auto=webp&s=107dddeb31faeaa3fc755b5dade956f854298d6c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
db7e1b3db6d0c7b27a619c7c71f04a872a431619bca583f65a3af04bcea49b86

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"gxVEfi2aWWwfRAJIlnqqkhdt6wYWl+uiWJlH/wQbaF0"
vary
Accept
fastly-io-info
ifsz=64891 idim=704x396 ifmt=jpeg ofsz=62450 odim=704x396 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
62450
bossywealthyangora
api.gfycat.com/v1test/gfycats/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.gfycat.com/v1test/gfycats/bossywealthyangora
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.197.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-197-196.compute-1.amazonaws.com
Software
/
Resource Hash
982baaba5fe227b0ce91cbdd83dba27c91d1f2c1cccd63a01a6923ada47aed43

Request headers

Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:35 GMT
Content-Encoding
gzip
X-Cache-SRCache
MISS
X-Cache-Status
STALE
Access-Control-Allow-Methods
GET,OPTIONS,POST,PUT,PATCH,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
868
m3xt7styiib71.jpg
preview.redd.it/ 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/m3xt7styiib71.jpg?auto=webp&s=9c11d23709a217ecc05e01b2f856a3303dd61efe
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
a382a304d25d78900e36047f07051e7e27697b4d78493fa014eb2ce97a7961d6

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"31/16wsIp9hr5bP3DnG1N0DFs5fxfg0aQbfJYhSRagE"
vary
Accept,Origin
fastly-io-info
ifsz=576847 idim=1622x2728 ifmt=jpeg ofsz=504358 odim=1622x2728 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
504358
expires
Thu, 31 Dec 2037 23:59:59 GMT
ZMVZaTxNPx5FxrM57KQlyGdGzQFeymvdiAm3yYD7lS8.png
external-preview.redd.it/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/ZMVZaTxNPx5FxrM57KQlyGdGzQFeymvdiAm3yYD7lS8.png?auto=webp&s=0ee1f4dce02065235c7a825cb7af808821ff9ceb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
401f89c7660cc05e976cd371596225c4fc364eea6d6834ad4b15acea9844a397

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"NE11l8/8kwOkdexmzsiL/D9Vy/zHBsYOw5mCWijrV70"
vary
Accept
fastly-io-info
ifsz=425828 idim=540x960 ifmt=png ofsz=259214 odim=540x960 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
259214
BossyWealthyAngora-poster.jpg
thumbs.gfycat.com/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumbs.gfycat.com/BossyWealthyAngora-poster.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:1:cde5:7345:88c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f394b63bb368ea1a731e7017d7eb3b3e642c3df8ef50a29dc5cb34fdf58cfc2

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 16:20:44 GMT
via
1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified
Fri, 16 Jul 2021 15:59:35 GMT
server
AmazonS3
age
18532
etag
"5010bb496d82694cb145c4698c5667f4"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=946707779, public
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
51440
x-amz-cf-id
QuBQ_XX-F6CMvgLVGgASm7oLXDLzLx7stEU7RBFJo7v6Jf1MCFWZmg==
tst3x0tv7lb71.jpg
preview.redd.it/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/tst3x0tv7lb71.jpg?auto=webp&s=ea974e7f6f0143a8c52ec711b92914f9817c392b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
3463872d20ca5f7258d25ead3ddd9d1cc051b170f9a9e40518c70cd4885d8c1e

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"a3gwLaZAJaydW930ZRDTivgYt+6mma12DYdpM9N89TA"
vary
Accept,Origin
fastly-io-info
ifsz=63125 idim=1125x1907 ifmt=jpeg ofsz=42070 odim=1125x1907 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
42070
expires
Thu, 31 Dec 2037 23:59:59 GMT
P7CihGAkXn_H3tSN5XKEJKFKYI__hOmUCHudWHke8EM.jpg
external-preview.redd.it/ 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/P7CihGAkXn_H3tSN5XKEJKFKYI__hOmUCHudWHke8EM.jpg?auto=webp&s=46711b88f927d0897ebd20d39aaba825653a6f6c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8a82fe123682e941928b409e294a4995a20208035335a3d4e82df900496bd401

