scripts.web-services.shop Open in urlscan Pro
2606:4700:3034::ac43:a258 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://scripts.web-services.shop/
Effective URL:
https://scripts.web-services.shop/
Submission: On March 11 via api (March 11th 2024, 6:50:52 pm UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 20 domains to perform 70 HTTP transactions. The main IP is 2606:4700:3034::ac43:a258, located in United States and belongs to CLOUDFLARENET, US. The main domain is scripts.web-services.shop.
TLS certificate: Issued by E1 on January 30th 2024. Valid for: 3 months.

This is the only time scripts.web-services.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:303... 2606:4700:3034::ac43:a258	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:e0:... 2606:4700:e0::ac40:6306	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.205.50 143.204.205.50	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3031::6815:5776	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
12	2606:4700:440... 2606:4700:4400::6812:22ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.3.193 104.21.3.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:235... 2600:9000:2359:e00:d:b1e8:9040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
70	26

8 2606:4700:3034::ac43:a258 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

scripts.web-services.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:e0::ac40:6306 (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-50.fra53.r.cloudfront.net

dunb17ur4ymx4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3031::6815:5776 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.web-services.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

avatars.discourse.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:4400::6812:22ab (United States)

ASN13335 (CLOUDFLARENET, US)

forum.cfx.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.3.193 (None, )

ASN13335 (CLOUDFLARENET, US)

tobias.isfucking.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2359:e00:d:b1e8:9040:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.nsureapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

control-panel.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.84.22.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cfx.re forum.cfx.re — Cisco Umbrella Rank: 279507	306 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 66	1012 KB
8	web-services.shop 1 redirects scripts.web-services.shop	54 KB
7	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 7749	669 KB
7	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 368 fonts.googleapis.com — Cisco Umbrella Rank: 30 jnn-pa.googleapis.com — Cisco Umbrella Rank: 218	106 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 f.clarity.ms — Cisco Umbrella Rank: 20115 c.clarity.ms — Cisco Umbrella Rank: 1360	28 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	48 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	289 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 static.doubleclick.net — Cisco Umbrella Rank: 259	1 KB
3	discourse.org avatars.discourse.org — Cisco Umbrella Rank: 523828	5 KB
3	web-services.io cdn.web-services.io	1 MB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 244	760 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	48 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	20 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7986	2 MB
1	control-panel.ws control-panel.ws	733 B
1	nsureapi.com sdk.nsureapi.com — Cisco Umbrella Rank: 179573	34 KB
1	isfucking.pro tobias.isfucking.pro	4 MB
1	cloudfront.net dunb17ur4ymx4.cloudfront.net	43 KB
70	20

	Domain	Requested by
12	forum.cfx.re	scripts.web-services.shop
8	www.youtube.com	scripts.web-services.shop www.youtube.com
8	scripts.web-services.shop	1 redirects scripts.web-services.shop
7	fonts.cdnfonts.com	scripts.web-services.shop fonts.cdnfonts.com
4	jnn-pa.googleapis.com	www.youtube.com
4	cdnjs.cloudflare.com	scripts.web-services.shop cdnjs.cloudflare.com
3	avatars.discourse.org	scripts.web-services.shop
3	cdn.web-services.io	scripts.web-services.shop
2	c.clarity.ms	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	f.clarity.ms	www.clarity.ms
2	fonts.gstatic.com	www.youtube.com
2	www.clarity.ms	scripts.web-services.shop www.clarity.ms
2	ajax.googleapis.com	scripts.web-services.shop
1	c.bing.com	1 redirects
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	i.imgur.com	scripts.web-services.shop
1	control-panel.ws	ajax.googleapis.com
1	fonts.googleapis.com	scripts.web-services.shop
1	sdk.nsureapi.com	scripts.web-services.shop
1	tobias.isfucking.pro	scripts.web-services.shop
1	dunb17ur4ymx4.cloudfront.net	scripts.web-services.shop
70	26

This site contains links to these domains. Also see Links.

Domain
discord.gg
control-panel.ws
discord.com
denisdzn.com
www.tebex.io

Subject Issuer	Validity	Valid
scripts.web-services.shop E1	`2024-01-30` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
web-services.io GTS CA 1P5	`2024-03-07` - `2024-06-05`	3 months	crt.sh
avatars.discourse.org R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
isfucking.pro GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
*.nsureapi.com Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
control-panel.ws E1	`2024-02-21` - `2024-05-21`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://scripts.web-services.shop/
Frame ID: 29B153FEDBAE3CBE9E5FD015A6964E52
Requests: 49 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Jcd6FihgPdw
Frame ID: B19E281F1C3BDC2EC9D0EE517A275F10
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome - WS Shop

Page URL History Show full URLs

http://scripts.web-services.shop/ HTTP 301
https://scripts.web-services.shop/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

70
Requests

97 %
HTTPS

81 %
IPv6

20
Domains

26
Subdomains

26
IPs

5
Countries

9667 kB
Transfer

12748 kB
Size

13
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/webservices
Title: Discord

Search URL Search Domain Scan URL

URL: https://control-panel.ws/
Title: control-panel.ws

Search URL Search Domain Scan URL

URL: https://control-panel.ws/tebex/redeem
Title: CP

Search URL Search Domain Scan URL

URL: https://discord.com/developers/applications
Title: Discord website

Search URL Search Domain Scan URL

URL: https://denisdzn.com/
Title: Denis

Search URL Search Domain Scan URL

URL: https://www.tebex.io/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://scripts.web-services.shop/ HTTP 301
https://scripts.web-services.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 67

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&RedC=c.clarity.ms&MXFR=3159525F9AAE694D000946609EAE6752 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&MUID=2129BD6443D16D41022DA95B42036C3A

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
scripts.web-services.shop/
Redirect Chain

http://scripts.web-services.shop/
https://scripts.web-services.shop/

67 KB
14 KB

286ms
249ms

Document
text/html

2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 51a4ce37faf67a64e6161c27caaade9e108ac2dd83491eddca9541c6985dc8cb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=90
cf-cache-status: DYNAMIC
cf-ray: 862dbb6f4d8492b9-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Mar 2024 18:50:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlY1slAOwbYpgBcZpEAIaj%2Bx0QvFyedMbLm6xPCR8WEgASP2Lke3RcwKE5Twul5R0rZgnSqRLCT57ej0LMa%2F9H%2FXviikErH5nU%2Bw6DECst%2B3%2F0apJNOMRGI7nDrx1dfm14Nl8RyaskjZXSOeQHuKFCnAoDv5dI2l"}],"group":"cf-nel","max_age":604800}
server: cloudflare
tb-cache-country: DE
tb-cache-group: webstore
vary: Accept-Encoding
x-infra: new
x-powered-by: PHP/7.4.33
x-vat-mode: exclusive

