www.msgame.xyz Open in urlscan Pro
3.67.234.155 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3QMxQ9V
Effective URL:
https://www.msgame.xyz/house%20of%20dragon/
Submission: On September 04 via manual (September 4th 2022, 3:53:48 pm UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 22 domains to perform 71 HTTP transactions. The main IP is 3.67.234.155, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.msgame.xyz.
TLS certificate: Issued by R3 on July 21st 2022. Valid for: 3 months.

This is the only time www.msgame.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.67.234.155 3.67.234.155	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:c400:4:8d81:2c00:21	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:303... 2606:4700:3035::6815:12ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400e:80f::200a	15169 (GOOGLE) (GOOGLE)
10	2600:9000:225... 2600:9000:225e:b400:12:a4d0:1300:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	51.210.32.132 51.210.32.132	16276 (OVH) (OVH)
5	2a00:1450:400... 2a00:1450:4001:830::2009	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	185.66.200.221 185.66.200.221	201702 (SKHOSTING-EU) (SKHOSTING-EU)
1	18.66.138.160 18.66.138.160	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:6027... 2620:100:6027:15::a27d:480f	19679 (DROPBOX) (DROPBOX)
4	2001:8d8:100f... 2001:8d8:100f:f000::263	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1	2a04:4e42:600... 2a04:4e42:600::626	54113 (FASTLY) (FASTLY)
4	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:c76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:9dcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
71	21

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.234.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-234-155.eu-central-1.compute.amazonaws.com

www.msgame.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:c400:4:8d81:2c00:21 (United States)

ASN16509 (AMAZON-02, US)

dyodrs1kxvg6o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3035::6815:12ea (United States)

ASN13335 (CLOUDFLARENET, US)

hotdstream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:80f::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:225e:b400:12:a4d0:1300:21 (United States)

ASN16509 (AMAZON-02, US)

d35kbxc0t24sp8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cak36.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.210.32.132 (France)

ASN16276 (OVH, FR)
PTR: ns3172604.ip-51-210-32.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
draft.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.66.200.221 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.221.skhosting.eu

cdn-server.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.138.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-138-160.fra60.r.cloudfront.net

jwpsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6027:15::a27d:480f (United States)

ASN19679 (DROPBOX, US)

dl.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:8d8:100f:f000::263 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

www.dev.powered-by-haiku.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
powered-by-haiku.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::626 (United States)

ASN54113 (FASTLY, US)

p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c76 (United States)

ASN13335 (CLOUDFLARENET, US)

iclickcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:9dcb (United States)

ASN13335 (CLOUDFLARENET, US)

baboapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	hotdstream.com hotdstream.com	141 KB
12	cloudfront.net dyodrs1kxvg6o.cloudfront.net d35kbxc0t24sp8.cloudfront.net	66 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com — Cisco Umbrella Rank: 279	66 KB
4	baboapp.com baboapp.com	72 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 384	235 KB
4	powered-by-haiku.co.uk www.dev.powered-by-haiku.co.uk powered-by-haiku.co.uk	106 KB
4	blogger.com www.blogger.com — Cisco Umbrella Rank: 8931 draft.blogger.com — Cisco Umbrella Rank: 70332	162 KB
3	gstatic.com fonts.gstatic.com	42 KB
2	ibb.co i.ibb.co — Cisco Umbrella Rank: 12750	177 KB
2	blogspot.com cak36.blogspot.com	9 KB
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 46751	543 B
1	iclickcdn.com iclickcdn.com — Cisco Umbrella Rank: 119891	25 KB
1	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 16499	299 B
1	jwpcdn.com p.jwpcdn.com — Cisco Umbrella Rank: 2531	14 KB
1	dropboxusercontent.com dl.dropboxusercontent.com — Cisco Umbrella Rank: 12966
1	jwpsrv.com jwpsrv.com — Cisco Umbrella Rank: 3001	45 KB
1	cdn-server.cc cdn-server.cc	172 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 641	32 KB
1	msgame.xyz www.msgame.xyz	9 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4751	240 B
0	bootstrapcdn.com Failed maxcdn.bootstrapcdn.com Failed
0	yourjavascript.com Failed yourjavascript.com Failed
71	22