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"wMxVcXdsnaJdeuqp1enMpLH938dG93vdvKF1fMUsGK8"
vary
Accept
fastly-io-info
ifsz=203880 idim=1200x630 ifmt=jpeg ofsz=195912 odim=1200x630 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
195912
ne3b5n0z7kb71.png
preview.redd.it/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/ne3b5n0z7kb71.png?auto=webp&s=91a245c30b0425ed162b4cecb35666cd61126eda
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
b62f8a801443328e75e242087d01031a371ae57062688ba0a38aad6ed0cc30fa

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:35 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"NG+WnEywqD6zWfzxfg2teOIqMl7WDk1Y8WmHUJA10LA"
vary
Accept,Origin
fastly-io-info
ifsz=20455 idim=508x397 ifmt=png ofsz=9830 odim=508x397 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
9830
expires
Thu, 31 Dec 2037 23:59:59 GMT
zc-dCNnXnhDMSQFgfR7OqxLyl84atA3dGw6iYUbYxH0.jpg
external-preview.redd.it/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/zc-dCNnXnhDMSQFgfR7OqxLyl84atA3dGw6iYUbYxH0.jpg?auto=webp&s=7529a691d900299608d19e5f04a6fd68c01b2df9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
7a48621ebf1f0728897d493b017d813d31a28d0e93a822dee76bd2fa1027d011

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"6T0vwpRSnzVOwcdCT0l4Bshf/FgWl6PTKJinvBRSc5A"
vary
Accept
fastly-io-info
ifsz=83925 idim=720x540 ifmt=jpeg ofsz=69746 odim=720x540 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
69746
9CgjMhXdGjMyno2bDN1Ccw1x9tleAw2QI1yOPifhwYo.png
external-preview.redd.it/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/9CgjMhXdGjMyno2bDN1Ccw1x9tleAw2QI1yOPifhwYo.png?format=pjpg&auto=webp&s=2c469b41973778e9f5ed2253fa2a4954c0618b03
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
f9cf3188e3f059cbe7ee0372832c1e315f626ca8eeef02bdc4d2407241122d2a

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"47bFzbq3TnDJ3n/029OFqj/5AlMNCBk+Q8n2EL0fS28"
vary
Accept
fastly-io-info
ifsz=246962 idim=640x640 ifmt=png ofsz=36252 odim=640x640 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
36252
cskxxppclmb71.jpg
preview.redd.it/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/cskxxppclmb71.jpg?auto=webp&s=e851f49554c8491423089cb88017f0c872dd54fc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8d66dc120ff01494d125bfc7280be9346d13033b53a10bc65380f721840b3ce6

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"QVQvtwNHu9w5pbhn6e70PIsleYS1uGHdL7H0Qx8vV+U"
vary
Accept,Origin
fastly-io-info
ifsz=29421 idim=480x480 ifmt=jpeg ofsz=37690 odim=480x480 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
37690
expires
Thu, 31 Dec 2037 23:59:59 GMT
GdgsJNpX-87NpoNa_p6IQ8TAleAYWegGiHiotNexYzA.jpg
external-preview.redd.it/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/GdgsJNpX-87NpoNa_p6IQ8TAleAYWegGiHiotNexYzA.jpg?auto=webp&s=80b90eb308d4276a5e2e91a1e5bdd5601006f4ca
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
2757dcb1f6812d4af36196fad69fa76823f4526223939c36c33a9cdb109abf7c