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 862dbb6e9bf01c05-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 11 Mar 2024 18:50:47 GMT
Expires: Mon, 11 Mar 2024 19:50:47 GMT
Location: https://scripts.web-services.shop/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQRyKrJExhoh3s9DYKfRaECa5WiQeD%2BlmOGPB0fdVwSygYwfeluBmVRrDuHkkISRihDr2376GwHCd19A4YEDVH4e6Z4eXLS9SC%2BGfPOf0rrHOQvHW%2F8CcAw%2BCrFcRgtKVIVd2nzT1iJ3GjlFbB%2BQYoPsnZv2ZrO2"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 style.min.css
scripts.web-services.shop/templates/209/css/ 157 KB
26 KB 123ms
121ms Stylesheet
text/css 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/templates/209/css/style.min.css
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-infra: new
alt-svc: h3=":443"; ma=86400
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
server: cloudflare
etag: W/"65eb276e-27588"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0Vd9Jm%2BQ50FjS5LNjF6FMvW4tR%2F1NjG5D1NzPy03XlcRmIy08PLnfarzXPTYH1RgUCW4myAQpak0Sm7jTECXvzI0Tzdiopp8zPZMM9TlE4HfOB0KS4gVTzfy1D%2FMvIxdXpZAA4CEiCUH4bMzH%2Bu6VlHr6kBAWPq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400, s-maxage=90
cf-ray: 862dbb70dfa592b9-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 52ms
24ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 426093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSANkmVvosgWOXmso3cH0vjgI0JcT8BND93e%2F8ZhPlEL6uIOcKHXKAZpOnBrD8GA6quQ%2BbGlXJyFcFW2UF0n7Oli88AgJKo1Lk49t5cwTSZUCMFWuZ%2BFPZ4Ud2B0xeHoVTnkBj7eTCGLOCCZhMWU3Xeb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862dbb710e7d18c1-FRA
expires: Sat, 01 Mar 2025 18:50:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 115ms
36ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 18:16:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Mar 2025 18:16:16 GMT

GET
H2 200 inter
fonts.cdnfonts.com/css/ 3 KB
820 B 84ms
30ms Stylesheet
text/css 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/inter
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18e0207bf677b0bb25c07aa354a50c6dacdc9dd2f2f9fa7422aeda972238c32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10247763
cf-polished: origSize=3663
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 14 Nov 2023 04:14:44 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhPtNeBADi2CyrwxlQAPsH1yk3PwPyM2zqFYpCDvVevdm2LbuJcgz8RwrA%2FEmM%2BqMX8dQjyErC3%2BtkAsqWlpcXmAL7tGuf%2Bk%2BmVmeR73booT1ClVL5FR%2BLzKuF4jmKDPjkUF5I8o%2BTDZTM%2Fs7UcreME%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 862dbb712fbe5d9c-FRA

GET
H2 200 bahnschrift
fonts.cdnfonts.com/css/ 2 KB
512 B 85ms
31ms Stylesheet
text/css 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/bahnschrift
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a3543bd9fc5fc845e8d5f02af0a44f3ea0150254522b68d6179630a33afd7bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8774158
cf-polished: origSize=3020
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 05:34:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6HRqdZGAECNq7Rk8Xa%2B343KUjBYwz%2Fxwie4rdmDaymTyMxLhScP03m79uLIbSgEbwxPP2bZ70e5RBFj7Kln2lxz60GNxqVZus4bBNct%2F4g%2FcR7Rpzvsmq82te8yDnrWYK6SfTmKWAPto0BtuF2Uyho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 862dbb712fc25d9c-FRA

GET
H/1.1 200
OK 3fad02cd74f629998d80c51f746bfb8f828d7d15.png
dunb17ur4ymx4.cloudfront.net/webstore/logos/ 43 KB
43 KB 33ms
7ms Image
image/png 143.204.205.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dunb17ur4ymx4.cloudfront.net/webstore/logos/3fad02cd74f629998d80c51f746bfb8f828d7d15.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-50.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad8bb40955b55871da2935a893d7886c74c5738fb0e767e76d8ca5b14177448e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 11:06:18 GMT
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Jul 2023 12:42:14 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 41023
x-amz-server-side-encryption: AES256
ETag: "4a00cd05c679a3dfa419bbcf4d1039b5"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43858
X-Amz-Cf-Id: 1jc6zDtXUTlNPgpL9is5r-Q-9wQzMEU68RGdxSjtjanUYaHmfiOOAA==

GET
H2 200 ws_donatorsys.png
cdn.web-services.io/products/ 475 KB
476 KB 160ms
103ms Image
image/png 2606:4700:3031::6815:5776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.web-services.io/products/ws_donatorsys.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 744c887e91b54360adacc9f821310c49ba0d28d5e7168fa2802f876faed35356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Feb 2024 00:54:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ceb24b-76aa8"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D70Si1LaVfcFYpMf%2BGVblolVD%2BFZw4neTxPePCWjq2sA6cMQ25r3En6dY6LU70nP6EclXinXptbeC9PVjLNwgOzl0weTUnt6KAHMYBUWelJneKJ2kHr73q1c8wUqypHJEPUK5o5OspnSx%2BnIG4stVoqG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862dbb71396803a0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 486056

GET
H2 200 256.png
avatars.discourse.org/v4/letter/s/7933a0/ 2 KB
2 KB 36ms
7ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.discourse.org/v4/letter/s/7933a0/256.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 0b4d7b7e82cc844935366169817401c017d46bb1ffb918fbcbfc73af38e5bb81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
last-modified: Thu, 12 Jan 2023 14:33:16 GMT
server: keycdn
x-edge-location: defr
etag: "63c01a2c-744"
x-cache: HIT
content-type: image/png
cache-control: public, max-age=157788000
accept-ranges: bytes
x-shield: active
content-length: 1860
cdck-proxy-id: corp-router-stardestroyer02.corp, corp-balancer-tieinterceptor1b.corp
expires: Tue, 20 May 2025 00:00:00 GMT