	Domain	Requested by
18	hotdstream.com	www.msgame.xyz hotdstream.com
10	d35kbxc0t24sp8.cloudfront.net	dyodrs1kxvg6o.cloudfront.net
4	baboapp.com	cak36.blogspot.com
4	cdn.jsdelivr.net	cak36.blogspot.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.msgame.xyz cak36.blogspot.com
2	draft.blogger.com	cak36.blogspot.com
2	ajax.googleapis.com	cak36.blogspot.com
2	powered-by-haiku.co.uk	cak36.blogspot.com
2	www.dev.powered-by-haiku.co.uk	cak36.blogspot.com
2	www.blogger.com	cak36.blogspot.com
2	i.ibb.co	www.msgame.xyz cak36.blogspot.com
2	cak36.blogspot.com	www.msgame.xyz cak36.blogspot.com
2	dyodrs1kxvg6o.cloudfront.net	www.msgame.xyz cak36.blogspot.com
1	bedrapiona.com	iclickcdn.com
1	iclickcdn.com	cak36.blogspot.com
1	resources.blogblog.com	cak36.blogspot.com
1	p.jwpcdn.com	cak36.blogspot.com
1	dl.dropboxusercontent.com	cak36.blogspot.com
1	jwpsrv.com	cak36.blogspot.com
1	cdn-server.cc	cak36.blogspot.com
1	code.jquery.com	cak36.blogspot.com
1	www.msgame.xyz
1	bit.ly	1 redirects
0	maxcdn.bootstrapcdn.com Failed	cak36.blogspot.com
0	yourjavascript.com Failed	cak36.blogspot.com
71	26

This site contains no links.

Subject Issuer	Validity	Valid
*.msgame.xyz R3	`2022-07-21` - `2022-10-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.hotdstream.com GTS CA 1P5	`2022-08-21` - `2022-11-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
ibb.co R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
cdn-server.cc R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
jwpsrv.com Amazon	`2022-04-19` - `2023-05-18`	a year	crt.sh
dl.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-08` - `2023-03-11`	a year	crt.sh
www.dev.powered-by-haiku.co.uk GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-14` - `2023-04-27`	a year	crt.sh
g.sni-626-default.ssl.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-07` - `2023-08-08`	a year	crt.sh
*.powered-by-haiku.co.uk Encryption Everywhere DV TLS CA - G1	`2022-03-23` - `2023-04-05`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-12` - `2022-10-11`	a year	crt.sh
*.baboapp.com E1	`2022-07-24` - `2022-10-22`	3 months	crt.sh
bedrapiona.com R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.msgame.xyz/house%20of%20dragon/
Frame ID: 6DC7B9CEEE5CDF02B61D3B799F4864C1
Requests: 29 HTTP requests in this frame

Frame: https://cak36.blogspot.com/p/cpa1.html
Frame ID: A940547E47BDD7868786F6E17F4DDFA8
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

House Of The Dragon – Watch Full HD –House Of The Dragon – Watch Full HD –

Page URL History Show full URLs

https://bit.ly/3QMxQ9V HTTP 301
https://www.msgame.xyz/house%20of%20dragon/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

71
Requests

93 %
HTTPS

71 %
IPv6

22
Domains

26
Subdomains

21
IPs

7
Countries

1201 kB
Transfer

3112 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3QMxQ9V HTTP 301
https://www.msgame.xyz/house%20of%20dragon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

71 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.msgame.xyz/house%20of%20dragon/
Redirect Chain

https://bit.ly/3QMxQ9V
https://www.msgame.xyz/house%20of%20dragon/

52 KB
9 KB

99ms
9ms

Document
text/html

3.67.234.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.msgame.xyz/house%20of%20dragon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.67.234.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-234-155.eu-central-1.compute.amazonaws.com