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"fluoMqJVGYzhloEKAkODp6XWCBWv95z8rQdOLOD2OM4"
vary
Accept
fastly-io-info
ifsz=66163 idim=1200x629 ifmt=jpeg ofsz=48432 odim=1200x629 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
48432
eo2lqzbutlb71.jpg
preview.redd.it/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/eo2lqzbutlb71.jpg?auto=webp&s=3b0c38a306c488dbab0e15730e07ea62a1a06cc9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
8019b5a624938f82619b29de95e433ca8ea2f6fead01d9d6a0f2c722d3dfae3e

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"xjgmWY99pkiNUHG4Eow/4fIj2Wbklv6rqjSuyoDib9g"
vary
Accept,Origin
fastly-io-info
ifsz=372610 idim=834x922 ifmt=jpeg ofsz=165026 odim=834x922 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
165026
expires
Thu, 31 Dec 2037 23:59:59 GMT
u5G-7JkOVo0sSJL8BMzKWMgHFM3PQ83rjg4DrmHYOoM.png
external-preview.redd.it/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://external-preview.redd.it/u5G-7JkOVo0sSJL8BMzKWMgHFM3PQ83rjg4DrmHYOoM.png?format=pjpg&auto=webp&s=f5b69c62561fec1bc7259e588e02d7c3444fa5e8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
b0fc722a099a2f6712c6c86f3298b8343bb4c4860fb5c2c2124825f04c33b440

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"WMQCCLlQfDEseGP/ozxX/nP2nTxb0aKEWzGQ/VNtQ+8"
vary
Accept
fastly-io-info
ifsz=538039 idim=988x720 ifmt=png ofsz=37766 odim=988x720 ofmt=webp
cache-control
public, max-age=604800
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
37766
1416031164100489231
3.217.106.26/api/twitter/status/ 		810 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://3.217.106.26/api/twitter/status/1416031164100489231
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Server
3.217.106.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-106-26.compute-1.amazonaws.com
Software
/ Express
Resource Hash
1e04e0a92cc8a50b4e49a1c25b36542ee9bca6a7af23f9857efb16a4c81997c0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
3.217.106.26
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
Cookie
_ga=GA1.1.1859763483.1626470970; _gid=GA1.1.119362711.1626470970; _gat_gtag_UA_63873786_1=1
Connection
keep-alive
Cache-Control
no-cache
Accept
application/json, text/plain, */*
Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Connection
keep-alive
X-Powered-By
Express
ETag
W/"32a-DrVu8xhr7VqeulUNta4bt2y3wYI"
Content-Length
810
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
rz6sk8fvqib71.png
preview.redd.it/ 		626 KB
626 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://preview.redd.it/rz6sk8fvqib71.png?auto=webp&s=bbedf3783403083b2185eec96315eec3c27debbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.140 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
454e8d92092cd4c76d35538667f1189358c95b0ef54523568d47768f2dfc5fee

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
via
1.1 varnish, 1.1 varnish
server
snooserv
etag
"KTg8rG9zgWcZmNK6/3ExEZ2VdAX44SkpPiI8BbwirvA"
vary
Accept,Origin
fastly-io-info
ifsz=1018592 idim=986x982 ifmt=png ofsz=640696 odim=986x982 ofmt=webp
fastly-stats
io=1
accept-ranges
bytes
content-type
image/webp
content-length
640696
expires
Thu, 31 Dec 2037 23:59:59 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?_=1626470969533
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/668B)
Age
435
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.2bd42981e3af03ce9186a5655508da28.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38

Request headers

Referer
http://3.217.106.26/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:56:41 GMT
Server
ECS (frb/669E)
Age
348614
Etag
"43544c32afe87494042045e40e7b3213+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2436
Tweet.html
platform.twitter.com/embed/ Frame 3507 		487 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668B) /
Resource Hash
c1e1b14a3f3e54a42db1eebf9bc6e8c9bcb4c84db8d0718c34cd2939b66db3df