GET
H2 200 4164850_2.png
forum.cfx.re/user_avatar/forum.cfx.re/rollendeavocado/256/ 44 KB
45 KB 89ms
38ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/rollendeavocado/256/4164850_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d46a8fb1f64d591f564ea9cb028d422a9cdb1bfaded64e7313bd980a0c25eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:47 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 6224
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 45234
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 24 Feb 2024 22:08:21 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb71be011992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:39:59 GMT

GET
H2 200 3606542_2.png
forum.cfx.re/user_avatar/forum.cfx.re/marcel_rammo/256/ 7 KB
7 KB 25ms
25ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/marcel_rammo/256/3606542_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd63f20854e254765b082c29836039bfc500ab8c333d029dfbe9743ac567d1d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 91301
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 6789
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Jun 2023 13:31:44 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb71fe751992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 256.png
avatars.discourse.org/v4/letter/p/7933a0/ 1 KB
1 KB 11ms
8ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.discourse.org/v4/letter/p/7933a0/256.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 381ce2f6525b6e3ac81c16699752fc00bf90e1cc890615c9e1b0a02c623358ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
last-modified: Tue, 24 Oct 2023 07:08:19 GMT
server: keycdn
x-edge-location: defr
etag: "65376d63-47b"
x-cache: HIT
content-type: image/png
cache-control: public, max-age=157788000
accept-ranges: bytes
x-shield: active
content-length: 1147
cdck-proxy-id: corp-router-tiehunter02.corp1, corp-balancer-tieinterceptor1a.corp1
expires: Mon, 13 Oct 2025 00:00:00 GMT

GET
H2 200 4094541_2.png
forum.cfx.re/user_avatar/forum.cfx.re/latingangrp/256/ 50 KB
51 KB 43ms
40ms Image
image/gif 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/latingangrp/256/4094541_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6aa140dcd42c13039c2820b9b5e46e477693c788d90f8afe6b25b3f20ec6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 191678
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 51618
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 21 Jan 2024 21:22:04 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f3e1992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 3339284_2.png
forum.cfx.re/user_avatar/forum.cfx.re/16nico4/256/ 24 KB
24 KB 30ms
28ms Image
image/jpeg 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/16nico4/256/3339284_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea712e80e93a6bd9b92a26255d2dfa302020d7e9492b4e09169f691664dd8dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 91030
content-transfer-encoding: binary
x-discourse-route: user_avatars/show
content-length: 24521
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
last-modified: Thu, 25 Jan 2024 21:37:18 GMT
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 862dbb727f421992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 256.png
avatars.discourse.org/v4/letter/b/7933a0/ 2 KB
2 KB 11ms
9ms Image
image/png 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.discourse.org/v4/letter/b/7933a0/256.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: f925a3ae508f85a0c689e91b3659ac53c9165f288fc04c4aa1abbf9eee45ee35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
last-modified: Sun, 01 Jan 2023 03:01:01 GMT
server: keycdn
x-edge-location: defr
etag: "63b0f76d-62d"
x-cache: HIT
content-type: image/png
cache-control: public, max-age=157788000
accept-ranges: bytes
x-shield: active
content-length: 1581
cdck-proxy-id: corp-router-stardestroyer02.corp, corp-balancer-tieinterceptor1b.corp
expires: Mon, 20 Jan 2025 00:00:00 GMT

GET
H2 200 3651737_2.png
forum.cfx.re/user_avatar/forum.cfx.re/magmadb/256/ 27 KB
27 KB 28ms
26ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/magmadb/256/3651737_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3d950786a953d1982da91f7464442bfaeaf1ad7a9be90e2ce7a9e8cdbb24e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 83682
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 27494
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 26 Jun 2023 19:39:47 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f451992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 3953298_2.png
forum.cfx.re/user_avatar/forum.cfx.re/chris1805/256/ 39 KB
39 KB 42ms
40ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/chris1805/256/3953298_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3109776ca21ea4fc3ba3dd10ee3a5f3ae3b2466c91eeade0c82539ae08e70af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 96490
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 40099
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 21 Nov 2023 19:41:23 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f4c1992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 3605729_2.png
forum.cfx.re/user_avatar/forum.cfx.re/voeller1/256/ 6 KB
7 KB 42ms
40ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/voeller1/256/3605729_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb356dd6d2988cb34bbf49f4ede531ecff2c8334125b9d1db567031341d2a566

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 332950
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 6633
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 15 Jun 2023 22:13:14 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f501992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 4105841_2.png
forum.cfx.re/user_avatar/forum.cfx.re/illuminated2402/256/ 22 KB
22 KB 41ms
39ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/illuminated2402/256/4105841_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

290e58c6d7f506f0f5b0188b894293759521259bcf0adbac3791b8452f98b176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 118905
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 22277
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 25 Jan 2024 09:37:56 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f541992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 4137648_2.png
forum.cfx.re/user_avatar/forum.cfx.re/primo_v/256/ 19 KB
19 KB 31ms
29ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/primo_v/256/4137648_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e946ff1a066ef0ed4ef0885d4b3cc15391351ca5c3fce0fbe1a1007621403369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 181862
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 19364
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 09 Feb 2024 20:03:56 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f551992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 4127487_2.png
forum.cfx.re/user_avatar/forum.cfx.re/aykut57/256/ 17 KB
17 KB 42ms
40ms Image
image/jpeg 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/aykut57/256/4127487_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b691c8cdb7d32d0ba44bf1f1332abe132ddd18f40d7bb4cea4e7bcf2d63b8ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 292382
content-transfer-encoding: binary
x-discourse-route: user_avatars/show
content-length: 17656
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
last-modified: Sun, 04 Feb 2024 12:32:21 GMT
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 862dbb727f571992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 2224557_2.png
forum.cfx.re/user_avatar/forum.cfx.re/banksy09/256/ 9 KB
10 KB 51ms
50ms Image
image/jpeg 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/banksy09/256/2224557_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf40599f54d6f70662c8c062fa184d653b2ceb4e8393242c85d59aa3161bea66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 337565
content-transfer-encoding: binary
x-discourse-route: user_avatars/show
content-length: 9686
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
cf-bgj: h2pri
last-modified: Mon, 12 Dec 2022 09:15:53 GMT
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-ray: 862dbb727f581992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 ws_marry.png
cdn.web-services.io/products/ 475 KB
476 KB 66ms
65ms Image
image/png 2606:4700:3031::6815:5776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.web-services.io/products/ws_marry.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8d4a14e7b12aed568d774d1a1ed360ab28a7345cfebcd6522e98f2b76a2463af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Mar 2024 17:11:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ec9834-76b02"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46FquQVhN%2FMFuuFat9EwKs7yN%2Bq02bPd37BhBn713ykq4ONUv%2BxeiWcyD3P5lJWDJ%2Fd9OOmlRFWfIvkgcHPrOX4I9kj0CylA89tQcoimeD3x%2FY%2F8VIkqKX%2BDnos%2BmJPrqpLiiZ1yQr%2F8D5T2wk7WT1Hr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862dbb727b8f03a0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 486146