Software

Netlify /

Resource Hash

54eeba8189884a9d05eedd33d4d1eda708152f4ffeca9176ae1700e31130ead1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49813
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-length: 8881
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 02:03:30 GMT
etag: "f495eec0768034d42e6229f58ef322a5-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GC4KAB6937HVF56BHSPCGD0T

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 126
content-type: text/html; charset=utf-8
date: Sun, 04 Sep 2022 15:53:43 GMT
location: https://www.msgame.xyz/house of dragon/
server: nginx
via: 1.1 google

GET
H2 200 fc2e6a7.js Show response
dyodrs1kxvg6o.cloudfront.net/ 23 KB
7 KB 222ms
190ms Script
application/javascript 2600:9000:2491:c400:4:8d81:2c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c400:4:8d81:2c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:31:06 GMT
content-encoding: br
last-modified: Sat, 06 Aug 2022 10:17:17 GMT
server: AmazonS3
age: 58482
etag: W/"f35b39586568ca1063fc72edc92467c3"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: xHUl54efb6YXE0EU2A8tYCjorV8NVew571S2R5hRhf-mWhIdRNS_Gw==

GET
H2 200 style.css
hotdstream.com/wp-content/themes/twentytwentytwo/ 5 KB
2 KB 251ms
16ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/themes/twentytwentytwo/style.css?ver=1.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Apr 2022 15:26:11 GMT
server: cloudflare
etag: W/"15e2-5dd905003aac0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNj60urnAWwHrPNY583nP0OTdhqiyQTPGATQNHAuDMvCD4vNZMHur84TuemlmFScsZ2xlEH%2BK7aKb3EJl65XDLkKhtZ0NLv9%2BLomgDnlouxqu8UQbPQFTd4HLTrnqNAJo97oRUzj6Z10xNAm9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbca89170-FRA
expires: Mon, 04 Sep 2023 03:13:19 GMT

GET
H2 200 elementor-icons.min.css
hotdstream.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 255ms
19ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"4b4f-5e6c585da7212-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmMktJ2d%2FVV7AmNRd535fzgucHm6WtQE9oeAccZt8ovuXNKndQ1wVLEC0jmmzYpJutrBFO3nNPVGZs8MTw0h6lYs8T01IUKX%2FMF5y3bVMlpCcFEGDjHaE%2B9w6eRIzzQHheXCB%2F0rb81QaGwCEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcab9170-FRA
expires: Mon, 04 Sep 2023 03:13:19 GMT

GET
H2 200 frontend-lite.min.css
hotdstream.com/wp-content/plugins/elementor/assets/css/ 106 KB
14 KB 253ms
18ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41eb05a76086e814292dac86651f07c9c3ec5dc82a6ca0e642711a25f4628579

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"1a788-5e6c585db605a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OAu862cRu44lucDx7JI1Ov5EpnCZ7t6Uhe28JuDy3nILs2RmkIEvvAjO3ueu0BW3ZOgi7J4nekLVU3fiTHxhjB%2FtpM%2B4YrUAsbmIEhduq9pwBYqM771NIOlg0k6xt9zBD77gZuQ3OIWuQQd8aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcad9170-FRA
expires: Mon, 04 Sep 2023 03:13:19 GMT