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://3.217.106.26/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://3.217.106.26/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
786
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Fri, 16 Jul 2021 21:29:36 GMT
Etag
"9499152ee1cc90f29736540537706c94"
Last-Modified
Mon, 12 Jul 2021 20:35:14 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/668B)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
embed.runtime.d9280ec0b285102d53f4.js
platform.twitter.com/embed/ Frame 3507 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
e3624d84d52ff6a3de2486c46e8da313233b427f98949457e9260fdce7840042

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:05 GMT
Server
ECS (frb/6724)
Age
348614
Etag
"4008b4ce41a2dfdf20cdb96586d1d9b0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
3515
embed.modules.b77b7cad63a09dd863a4.js
platform.twitter.com/embed/ Frame 3507 		501 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.b77b7cad63a09dd863a4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
ce2c83aa57d73b90ff0266ebe6d8631a0a090a0406e1108a36056a28b7128a61

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:14 GMT
Server
ECS (frb/67E2)
Age
348614
Etag
"835a67b4167ec7940920d0e1f512c7f5+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
163558
embed.i18n.c12629618c7555761d5d.js
platform.twitter.com/embed/ Frame 3507 		146 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.c12629618c7555761d5d.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
bcce16468496437c5089ea25ac4a21df4b96043deb2220bda588d72283991fff

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Access-Control-Allow-Methods
GET
Last-Modified
Mon, 12 Jul 2021 20:35:06 GMT
Server
ECS (frb/67BE)
Age
348614
Etag
"5f4a09fa71bda22516384aa36d71d94d"
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
Content-Length
146
embed.Tweet.112f82b95de83a12e01c.js
platform.twitter.com/embed/ Frame 3507 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.112f82b95de83a12e01c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674B) /
Resource Hash
218e05d485c264de86e6458d2ccf256d5e3e214b7a95639d9341b412f32eb51e

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:05 GMT
Server
ECS (frb/674B)
Age
348614
Etag
"d18735ea2012260a37f89d55214ea437+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5568
embed.vendors~ondemand.horizon-web.en-js.da67c80b15a261987832.js
platform.twitter.com/embed/ Frame 3507 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.horizon-web.en-js.da67c80b15a261987832.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67F2) /
Resource Hash
c84737ed98fba5d40474804773fa4a889faad2a9f5a7f049c1d850494e9b5f39

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:06 GMT
Server
ECS (frb/67F2)
Age
348614
Etag
"633742842407ac7dad3d420012727391+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7050
embed.ondemand.i18n.en-js.b4b5f7fe932f900b7057.js
platform.twitter.com/embed/ Frame 3507 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.b4b5f7fe932f900b7057.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6763) /
Resource Hash
7b612ff529725ae692fe908ca7abab4d85d2cf65d40a0490185df84bc1bf5654

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:04 GMT
Server
ECS (frb/6763)
Age
348614
Etag
"e2a8baad532925d1d8cb8923f885aba8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
1545
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.22ed862f34c8c98fa79c.js
platform.twitter.com/embed/ Frame 3507 		118 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.22ed862f34c8c98fa79c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67E2) /
Resource Hash
404c99a291c53119a6bc17d791918a0c258daa0b2ff5740d8387da180085cc35

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:07 GMT
Server
ECS (frb/67E2)
Age
348614
Etag
"5f5c2203dc3e7463e8048cccdc25073d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
31959
embed.vendors~ondemand.Tweet.1ff8a181d909c06588bc.js
platform.twitter.com/embed/ Frame 3507 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.1ff8a181d909c06588bc.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6738) /
Resource Hash
de6bfdf9ff0a2da5cf6e7f959ff0298d69a2eba4d4fafc5a457dd9513e2147b6

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:04 GMT
Server
ECS (frb/6738)
Age
348614
Etag
"4e87c3299d0f183ececc85b416a98a5d+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
5753
embed.ondemand.Tweet.21bc304e285cf4685051.js
platform.twitter.com/embed/ Frame 3507 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.21bc304e285cf4685051.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
52dd9255bbfc1067f03f2b5fd55c6145395ef01f7595b3c03e62ba9b62bce970