GET
H2 200 ws_voicenui.png
cdn.web-services.io/products/ 478 KB
479 KB 80ms
79ms Image
image/png 2606:4700:3031::6815:5776
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.web-services.io/products/ws_voicenui.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:5776 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 661952060c15a6dee6b1b528eb85f74e34eee88d90d273f383ea79e94084dedf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 09 Mar 2024 17:11:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ec983a-776e4"
x-powered-by: PleskLin
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWjv1WmErBvTjapMVZVeVy8NKTjoG8yTzk0AWjB7GuG3NrhDoHH4uVSX%2FBF4Heh%2FCreL75BOyGRdmhSvSnebStCg%2F6QpE%2Fr2BBwUo8m5dvII2NqqKpDqXbHGB0qQFDeLacr9hdTSiJ2TFdH1b4BlHn90"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 862dbb727b9403a0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 489188

GET
H2 200 countUp.min.js Show response
cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/ 4 KB
2 KB 26ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/countup.js/1.9.3/countUp.min.js

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 434249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1240
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-ee7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqyDF9jOE0uUzii8kp6zAlIzqxu9b0T%2BiMHnenDpHczmeK%2FWuhsCcy80WO1h8rp9UUAVQO0ldi4eui2Spyj0ajtrgoLSLAVCFpd1dKLXVvFOkpqv988c%2FnS2aOjvMwPwFKo%2B1bkV6GHT%2FlcK4%2FcswsYY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862dbb72185318c1-FRA
expires: Sat, 01 Mar 2025 18:50:48 GMT

GET
H2 200 3qrlfK.png
tobias.isfucking.pro/ 4 MB
4 MB 124ms
87ms Image
image/png 104.21.3.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tobias.isfucking.pro/3qrlfK.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.3.193 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e545052703ae1deaa20c5de06f0663bc4e0d9d25189f6f497d7ff56f54ef72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename="WSSALE2 (1).png"
alt-svc: h3=":443"; ma=86400
content-length: 4121072
x-xss-protection: 1; mode=block
last-modified: Mon, 11 Mar 2024 19:50:25 GMT
server: cloudflare
etag: 4387c2e7cad1f9f6c627b6725d3d0787
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubmocpNiz3nQ%2BK7LzJOhvl3bQPCfzjtAyrKJ0DoKBtzc%2FTU%2FQOfpap28iPXIGbBaNr0OzgwBTXGY%2F21q9%2FGa1Mxts97ZTeuw2DcQ%2BHEeJKNQMwD67JDmaLuD3OpmaGofTEkC2pmjng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=3600, private
accept-ranges: bytes
cf-ray: 862dbb72be7c1c01-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 06:48:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 06:48:53 GMT

GET
H2 200 bootstrap.min.js Show response
scripts.web-services.shop/templates/209/js/ 28 KB
8 KB 141ms
141ms Script
application/javascript 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/templates/209/js/bootstrap.min.js
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-infra: new
alt-svc: h3=":443"; ma=86400
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
server: cloudflare
etag: W/"65eb276e-71b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2bKx9clQjg%2Bh9XqbyXcH0wraY9lC7FF%2Bw82R4NXdjkY%2BTNxJoRU2TghO8OvxpDpbgNxmEPd7QQmpJDxz04S8y5TgWSOTewEbIYN7MwyCB7dKuYp33VfCzWNfw8%2FBhDwQ5Rq0Cju2BxUdxv%2FO8OprQhkXloq74CT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, s-maxage=90
cf-ray: 862dbb7249ae92b9-FRA

GET
H2 200 skin.min.js Show response
scripts.web-services.shop/templates/209/js/ 265 B
471 B 152ms
149ms Script
application/javascript 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/templates/209/js/skin.min.js
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-infra: new
alt-svc: h3=":443"; ma=86400
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
server: cloudflare
etag: W/"65eb276e-109"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6X3c05nnCoBrAUl%2FvvdEPp1AlRv%2B4anvP0ChUhsDHF2QNGT%2BoJyTEGXboHWR6BiQ1IFcKRTscqe94PlSEusNXqOtdqGL6CvDBEwY5Xhch2V60%2FtTAhMyC63Jn%2FSGXAMs1goJNXJFep9AqBRXQYlWs2lYPoPV1zN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, s-maxage=90
cf-ray: 862dbb7279f792b9-FRA

GET
H2 200 site.js Show response
scripts.web-services.shop/templates/209/js/ 8 KB
3 KB 131ms
129ms Script
application/javascript 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/templates/209/js/site.js
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-infra: new
alt-svc: h3=":443"; ma=86400
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
server: cloudflare
etag: W/"65eb276e-1f09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgIw%2BIn1V8GlTt%2Bc2f3E1Zu%2Bc59y1tUEN7Bpg7Ho%2B3haPfJhoCBJEX9wCwLvUcxemEKX2U3VFhoWVDQSr8sK0Ltl6viEcJPjz9QqWG%2BS3W2Fe1jWNDo7RJobk43R8G%2FUkv%2Bu%2BCVsj7XLLeuZuKmoLJkjV6bbWD1f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, s-maxage=90
cf-ray: 862dbb7279fa92b9-FRA

GET
H2 200 discord.js Show response
scripts.web-services.shop/assets/js/ 1 KB
876 B 127ms
125ms Script
application/javascript 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.web-services.shop/assets/js/discord.js
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-infra: new
alt-svc: h3=":443"; ma=86400
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
server: cloudflare
etag: W/"65eb276e-5dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7Ewp%2BTNU2L0jBgdb8o%2F0jJGOGzC9ayqW%2FYXsF0oiyONMg5SlSOTF1IspDY0jiB0pRIvJlTzomdYXcEJgQk1GX2idZqASGKPdWgGVlhC7iZWvyfVlcOkBKBzoHwEzUx0tojmTec1VkVzgyTBX9VCrwW9tVp3Bqv1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400, s-maxage=90
cf-ray: 862dbb7279fd92b9-FRA