GET
H2 200 post-5.css
hotdstream.com/wp-content/uploads/elementor/css/ 1 KB
670 B 256ms
21ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/uploads/elementor/css/post-5.css?ver=1661111111
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2f7d2878965ad61dcecd013500c1d038c5d6a8311a2da6299510566272e70f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:45:11 GMT
server: cloudflare
etag: W/"45d-5e6c591c101f1-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIYYYWRRwyxRtaheIYySW%2FkBEOu5%2FzidR3X2Q8DzTDPlmaiUpdaGpU5lWBHp6iswIjSmFhdalyW40wj5lhjRxZWOex0R0NGi%2BnLez%2F8ug3QB9IvGemewArqaa%2F5euuk0z8afB4hdBHNmQD8vNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcb19170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 global.css
hotdstream.com/wp-content/uploads/elementor/css/ 64 KB
5 KB 257ms
22ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/uploads/elementor/css/global.css?ver=1661111240
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95431d4e4465f4200f2aae56892abf49c6234c9c150411e8b97dd32496bdec24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:47:20 GMT
server: cloudflare
etag: W/"feba-5e6c59972b7e3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB%2F6cHYgTLkk%2FoEbFcSkPlmP1qw3tDeI2OsiNMHQJJmB3JqT%2F4G3PMhblkphm%2B%2FTx0Z6peRRgwnHlroRe6mWbx3HtGMW0hTenzTrsi6r7BKJkEODI8g4S2DupwlUSutxvVMF6fn3jzElJzLrHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcaf9170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 post-6.css
hotdstream.com/wp-content/uploads/elementor/css/ 25 KB
2 KB 251ms
17ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/uploads/elementor/css/post-6.css?ver=1661121709
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc7dd2fc46dc1ba550aade23b810533516168942ce672156b7b4d8f19376261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 22:41:49 GMT
server: cloudflare
etag: W/"6422-5e6c8096f9705-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wEdcF9gMajcyXvsDKC86F9BofiakhqoP%2BzyWpohWenhRaBCZ8AONZMRqIu1Crjtq0LfXsH0pPvegkIstC4swAcEoBZgts7OBPGSKLwmXVd4cettjileXhNAnjrl1inaH8%2BWkGYPvXuV3F5xLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcb59170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 42 KB
2 KB 51ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1

Requested by

Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 15:46:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 15:53:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 15:53:43 GMT