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:06 GMT
Server
ECS (frb/67AA)
Age
348614
Etag
"bc65dd97130b49bcc298b3fd7285c31f+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
14504
tweet
cdn.syndication.twimg.com/ Frame 3507 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte&id=1416031164100489231&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.b77b7cad63a09dd863a4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) / Express
Resource Hash
1b0fd697501ad87c40e879e1c66f57f4618597016e7ca0bae6b5e57d341883c6
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"fcf-QEgOl6ipSCDXDzn0cZahQ9i2Nlw"
age
48
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
strict-transport-security
max-age=631138519
content-length
995
x-xss-protection
0
last-modified
Fri, 16 Jul 2021 21:28:48 GMT
server
ECS (frb/67BA)
x-frame-options
SAMEORIGIN
date
Fri, 16 Jul 2021 21:29:36 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
98666317793cefe5594ee83d4bc69c57bf8755d153f8df21fc9cf78361245cf6
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
embed.vendors~ondemand.Card~ondemand.TimelineList~ondemand.TimelineProfile.63bb1cb588893e4a9783.js
platform.twitter.com/embed/ Frame 3507 		175 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Card~ondemand.TimelineList~ondemand.TimelineProfile.63bb1cb588893e4a9783.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67A7) /
Resource Hash
36732efb15d64616906a5d0d97379ac49ba1030f01fae8223e4e08fbf795acf3

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:06 GMT
Server
ECS (frb/67A7)
Age
348614
Etag
"6f264514218c261a1b2b95bbd70644f8+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
39425
embed.ondemand.Card.004e551143cc00ed5827.js
platform.twitter.com/embed/ Frame 3507 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Card.004e551143cc00ed5827.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.d9280ec0b285102d53f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67C2) /
Resource Hash
7b96e86e01f7da0724ab38fb584873d952464bb0e5d4ea08d8001ac913ed540f

Request headers

Referer
https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Jul 2021 21:29:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 20:35:05 GMT
Server
ECS (frb/67C2)
Age
348614
Etag
"2b2e1a7522d0e5ed71fa330aa0dd7884+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
953
jot
syndication.twitter.com/i/ Frame 3507 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1626470976812%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22http%3A%2F%2F3.217.106.26%2F%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d61acad%3A1625878599986%22%2C%22item_ids%22%3A%5B%221416031164100489231%22%5D%2C%22item_details%22%3A%7B%221416031164100489231%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 16 Jul 2021 21:29:36 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c3502c62accce09c16f028bce1b8391e548ae8f9db41e47db82afee75bf6db7a
x-transaction
30613d2d7f62229f
expires
Tue, 31 Mar 1981 05:00:00 GMT
XREI_Pm8_normal.jpg
pbs.twimg.com/profile_images/1093899706231447552/ Frame 3507 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1093899706231447552/XREI_Pm8_normal.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6776) /
Resource Hash
5b7a20d41ecceff36343375f2ea560a1f92c6c9e52a1514b47c42f1c7ef82488
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
x-content-type-options
nosniff
age
215133
x-cache
HIT
content-length
2491
surrogate-key
profile_images profile_images/bucket/7 profile_images/1093899706231447552
last-modified
Fri, 08 Feb 2019 15:47:48 GMT
server
ECS (frb/6776)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a959a484c34c9bc425d0fc0431f4d648789893fd4b81d149228efd1536255c7c
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
HlUoRt1P
pbs.twimg.com/card_img/1416030881064660993/ Frame 3507 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1416030881064660993/HlUoRt1P?format=jpg&name=small
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=false&embedId=twitter-widget-2&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfX0%3D&frame=false&hideCard=false&hideThread=false&id=1416031164100489231&lang=en&origin=http%3A%2F%2F3.217.106.26%2F%2F&sessionId=75fece8f6ff9ea4460d5097aca3a8608f0b4cdb5&theme=light&widgetsVersion=82e1070%3A1619632193066&width=550px
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67DF) /
Resource Hash
d5f789cf50f49aec9f77a74f53b5c2cf904629f22f51afb232060b02426753ee
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:36 GMT
x-content-type-options
nosniff
age
27861
x-cache
HIT
content-length
27266
surrogate-key
card_img card_img/bucket/9 card_img/1416030881064660993
last-modified
Fri, 16 Jul 2021 13:42:05 GMT
server
ECS (frb/67DF)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a41590d3b23ef22243b286b01bd154411fa3bd6a186cb277f0126478ca49d87a
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
jot
syndication.twitter.com/i/ Frame 3507 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1626470977022%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%2282e1070%3A1619632193066%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-2%22%2C%22widget_origin%22%3A%22http%3A%2F%2F3.217.106.26%2F%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22d61acad%3A1625878599986%22%2C%22item_ids%22%3A%5B%221416031164100489231%22%5D%2C%22item_details%22%3A%7B%221416031164100489231%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A387.0999984741211%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Jul 2021 21:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Fri, 16 Jul 2021 21:29:37 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c3502c62accce09c16f028bce1b8391e548ae8f9db41e47db82afee75bf6db7a
x-transaction
315f29836d7c16d3
expires
Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| rpApp function| _typeof function| _toConsumableArray function| $ function| jQuery object| angular function| browserTrigger function| mediaCheck object| returnExports function| moment object| ngMaterial object| dashjs function| Snoocore object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| gtag object| dataLayer boolean| prerenderReady object| twttr object| atOptions object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_data string| GoogleAnalyticsObject function| ga object| FB object| __twttrll object| __twttr object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests object| _0xa500 function| _c object| d string| k