GET
H2 200 tebex-dark.png
scripts.web-services.shop/assets/img/ 457 B
844 B 108ms
107ms Image
image/png 2606:4700:3034::ac43:a258
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scripts.web-services.shop/assets/img/tebex-dark.png
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a258 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a24cf5b032f473cbeb9c2d6d514448c492f8e5a104d253d1343b5ef80dbbe14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: REVALIDATED
tb-cache-group: webstore
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=872
x-infra: new
alt-svc: h3=":443"; ma=86400
content-length: 457
tb-cache-country: DE
last-modified: Fri, 08 Mar 2024 14:57:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "65eb276e-368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdSUs9H3dY8SJj%2BJHuF7XaeOdb5svZ97bbMIWDSVgO0EC5m95oyrhTLEzO2q11K8mK9ZMoTDi1%2FWSJRfV3CZjUxc6oVdiojnXKw4ryHmNniAXC9qS0ZwVmq68EsJBDjX6ij2BKTi81b8jFu%2FSb46lhGo%2BQubQWT4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400, s-maxage=90
accept-ranges: bytes
cf-ray: 862dbb727a0492b9-FRA

GET
H2 200 sdk.js Show response
sdk.nsureapi.com/ 149 KB
34 KB 45ms
9ms Script
application/javascript 2600:9000:2359:e00:d:b1e8:9040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.nsureapi.com/sdk.js
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:e00:d:b1e8:9040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8d3d58d892ac306577b3386b17480e2123b655d68196628285648817d0cf4230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 12:14:22 GMT
content-encoding: br
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
last-modified: Sun, 10 Mar 2024 12:08:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
age: 23787
etag: W/"b0132b38c3f35b049fa3ee6223fa0145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: alDjm0rNudcC7Nm34ZqiVPKXSrdthR4OuQQyOK2sdfG5MdIZyf9U-w==

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 125ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,700,600

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/templates/209/css/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 18:43:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 18:50:48 GMT

GET
H2 200 fxlepb8eap Show response
www.clarity.ms/tag/ 649 B
1013 B 206ms
148ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fxlepb8eap
Requested by: Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 94dd674700a38aeb5cff0f9fcd4b820b418aad004dcd8eff7a630881a95f00f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Mon, 11 Mar 2024 18:50:48 GMT
x-azure-ref: 20240311T185048Z-u5gw6y77396h94kdrk14pgba78000000097g00000000c1ws
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 649
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 Jcd6FihgPdw Show response
www.youtube.com/embed/ Frame B19E 91 KB
39 KB 217ms
125ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Jcd6FihgPdw

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed2380fc085733ade0c271519822f33cdf27d6c86079b181845993222f59b84e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scripts.web-services.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Mar 2024 18:50:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3953298_2.png
forum.cfx.re/user_avatar/forum.cfx.re/chris1805/256/ 39 KB
39 KB 55ms
54ms Image
image/png 2606:4700:4400::6812:22ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forum.cfx.re/user_avatar/forum.cfx.re/chris1805/256/3953298_2.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3109776ca21ea4fc3ba3dd10ee3a5f3ae3b2466c91eeade0c82539ae08e70af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 96490
x-discourse-route: user_avatars/show
content-transfer-encoding: binary
content-length: 40099
x-xss-protection: 0
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 21 Nov 2023 19:41:23 GMT
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, PUT, GET, OPTIONS, DELETE
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31556952
access-control-allow-credentials: true
access-control-max-age: 7200
accept-ranges: bytes
cf-ray: 862dbb727f591992-FRA
access-control-allow-headers: Content-Type, Cache-Control, X-Requested-With, X-CSRF-Token, Discourse-Present, User-Api-Key, User-Api-Client-Id, Authorization
vary: Accept-Encoding
expires: Wed, 12 Mar 2025 00:40:00 GMT

GET
H2 200 info Show response
control-panel.ws/api/v1/system/ 157 B
733 B 87ms
42ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://control-panel.ws/api/v1/system/info
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.2.16, PleskLin
Resource Hash: f8c61224b03aea85bbfa71048c716392cfe7e7f01fc7e1fd39ee9c8046441951

Request headers

Accept: */*
Referer: https://scripts.web-services.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.16, PleskLin
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xk3QQd1hpBaTPgz%2FS%2BURg1iJv3mjuth041CGLLxvo%2BACtJq4SSANCFo4LuWu1mBNVD%2BHI6lj8Ci846k%2FH%2FqPTMm0pOkNTiha%2FjJpzQk7vD%2FLkFqwaH4u6463roEecuon9i8B0CXXO%2FYRERw1laBA"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate
cf-ray: 862dbb72c9ae37e0-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 XdvGYYr.png
i.imgur.com/ 2 MB
2 MB 35ms
13ms Image
image/png 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/XdvGYYr.png

Requested by

Host: scripts.web-services.shop
URL: https://scripts.web-services.shop/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

5065f83f1a654c3863f5f73b2166849c28257396a742d253340bea9c516a28b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 307814
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1575851
x-served-by: cache-iad-kcgs7200043-IAD, cache-fra-eddf8230088-FRA
last-modified: Mon, 26 Feb 2024 20:34:23 GMT
server: cat factory 1.0
x-timer: S1710183048.102474,VS0,VE7
etag: "50c297ab10075ae2d00479482704524d"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: oNPhp-mCapGVkjNyuj5wrGkHGE0vt3c475CMbpEjK0_QXwEj9xWAbQ==
x-cache-hits: 1, 1

GET
H3 200 BAHNSCHRIFT.woff
fonts.cdnfonts.com/s/21353/ 178 KB
178 KB 114ms
83ms Font
font/woff 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/21353/BAHNSCHRIFT.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/bahnschrift
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 758ab14f6cf48a6af03198c56375deefcadd9d6f34bad9ae3df6efe35d40e4fa

Request headers

Referer: https://fonts.cdnfonts.com/css/bahnschrift
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20855
alt-svc: h3=":443"; ma=86400
content-length: 182092
last-modified: Sat, 05 Feb 2022 02:00:41 GMT
server: cloudflare
etag: "2c74c-5d73bbc0fbee3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hy6Q2Zo7WGmijeEWlN75ytq5Aer1zwdkNoqr1Lw7Dbarz5qVhJqhU2BRZea40HmZnt3BzktxooUFxWACYHqG97lFI%2BKJ98DVWcg8%2F7Zfc8EHK%2BHFQUvdJYgMui3780uE%2Fz94ADUX9393ZiWuqOLsXLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 862dbb72bbbf3689-FRA