GET
H2 200 fontawesome.min.css
hotdstream.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 253ms
18ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"e238-5e6c585dac802-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5u1encxVJJTnWdzM3Ova7ZAmE9wVfpojWHDix0AZM6TSlBLJkinakb69ebduDhv9VDXHO6Ahet18iQHTGC9FExjC2%2Bx2CR9ZV80OKzx%2BGCKDhwLofozMWrYYdkuC4PvuChwr9FFoERwgFKx9%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcb49170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 solid.min.css
hotdstream.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
608 B 257ms
23ms Stylesheet
text/css 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"29d-5e6c585dac032-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1JE8nXXB0zIIehD6TPNofKZb5nNhviW1HCcReH1UaHoFliWfjoPyylYyITqdn5twbf0himwAQmk4LlEB8afo8kTA5a%2FA%2BOJ2E5ZojiUQw0NUI77FlY7vlJwA9%2FdKxbCvtO3BCbuZgDdzmSPdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 7457e64fbcb79170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 webpack.runtime.min.js Show response
hotdstream.com/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 259ms
25ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e51333e0d97f39a57865cc8fd0d93d0fa3f3fd8006dba18fc5109506947e7719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"135d-5e6c585dbb262-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PZTIBUXDzLjLEnY87GIaqRTBxYgLiwoWx5x%2BJ4YxOQpK0KHdwGcjjDxSkE5P%2BACUFAve2bglVW6P%2FcfpHR%2Fl9ns6LQEhgEFwuMvMqCNt7UarIBD1U80jyeda3za1tVH%2BSP1nXBCq8hHmKNukLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fccca9170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 jquery.min.js Show response
hotdstream.com/wp-includes/js/jquery/ 87 KB
32 KB 259ms
25ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: cloudflare
etag: W/"15db1-5bd3006388300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZgx33GGLxSdhI%2B%2Bc7DlJEkF%2BEeI4UGVziF2GQIgnqVl%2FnwG6SdRoUU%2B9KPMvlRiC30HEl70RJtyueQ6RApCKrN5eJztvaQQ4jtLEVlmDsF2v%2Bg%2F%2FPTIbuCanmpc%2BuOv%2FJZ3sQxq7ON9UVcSDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fccc99170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
hotdstream.com/wp-includes/js/jquery/ 11 KB
5 KB 255ms
21ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: cloudflare
etag: W/"2bd8-5b45debe27b80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S5Ucw3hLZioYo9PkXfxGUzQp3T4QtrVEgP9ZGeCXxx6HmTax9Un2LpahZMYu7AEyogaDkjln11fVYibjNvK38SHAC2QMel6cEC8fij0N88N%2BhoQk9XkcNH2iLMoT4xu2dnfmpDLHpvGeGHvl7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fccc89170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 frontend-modules.min.js Show response
hotdstream.com/wp-content/plugins/elementor/assets/js/ 32 KB
11 KB 257ms
24ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f47145bc2e9ff1ce383c4bbd7640693e318135d7c80b089b17c00f9745d0fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"80a1-5e6c585db970a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNvw%2F57colA%2BrCPJJbvAmcEM3AQ2P%2BOeeabIa8Stms84c8EdyEriYRTqP8ZEXAhV2tyz4dudz5GEIVbfI0VWCyw5Ca3CTNxxBaAcxOsecJqFoqYllgNy7W3rKtKr6G0mLx36YECnjYWkBwrG1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fccc79170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 waypoints.min.js Show response
hotdstream.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 261ms
28ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"2fa6-5e6c585da75fa-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FV4Z4Be3vutp4REHMaaY7XVsVhSkIjrq%2B0Y7ToQ0q%2FkjsH3edIqJSiJhVctgNe7cR%2BeOvA1zkeD1bhzX0nBhrGqgmtC%2BKMhEob4v6HJ810kN%2BOZvEQlcwVqAvUcn5ksKx%2FeUAnRhxFGCAPebdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fccce9170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 core.min.js Show response
hotdstream.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 263ms
29ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: cloudflare
etag: W/"50eb-5dc2a2438e980-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpN2P%2FcF4QBBO6y%2FUNs9WjzqiJJDhw%2BApem82ZM7H1E%2BYlLP1irCXpW2eWW1XoB3kdEFPS8pqsN1md6z4HK3chBkapKqq8bpdPGcfKgKAjWP0aYZpQzH%2BBCSAMTZblfa9sWp0CFblznY1KoWDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fcccd9170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 frontend.min.js Show response
hotdstream.com/wp-content/plugins/elementor/assets/js/ 40 KB
13 KB 271ms
38ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.2
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58706f1834084cd699f0166a036ef377b4d7a4ab55627eff206b93a3098269a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"9e41-5e6c585db970a-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GB0zucMHvnw%2BL3R%2F%2By7EzDP7UKFUhFDuieOlVfYcWDOGV85Ag7nZicsdfc1XGPTgBDXRtSgWrn%2F4tTQvgguw3yyeAonWuba%2FLNljOCr0UhgJiIKyCf%2BmQTZnllTAe1KtgZ%2Fi2tot8MXy%2BXajjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fcccc9170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 html.2949942.8c7a3.0.js Show response
d35kbxc0t24sp8.cloudfront.net/public/external/v2/ 17 KB
18 KB 205ms
167ms Script
application/javascript 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.2949942.8c7a3.0.js
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 76963f40dafff1ca727fb26b975d44c3f21a3e8ad040604fcc9ed3ffeacbd7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: co0u0t--76kfoRcdyaI-SFYqF2pTYIjlDk_DaHe7zb5Px0heqxWGyA==

GET
H2 200 css_front.css
d35kbxc0t24sp8.cloudfront.net/public/external/ 6 KB
7 KB 217ms
162ms Stylesheet
text/css 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
etag: "19c4-5a8c5e62e9d0a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: Gflf8e1wiLJZt4-vBZsX6JfOe-e49FYPBgRj5OJJitffJbT95UtpXQ==