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
3.217.106.26/ Name: _gat_gtag_UA_63873786_1
Value: 1
3.217.106.26/ Name: _gid
Value: GA1.1.119362711.1626470970
3.217.106.26/ Name: _ga
Value: GA1.1.1859763483.1626470970

2 Console Messages

Source Level URL
Text
console-api error URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31(Line 1)
Message:
TypeError: Cannot set property 'src' of null
console-api error URL: https://cdn.jsdelivr.net/gh/jalalalbasri/reddup_dist@latest/spells.min.js?v=31(Line 1)
Message:
TypeError: Cannot set property 'src' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.gfycat.com
cdn.jsdelivr.net
cdn.syndication.twimg.com
connect.facebook.net
external-preview.redd.it
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
native.propellerclick.com
oauth.reddit.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
platform.twitter.com
preview.redd.it
stats.g.doubleclick.net
syndication.twitter.com
thumbs.gfycat.com
tpc.googlesyndication.com
www.bcloudhost.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.reddit.com
www.youtube.com
104.244.42.72
139.45.197.235
151.101.13.140
172.217.23.98
2600:9000:2190:8c00:1:cde5:7345:88c1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::200a
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9d
2a02:b48:2b::7677:1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
3.217.106.26
52.207.197.196
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
054ce084af467cd9603854610351bca950d448cc0a40c1c81872859994cce489
08ce6314218655a867cb37b0a4c571bfcb7bec493ff77f984e41f5125355eb7a
0bdc6bc8aa2b1a2c4b103efe981e323ce88c032bc85b2d24804e47215e022bac
10a353dd9da521ae840d8118ac85fdb9a1cafc414349d907038732b1f1d16c84
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1b0fd697501ad87c40e879e1c66f57f4618597016e7ca0bae6b5e57d341883c6
1e04e0a92cc8a50b4e49a1c25b36542ee9bca6a7af23f9857efb16a4c81997c0
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
218e05d485c264de86e6458d2ccf256d5e3e214b7a95639d9341b412f32eb51e
24ca1b944231a73f608e4f421990d54a817c585a893eaed4f2ab00d5240846f1
25f29e8d072c9a775f26f602dc06816bd66168c5a32d46c6a3b8026c3fefb97b
263627ec362c25037d69022de008fad33cf85ec7267604a5ae5c8e6fe4ad9e38
26bb78ea1e4c6b1bc3159c83cd1702729e4e4b4e6c2266d5d5c1948b71ed9dc6
2757dcb1f6812d4af36196fad69fa76823f4526223939c36c33a9cdb109abf7c
2aad1dea74398906714d858498fcf050795f15a08fac55ce829a107393b5cfa6
2e54f34647488ce29c8ec148130900e3aaa9f621950800526db868ed6d77ca0b
2f394b63bb368ea1a731e7017d7eb3b3e642c3df8ef50a29dc5cb34fdf58cfc2