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
153 KB 86ms
69ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 962009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcIRCfoY5YVuPyecU6EewsfNjr%2Fv5IkpDSCLrv5J%2F8%2B1UeE%2FAlI6LkIvv9a%2Fj5w1mBpAYxDZVHUQ1cB4JcyaZ7K0PlalHgb5UvNWjK43Og73kJrurzgGiRpjXWT0mNFmM2xB83Ildc%2F%2BetPfclsJSyMc"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862dbb729e66bb61-FRA
expires: Sat, 01 Mar 2025 18:50:48 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 115 KB
115 KB 43ms
26ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 340903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 117372
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-1ca7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FzSAYQQAQg7pWfEzqwmfUSoRfbZlH4eQx9nc5uxXzdRD9w%2B2uSzGID%2B677rWUjS8WynAnnT760gNRdMqN9Hn8Csl9CnRjnsgqpAnItouoK7NhEmm0%2BlnP21N5aLm9OQSiRWvNdmMaeAQefIE0uQ6%2FKPG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862dbb729e60bb61-FRA
expires: Sat, 01 Mar 2025 18:50:48 GMT

GET
H3 200 Inter-Bold.woff
fonts.cdnfonts.com/s/19795/ 125 KB
126 KB 84ms
54ms Font
font/woff 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/19795/Inter-Bold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/inter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d9ce799b623ba6c85d5db14bb398abae84b1098cdc6c7834d973c10b6ea535

Request headers

Referer: https://fonts.cdnfonts.com/css/inter
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180590
alt-svc: h3=":443"; ma=86400
content-length: 128376
last-modified: Sat, 05 Feb 2022 02:00:40 GMT
server: cloudflare
etag: "1f578-5d73bbbf94cc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm34skQdLJPT0UF2GzB6lkQPskRhHfqlqprr1oaoHcxcwezC8GcFUZeOQfqU9h%2FCnhYidcdpWrEdeB5Umumk41zhctklyrG6B%2FdBv9mT3xXf8UT9DXonnsbedF5EFr5rxsBLSwdmx0ARRomFFZ8vc00%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 862dbb72bbb93689-FRA

GET
H3 200 Inter-Regular.woff
fonts.cdnfonts.com/s/19795/ 114 KB
114 KB 135ms
104ms Font
font/woff 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/19795/Inter-Regular.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/inter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c3218ffd11ddd43442e8ded8cf2bfbdb74324e5f1b38ec86be1be991f144b5

Request headers

Referer: https://fonts.cdnfonts.com/css/inter
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180590
alt-svc: h3=":443"; ma=86400
content-length: 116488
last-modified: Sat, 05 Feb 2022 02:00:40 GMT
server: cloudflare
etag: "1c708-5d73bbbf95c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Epr9xk%2B%2BtUq4HHLAElm73zQFyPYoGSfHffHMWwJpLKfTJJXoxeZDEc2gqwehOew42%2F9HiRbhkFMwmGn48Jv32VdclQYAlQlC%2FRcbvN0CtUiTQZ5yoIKHBB2LFJD5%2FhRSuVM7vdm1phMm8nJQLCBDgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 862dbb72bbc43689-FRA

GET
H3 200 Inter-SemiBold.woff
fonts.cdnfonts.com/s/19795/ 125 KB
125 KB 71ms
41ms Font
font/woff 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/19795/Inter-SemiBold.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/inter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad09305d7ab7986623ea6cf6dc188cb3ff80370c2f9ae99aefe8182b3dc894b4

Request headers

Referer: https://fonts.cdnfonts.com/css/inter
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 180590
alt-svc: h3=":443"; ma=86400
content-length: 127652
last-modified: Sat, 05 Feb 2022 02:00:40 GMT
server: cloudflare
etag: "1f2a4-5d73bbbf95c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkupdOOigRSdfcwU110hVPFXJx5U%2FilMxFQUoYAdU5WM813G4aH3QZxZucO2EEI1BZQmDB2fZrs0aJErrYkMxFln3SSvDCRCXJ34syn4%2BtmD9Zdwn%2BeGg3t2ghdqkb5x36mCp%2BY7KniUiu5Eohkd3HU%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 862dbb72bbc73689-FRA

GET
H3 200 Inter-Medium.woff
fonts.cdnfonts.com/s/19795/ 124 KB
124 KB 40ms
40ms Font
font/woff 2606:4700:e0::ac40:6306
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/s/19795/Inter-Medium.woff
Requested by: Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/inter
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6306 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f7b468816f94384e08474ccfe6d85b8f98c8251905da7d3b9d2c891c752fd2

Request headers

Referer: https://fonts.cdnfonts.com/css/inter
Origin: https://scripts.web-services.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 112473
alt-svc: h3=":443"; ma=86400
content-length: 126948
last-modified: Sat, 05 Feb 2022 02:00:40 GMT
server: cloudflare
etag: "1efe4-5d73bbbf95c63"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9sCt9QRlmdbzt9dyboMKv3h8usoR5goS%2F5a8KPsG1SYa%2FyhHenziPqrySchWOFT1ofaF5GvTzH5o6HuEchGf8gtDI0pbm%2BFZ7ty34zZ8swkJZV1on50Xsy26InSCtK2pzQc0%2FfHKqddg0w1ItvkWs8%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 862dbb733d003689-FRA

GET
H2 200 www-player.css
www.youtube.com/s/player/c48a9559/ Frame B19E 369 KB
47 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d310954cebcc052fcbc240c8a0e27bbceff52454a5bf557cdf3568ab0d3b634f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:19:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47894
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 18:19:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B19E 15 KB
16 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:19 GMT
x-content-type-options: nosniff
age: 602309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Mar 2025 19:32:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B19E 15 KB
15 KB 123ms
45ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 14:26:30 GMT
x-content-type-options: nosniff
age: 361458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Mar 2025 14:26:30 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.24/ 60 KB
25 KB 33ms
33ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.24/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fxlepb8eap
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: br
last-modified: Sun, 10 Mar 2024 17:00:12 GMT
etag: W/"0x8DC41238D312F83"
vary: Accept-Encoding
x-azure-ref: 20240311T185048Z-u5gw6y77396h94kdrk14pgba78000000097g00000000c1wy
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 0e6b3224-701e-0073-5c1b-737648000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 embed.js Show response
www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/ Frame B19E 57 KB
18 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da86cd0df126cbed4fde82c847b7ebc0740ad75bf5c411e714803084a98a555a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:33:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 469009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18049
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Mar 2025 08:33:59 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/c48a9559/www-embed-player.vflset/ Frame B19E 319 KB
95 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1344811659720c8e29a95ba3956bbfa439aa5cd496c77212bf1d4465f7598b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 10:06:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97308
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 11 Mar 2025 10:06:45 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/ Frame B19E 2 MB
779 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ce2d8c71b53184889577f992c5072877ce6d142f96033d2723965a788252a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 797632
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Mar 2025 08:33:59 GMT