GET
H2 200 wp-emoji-release.min.js Show response
hotdstream.com/wp-includes/js/ 18 KB
5 KB 22ms
16ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45760
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
server: cloudflare
etag: W/"48b9-5dc6eb878efc0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=webUw%2BVtVW8e8W9k65swtGpvUNs%2BRW0EwMIWTs1d8L76Cgj7rBFtdQwYqXjQT0%2BWrcqX%2FlR5MIpnArODoEi2inoBK62PSgkH4QeK3bq31V25ier4Urli4Rw0pwvsWaWV34vN3CLVNKfvmy2vRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e64fed109170-FRA
expires: Mon, 04 Sep 2023 03:11:03 GMT

GET
H2 200 cpa1.html Show response
cak36.blogspot.com/p/ Frame A940 18 KB
7 KB 291ms
182ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cak36.blogspot.com/p/cpa1.html

Requested by

Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b3754e0400f43e67165f832945a9aff6cc75b03d5848f0a2ddce41579da5dbe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.msgame.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 6364
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 15:53:43 GMT
etag: W/"f98f3b3c98bcc79ad50e23ae8964b4f90db9df89c287df1bfb85e30c88e5f148"
expires: Sun, 04 Sep 2022 15:53:43 GMT
last-modified: Sat, 03 Sep 2022 15:54:00 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 92ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.msgame.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 37442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 05:29:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 94ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.msgame.xyz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 287512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Sep 2023 08:01:51 GMT

GET
H2 200 Untitled-1-1.png
i.ibb.co/j4y1hY0/ 73 KB
73 KB 153ms
15ms Image
image/png 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/j4y1hY0/Untitled-1-1.png
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 86dd6fad0f73d5181659781b9d6c7f0e99d277ed23c3fe9c3547c540358e3bbb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
last-modified: Mon, 22 Aug 2022 13:22:02 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 74446
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 MV5BZDBkZjRiNGMtZGU2My00ODdkLWI0MGYtNGU4MmJjN2MzOTkxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@._V1_SX300-203x300.jpg
hotdstream.com/wp-content/uploads/2022/08/ 19 KB
20 KB 18ms
17ms Image
image/jpeg 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hotdstream.com/wp-content/uploads/2022/08/MV5BZDBkZjRiNGMtZGU2My00ODdkLWI0MGYtNGU4MmJjN2MzOTkxXkEyXkFqcGdeQXVyMDM2NDM2MQ@@._V1_SX300-203x300.jpg
Requested by: Host: www.msgame.xyz
URL: https://www.msgame.xyz/house%20of%20dragon/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b5e0baa05c7bc57016e6ac8f97a6a7b9ed47f072d73362ea8a9058232cd214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45624
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19924
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 22:26:49 GMT
server: cloudflare
etag: "4dd4-5e6c7d3c54cab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rxacwrq1Mx9aIUXM89Lw2nKV3twlQDlHLoOr%2FoYBpxIbnCkx2hARZtuQlaZ%2BoP2j1QVCOIw%2F%2BkQelGdXp67ET2xALGm%2B7FTh3BaH%2FIuTVipsm7UwT1hXsloGA2QdBwfLXnakWTKjkxwof3ZNOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7457e650090f9b46-FRA
expires: Mon, 04 Sep 2023 03:13:19 GMT

GET
H3 200 text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
hotdstream.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 14ms
14ms Script
application/x-javascript 2606:4700:3035::6815:12ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hotdstream.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: hotdstream.com
URL: https://hotdstream.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:12ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0bf2517d507b3836fd20de2da7c34d34d971b5d83e76af1a1572970c7f357aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45623
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 21 Aug 2022 19:41:52 GMT
server: cloudflare
etag: W/"54f-5e6c585db6ffa-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QELyU9gQbKOMyX%2FuoqpDmpLyL4IOWYVZIMaW2l%2Fv8uF0Jz1Z7kiln6xguuBSIJ7mNXJPNdCqsQUf4m1IwhjrjpNSUMLN0OYd7idowaO0COAWEsm8Q35%2FQAq6BN5tDnv1Vf87FqFyNMHLf4g51Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 7457e65049779b46-FRA
expires: Mon, 04 Sep 2023 03:13:20 GMT