319657a486f6ddc3bdb57423c165e69c9242ea446af4320cabb5798032148fbf
31e2bec53a0e020bc0f78e9d2f541b6193f84994a697b83e92fecd6deaa3969d
3463872d20ca5f7258d25ead3ddd9d1cc051b170f9a9e40518c70cd4885d8c1e
36732efb15d64616906a5d0d97379ac49ba1030f01fae8223e4e08fbf795acf3
401f89c7660cc05e976cd371596225c4fc364eea6d6834ad4b15acea9844a397
404c99a291c53119a6bc17d791918a0c258daa0b2ff5740d8387da180085cc35
41219209e2b3aad8325d772defce5e549f6d2caa0c0969ff26a9ba71c0c064fb
415afc12cef02264dab61ba05de6b9eabb4146c0b4fedfbd160a1fb379f895d0
41748d9a8867807c2e291a157292f5883faf63d3a93a23ccc44fa967ddeea7f9
43952cfb94c49e59f43f2ff0b7addd89271bced728d177f1efc77b153cfaaeca
454e8d92092cd4c76d35538667f1189358c95b0ef54523568d47768f2dfc5fee
48c4e9a045b53a3b401198fa21daa873b4f2f7cb751a7acd6c46425328ef0fa6
4a55f4f5cb797bc76d790f9f7b86a0b7db2886ac78c51c1e54f638f802ba1873
4b2cfd6378ce143c43148a5e0a8da3d6b2461ce7ff484dfbffe017224c81626d
4c3d64721312826b9d5be4dce960942ff0069a46f9a028eafdd810af324c3a16
4e9ef48c83ce614a6d316aabefa0df572c1191ed23f6aa7a01de15d6068c03c5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
52dd9255bbfc1067f03f2b5fd55c6145395ef01f7595b3c03e62ba9b62bce970
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b7a20d41ecceff36343375f2ea560a1f92c6c9e52a1514b47c42f1c7ef82488
5d57e062b6875f05d511767519678fa3e339ae184a2381537d4e12e902c64de0
5ed7667cfea8b4dde5f43c9f51dbfba821163c20ed9c58a65ebc9255ed9f0df9
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6181f503b00c38caf04a5d5c327b6265e631de41b993164451406f3315d79316
61ca2bda3fbe9807c67bf0dba06b622fe64545ec6199be79e6cb0e1e12dfd982
685e5be48bfd4c092c780db5966927f222a9f433036c59b5ebbb23a20c936f82
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c49a7ed282e5e61f720bbf731a9e1a960d421f04209db34937ed466aa608725
6fa906481c0aefb15d587f0a9a66c97315ea43008d43bda3ee0f182ffd5afd9d
702b3b4866f80ad1c5fe9a01d2518287af7d41a92a782c7ecdde284bb8e08b50
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
778af31d1f99e545cfbcf7b160e16ec44de41a91a53e815b27c33be82e5b7c9f
7a0e1b88556cec6b389c48566b5f1e8c6e53c07f95dcf4f2cf70e98a09011cf8
7a48621ebf1f0728897d493b017d813d31a28d0e93a822dee76bd2fa1027d011
7b612ff529725ae692fe908ca7abab4d85d2cf65d40a0490185df84bc1bf5654
7b96e86e01f7da0724ab38fb584873d952464bb0e5d4ea08d8001ac913ed540f
7ba6f9e210aefeb05ba0a3c0d71f8ae3d6156cf2f6fbaed816362de62b48cba7
7faaf7d35aa2be9c1eafb2bfe4a08f9c8fe3018efe56d8bf0ef47c253c7c7a8e
8019b5a624938f82619b29de95e433ca8ea2f6fead01d9d6a0f2c722d3dfae3e
870854423bf7060b0675de875b1f83a553aa478365f67737670e38a405c19469