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
305 B 304ms
95ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://scripts.web-services.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://scripts.web-services.shop
Date: Mon, 11 Mar 2024 18:50:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B19E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

44ms
44ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30e63b4bf1cfde1c8172028ac99adbfe144338e3bff70d8e0e05a94585876b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Mar 2024 18:50:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B19E 29 B
495 B 115ms
35ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:37:39 GMT
x-content-type-options: nosniff
age: 789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 11 Mar 2024 18:52:39 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 128ms
44ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Mar 2024 18:50:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B19E 87 KB
40 KB 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b129ca53039b5c35b1f4fbee6c75c803df0e7ff9680efde13062cac7671b6ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40899
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/ Frame B19E 118 KB
33 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78480c1a6483f928de2b2b439c3755e4a2b10ae7a1291a683a51d5995bb6a4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34064
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 05:21:30 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 06 Mar 2025 08:37:39 GMT

GET
H2 200 QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js Show response
www.google.com/js/th/ Frame B19E 51 KB
20 KB 114ms
36ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/QIgJXlTW_ocH5BKR4VvT459F7KnrK51w4wqraUAmDYI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19860
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 18:12:51 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/Jcd6FihgPdw/ Frame B19E 48 KB
48 KB 123ms
40ms Image
image/jpeg 2a00:1450:4001:803::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Jcd6FihgPdw/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96d9fbf01f02fa72386d405dc84a23aef5b9d8ba8dc2e47bbd92dc3c38ea9859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:31:52 GMT
x-content-type-options: nosniff
age: 1136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49024
x-xss-protection: 0
server: sffe
etag: "1706320817"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 11 Mar 2024 20:31:52 GMT

GET
DATA 200
OK truncated
/ Frame B19E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 IA8Ce2RWStis_pQ4DY12P1iUYHgnLyXSvJX7pDYDCx5fxUk4J4-m0mNiwcrOsv3L8N8zhLchJw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame B19E 3 KB
3 KB 113ms
36ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/IA8Ce2RWStis_pQ4DY12P1iUYHgnLyXSvJX7pDYDCx5fxUk4J4-m0mNiwcrOsv3L8N8zhLchJw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fb3f06d20468e43ec7bc7fd0778c5217b225fbf17d421fa726006ea727ed81d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 17:37:00 GMT
x-content-type-options: nosniff
age: 4428
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2715
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Mar 2024 17:37:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B19E 4 KB
2 KB 162ms
82ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Mar 2024 18:50:48 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B19E 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?pIbqqg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Jcd6FihgPdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B19E 90 B
134 B 49ms
48ms XHR
application/json+protobuf 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9e796b5e29bbcab8859e45ea0ab2c434819058599e065caec0ab8383d7b8583c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 11 Mar 2024 18:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/122/ Frame B19E 50 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/122/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 06:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14711
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 16:03:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 12 Mar 2024 06:20:47 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 44ms
44ms Preflight
text/html 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 11 Mar 2024 18:50:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&RedC=c.clarity.ms&MXFR=3159525F9AAE694D000946609EAE6752
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&MUID=2129BD6443D16D41022DA95B42036C3A

42 B
441 B

25ms
25ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&MUID=2129BD6443D16D41022DA95B42036C3A
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scripts.web-services.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 18:50:48 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 11 Mar 2024 18:50:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3BA6692DA1D948C38988001753F4A41B Ref B: FRAEDGE1210 Ref C: 2024-03-11T18:50:49Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=96AF7CB0F5B24A32820DCF56917E9F86&MUID=2129BD6443D16D41022DA95B42036C3A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
f.clarity.ms/ 0
305 B 98ms
98ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.24/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://scripts.web-services.shop/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://scripts.web-services.shop
Date: Mon, 11 Mar 2024 18:50:49 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B19E 28 B
50 B 50ms
49ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c48a9559/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
X-Goog-Request-Time: 1710183050904
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Jcd6FihgPdw
X-YouTube-Client-Version: 1.20240305.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgs2VXFvWS1BUFhiYyiIpb2vBjIKCgJERRIEEgAgHw%3D%3D
X-YouTube-Ad-Signals: dt=1710183048447&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C554%2C309&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 11 Mar 2024 18:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clarity.ms/	1970-01-21 03:48:39	Name: CLID Value: 5e65b15aa3a04d9e8540854d51098a0d.20240311.20250311
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: q46kfK-wESA
.youtube.com/	1970-01-20 23:22:15	Name: VISITOR_INFO1_LIVE Value: 6UqoY-APXbc
.youtube.com/	1970-01-20 23:22:15	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgHw%3D%3D
.web-services.shop/	1970-01-21 03:48:39	Name: _clck Value: 4pvhq6%7C2%7Cfjz%7C0%7C1531
.web-services.shop/	1970-01-20 19:04:29	Name: _clsk Value: 1sam300%7C1710183048782%7C1%7C0%7Cf.clarity.ms%2Fcollect
.bing.com/	1970-01-21 04:24:39	Name: MUID Value: 2129BD6443D16D41022DA95B42036C3A
.c.bing.com/	1970-01-20 19:13:07	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:24:39	Name: SRM_B Value: 2129BD6443D16D41022DA95B42036C3A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:24:39	Name: MUID Value: 2129BD6443D16D41022DA95B42036C3A
.c.clarity.ms/	1970-01-20 19:13:07	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:03:03	Name: ANONCHK Value: 0