GET
H2 200 55013136-widget_css_bundle.css
www.blogger.com/static/v1/widgets/ Frame A940 30 KB
7 KB 87ms
8ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/55013136-widget_css_bundle.css

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 12:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12444
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6620
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 00:00:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 04 Sep 2023 12:26:20 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A940 658 B
349 B 53ms
19ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Tajawal

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3918416f8b662bf9d62871f34e70451054865e55a131a3a372bfa1eefb31849c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 14:53:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 15:53:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 15:53:43 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ Frame A940 91 KB
32 KB 65ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:43 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-16bb3"
vary: Accept-Encoding
x-hw: 1662306823.dop002.fr8.t,1662306823.cds015.fr8.hn,1662306823.cds272.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32788

GET hghg.js
yourjavascript.com/4739242120/ Frame A940 0
0

GET
H2 200 wl-http.js Show response
cdn-server.cc/p/ Frame A940 0
172 B 150ms
30ms Script
application/javascript 185.66.200.221
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-server.cc/p/wl-http.js?pub=264498amp;ga=g
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.221 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.221.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: cache
date: Sun, 04 Sep 2022 15:53:44 GMT
cache-control: max-age=3600
expires: Sun, 04 Sep 2022 16:53:44 GMT
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-type: application/javascript

GET
H/1.1 200
OK o3BeDjJfEeKT8yIACp8kUw.js Show response
jwpsrv.com/library/ Frame A940 130 KB
45 KB 68ms
9ms Script
text/javascript 18.66.138.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jwpsrv.com/library/o3BeDjJfEeKT8yIACp8kUw.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.138.160 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-138-160.fra60.r.cloudfront.net
Software: openresty /
Resource Hash: 3c2cfce89604276ae0428ff864c38ab2fc66811e690fa732b2940303b37d1638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 15:52:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Server: openresty
Age: 83
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
access-control-allow-origin: *
Cache-Control: max-age=180
X-Amz-Cf-Pop: FRA60-P4
Content-Length: 45419
Via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: viMKTJN4-v5Q1n1Uptk-5IX_EyQl2Q62_rGTueQHyOqEdQr9xlK6rw==

GET
H2 403 jw6-touchscroll.min.js
dl.dropboxusercontent.com/s/1sbu88nx2qddejf/ Frame A940 0
0 274ms
160ms Script
text/html 2620:100:6027:15::a27d:480f
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dropboxusercontent.com/s/1sbu88nx2qddejf/jw6-touchscroll.min.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:100:6027:15::a27d:480f , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 404 jwplayer.js
www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/v6/ Frame A940 0
0 136ms
28ms Script
text/html 2001:8d8:100f:f000::263
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/v6/jwplayer.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::263 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 404 jwplayer-html-config.min.js
www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/ Frame A940 0
0 139ms
31ms Script
text/html 2001:8d8:100f:f000::263
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/jwplayer-html-config.min.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::263 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 jwplayer.js Show response
p.jwpcdn.com/6/5/ Frame A940 41 KB
14 KB 74ms
8ms Script
text/plain 2a04:4e42:600::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://p.jwpcdn.com/6/5/jwplayer.js?ver=3.8.1
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4912891c1e5e3878e92f522c5aca92007785c0d3ef456bc8d2e2f301214cd4ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 varnish
age: 3239
x-cache: HIT
content-encoding: gzip
content-length: 14364
x-served-by: cache-hhn4025-HHN
last-modified: Mon, 22 Jun 2015 14:09:47 GMT
server: AmazonS3
x-timer: S1662306824.006216,VS0,VE1
etag: "4cb260fc9aa0c0ecf0f7d02843376f6c"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jquery.js Show response
powered-by-haiku.co.uk/wp-includes/js/jquery/ Frame A940 282 KB
102 KB 134ms
40ms Script
application/javascript 2001:8d8:100f:f000::263
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://powered-by-haiku.co.uk/wp-includes/js/jquery/jquery.js?ver=1.10.2
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::263 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 11:07:30 GMT
server: Apache
etag: "46758-5e78780bca080-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
expires: Sun, 02 Oct 2022 15:53:44 GMT