8a82fe123682e941928b409e294a4995a20208035335a3d4e82df900496bd401
8b7beb51d6c6c18983d9feb2b7fc4822b422607ed24bd6877f0b6fe6813efafe
8be7389f6466f3aaa43476d205d3c22a8f9f88e06cbe496b05e6040bb5f53131
8d66dc120ff01494d125bfc7280be9346d13033b53a10bc65380f721840b3ce6
8f03662a1599bc58e55a0b4f2cf9a9772bea698b679ae10d866c72bf224c6968
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
982baaba5fe227b0ce91cbdd83dba27c91d1f2c1cccd63a01a6923ada47aed43
989ab53ab9f5256fcd6a4ac295acc91c05db036ffce1571d04ba2d11b47b394f
9d2578d7772d1cf3c09d5935e19eee3e6fe2689c20ed5ffb5bae079532b0a009
9eb622968023fca96413d0d4487796a709e5f01b742054af516ff9070b5104e4
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a330f02edd5c39996065f70776f52873bf47a46840a683694ba9ae0f6df349c8
a382a304d25d78900e36047f07051e7e27697b4d78493fa014eb2ce97a7961d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0fc722a099a2f6712c6c86f3298b8343bb4c4860fb5c2c2124825f04c33b440
b62f8a801443328e75e242087d01031a371ae57062688ba0a38aad6ed0cc30fa
bcce16468496437c5089ea25ac4a21df4b96043deb2220bda588d72283991fff
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bff7d7daab7b0e2e15cfb4777e0a550049554e9b391d519f9f2f3196275d5f34
c1e1b14a3f3e54a42db1eebf9bc6e8c9bcb4c84db8d0718c34cd2939b66db3df
c84737ed98fba5d40474804773fa4a889faad2a9f5a7f049c1d850494e9b5f39
ca6d2b34646eaf689d20cc314a2f0a18942442bfc1a87992215baee794190eb8
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce2c83aa57d73b90ff0266ebe6d8631a0a090a0406e1108a36056a28b7128a61
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d24b988f0f3359cedc77ff0c7e06a474049cea9db70be226b778e731a8f7463b
d251f23341f27346af586ac49fe6f591030d4872b041fda3a36c8de6c0afdd10
d5f789cf50f49aec9f77a74f53b5c2cf904629f22f51afb232060b02426753ee
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
db7e1b3db6d0c7b27a619c7c71f04a872a431619bca583f65a3af04bcea49b86
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6bfdf9ff0a2da5cf6e7f959ff0298d69a2eba4d4fafc5a457dd9513e2147b6
dfb591c09c2d31711238d00f2877eaa42e76f47dfc2e8ae12657535369fd1a4d
e05edf2ae58e3a9f1d2a84d32a8b216fd0aece46f527b58dcbce75255989ea88
e3624d84d52ff6a3de2486c46e8da313233b427f98949457e9260fdce7840042
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0536b11ceab94d24455495d684bc6c98107388015d03a749b69a66673ceaf
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
efc4fabb050a44b46c72704233cf851c0b9b53b35e578311e531dded8bed6829
f98f1ea1508c3ed25e01b914703096cd752053e6c7b8e5af25536c7475008faa
f9cf3188e3f059cbe7ee0372832c1e315f626ca8eeef02bdc4d2407241122d2a