39 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://scripts.web-services.shop/(Line 1750) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://scripts.web-services.shop/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
avatars.discourse.org
c.bing.com
c.clarity.ms
cdn.web-services.io
cdnjs.cloudflare.com
control-panel.ws
dunb17ur4ymx4.cloudfront.net
f.clarity.ms
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
forum.cfx.re
googleads.g.doubleclick.net
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
scripts.web-services.shop
sdk.nsureapi.com
static.doubleclick.net
tobias.isfucking.pro
www.clarity.ms
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.3.193
143.204.205.50
146.75.116.193
20.84.22.197
2600:9000:2359:e00:d:b1e8:9040:93a1
2606:4700:3031::6815:5776
2606:4700:3034::ac43:a258
2606:4700:4400::6812:22ab
2606:4700::6811:190e
2606:4700:e0::ac40:6306
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:803::2016
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a06:98c1:3120::3
2a0b:4d07:102::1
68.219.88.97
0a3543bd9fc5fc845e8d5f02af0a44f3ea0150254522b68d6179630a33afd7bd
0b4d7b7e82cc844935366169817401c017d46bb1ffb918fbcbfc73af38e5bb81
1344811659720c8e29a95ba3956bbfa439aa5cd496c77212bf1d4465f7598b88
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
23d9ce799b623ba6c85d5db14bb398abae84b1098cdc6c7834d973c10b6ea535
290e58c6d7f506f0f5b0188b894293759521259bcf0adbac3791b8452f98b176
30e63b4bf1cfde1c8172028ac99adbfe144338e3bff70d8e0e05a94585876b4f
381ce2f6525b6e3ac81c16699752fc00bf90e1cc890615c9e1b0a02c623358ba
39b2acc818832d5839445e69d857add6e15c8993209a857147c2376fb93f886a
3a8924cd5203a28628716aedb5cef0943da4c3b44e3ffcee90ab06387b41c490
3bc9c1f81ac6f56f2077096ca22a3bb734f895f14dc0d8524dee9a0e124302cc
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4088095e54d6fe8707e41291e15bd3e39f45eca9eb2b9d70e30aab6940260d82
4a24cf5b032f473cbeb9c2d6d514448c492f8e5a104d253d1343b5ef80dbbe14
4d46a8fb1f64d591f564ea9cb028d422a9cdb1bfaded64e7313bd980a0c25eec
5065f83f1a654c3863f5f73b2166849c28257396a742d253340bea9c516a28b7
51a4ce37faf67a64e6161c27caaade9e108ac2dd83491eddca9541c6985dc8cb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f3d950786a953d1982da91f7464442bfaeaf1ad7a9be90e2ce7a9e8cdbb24e6
64c3218ffd11ddd43442e8ded8cf2bfbdb74324e5f1b38ec86be1be991f144b5
661952060c15a6dee6b1b528eb85f74e34eee88d90d273f383ea79e94084dedf
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b129ca53039b5c35b1f4fbee6c75c803df0e7ff9680efde13062cac7671b6ba
744c887e91b54360adacc9f821310c49ba0d28d5e7168fa2802f876faed35356
758ab14f6cf48a6af03198c56375deefcadd9d6f34bad9ae3df6efe35d40e4fa
765a638d2813ec1b917fc56cf90863f88991ef2550c1a14c99e9e9b243e80f74
78480c1a6483f928de2b2b439c3755e4a2b10ae7a1291a683a51d5995bb6a4e7
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8ce2d8c71b53184889577f992c5072877ce6d142f96033d2723965a788252a91
8d3d58d892ac306577b3386b17480e2123b655d68196628285648817d0cf4230
8d4a14e7b12aed568d774d1a1ed360ab28a7345cfebcd6522e98f2b76a2463af
94dd674700a38aeb5cff0f9fcd4b820b418aad004dcd8eff7a630881a95f00f8
96d9fbf01f02fa72386d405dc84a23aef5b9d8ba8dc2e47bbd92dc3c38ea9859
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e545052703ae1deaa20c5de06f0663bc4e0d9d25189f6f497d7ff56f54ef72f
9e796b5e29bbcab8859e45ea0ab2c434819058599e065caec0ab8383d7b8583c
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
a1f7b468816f94384e08474ccfe6d85b8f98c8251905da7d3b9d2c891c752fd2
ad09305d7ab7986623ea6cf6dc188cb3ff80370c2f9ae99aefe8182b3dc894b4
ad8bb40955b55871da2935a893d7886c74c5738fb0e767e76d8ca5b14177448e
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b691c8cdb7d32d0ba44bf1f1332abe132ddd18f40d7bb4cea4e7bcf2d63b8ea5
bb356dd6d2988cb34bbf49f4ede531ecff2c8334125b9d1db567031341d2a566
c0d26e6ac74fc25ea3359b6ff41aae341638a1872fa9e2fcea58285fc9749277
c18e0207bf677b0bb25c07aa354a50c6dacdc9dd2f2f9fa7422aeda972238c32
c22112af7beec1924e9ffd905a2ab385aa6894b4217d7c9f54fa435af09594ce
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
c8e73815e51d518d6d88f1f9dbe71baebf371c5bd8cddeb420ab53599322bb0c
cc6aa140dcd42c13039c2820b9b5e46e477693c788d90f8afe6b25b3f20ec6dc
cd63f20854e254765b082c29836039bfc500ab8c333d029dfbe9743ac567d1d5
cf40599f54d6f70662c8c062fa184d653b2ceb4e8393242c85d59aa3161bea66
d310954cebcc052fcbc240c8a0e27bbceff52454a5bf557cdf3568ab0d3b634f
d3109776ca21ea4fc3ba3dd10ee3a5f3ae3b2466c91eeade0c82539ae08e70af
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da86cd0df126cbed4fde82c847b7ebc0740ad75bf5c411e714803084a98a555a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e946ff1a066ef0ed4ef0885d4b3cc15391351ca5c3fce0fbe1a1007621403369
ea712e80e93a6bd9b92a26255d2dfa302020d7e9492b4e09169f691664dd8dcb
ed2380fc085733ade0c271519822f33cdf27d6c86079b181845993222f59b84e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f8c61224b03aea85bbfa71048c716392cfe7e7f01fc7e1fd39ee9c8046441951
f925a3ae508f85a0c689e91b3659ac53c9165f288fc04c4aa1abbf9eee45ee35
fb3f06d20468e43ec7bc7fd0778c5217b225fbf17d421fa726006ea727ed81d1
fdd86720ec28b58de0da0aae6724a8c16252df0b6211636315ce6d0e1de221d0
feccc42c28138eb5a796542c816b41755d811818695a903de53ec8f435957a06

scripts.web-services.shop Open in urlscan Pro 2606:4700:3034::ac43:a258 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

81 %IPv6

20 Domains

26 Subdomains

26 IPs

5 Countries

9667 kBTransfer

12748 kBSize

13 Cookies

6 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

scripts.web-services.shop Open in urlscan Pro
2606:4700:3034::ac43:a258 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

81 %
IPv6

20
Domains

26
Subdomains

26
IPs

5
Countries

9667 kB
Transfer

12748 kB
Size

13
Cookies

70 HTTP transactions
1 data transactions