GET
H2 200 jquery-migrate.min.js Show response
powered-by-haiku.co.uk/wp-includes/js/jquery/ Frame A940 11 KB
5 KB 122ms
28ms Script
application/javascript 2001:8d8:100f:f000::263
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://powered-by-haiku.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:8d8:100f:f000::263 , Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 11:07:30 GMT
server: Apache
etag: "2bd8-5e78780bca080-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2419200
accept-ranges: bytes
content-length: 4563
expires: Sun, 02 Oct 2022 15:53:44 GMT

GET
H2 200 fc2e6a7.js Show response
dyodrs1kxvg6o.cloudfront.net/ Frame A940 23 KB
7 KB 353ms
350ms Script
application/javascript 2600:9000:2491:c400:4:8d81:2c00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:c400:4:8d81:2c00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:49:07 GMT
content-encoding: br
last-modified: Sat, 06 Aug 2022 10:17:17 GMT
server: AmazonS3
age: 58483
etag: W/"f35b39586568ca1063fc72edc92467c3"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: ZbXzMaZBZP1idEWbtLQ9zgEk7O-e0Ke7gc0b6hdnHHN-7hyGAjXkkg==

GET
H3 200 css
fonts.googleapis.com/ Frame A940 3 KB
659 B 51ms
20ms Stylesheet
text/css 2a00:1450:400e:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo:300,400,700|Material+Icons

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:80f::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67069824277834008549b87d03fb40cef7eefa75eb0f0ee5d5ef443decdac6d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 15:53:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 15:53:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 15:53:43 GMT

GET
H2 200 clappr.min.js Show response
cdn.jsdelivr.net/clappr/latest/ Frame A940 517 KB
127 KB 39ms
7ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr/latest/clappr.min.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 5590575
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 129736
etag: W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
x-served-by: cache-fra19154-FRA, cache-hhn4042-HHN
date: Sun, 04 Sep 2022 15:53:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 level-selector.min.js Show response
cdn.jsdelivr.net/clappr.level-selector/latest/ Frame A940 9 KB
3 KB 47ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3509179
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3061
etag: W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
x-served-by: cache-fra19133-FRA, cache-hhn4042-HHN
date: Sun, 04 Sep 2022 15:53:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A940 95 KB
34 KB 45ms
8ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 14:06:33 GMT

GET
H2 200 dash-shaka-playback.js Show response
cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/ Frame A940 302 KB
92 KB 46ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/clappr/dash-shaka-playback@latest/dist/dash-shaka-playback.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff598484d32ac8e952b42fc96f5cc18f64b328d24ba3796fa4d5dff86a3f2341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40782
x-jsd-version: 2.3.6
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94481
etag: W/"4b77a-Yz713NHRTz/M2BkguJquVQSBCVM"
x-served-by: cache-fra19178-FRA, cache-hhn4042-HHN
x-jsd-version-type: version
date: Sun, 04 Sep 2022 15:53:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 clappr-chromecast-plugin.js Show response
cdn.jsdelivr.net/clappr.chromecast-plugin/latest/ Frame A940 67 KB
12 KB 46ms
15ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clappr.chromecast-plugin/latest/clappr-chromecast-plugin.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 2911100
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12467
etag: W/"10d03-RHmlaMw21gVFkX7fZK8TTUNDrd8"
x-served-by: cache-fra19178-FRA, cache-hhn4042-HHN
date: Sun, 04 Sep 2022 15:53:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ Frame A940 162 B
299 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 15:26:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 29 Aug 2022 04:50:08 GMT
server: sffe
age: 520030
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 05 Sep 2022 15:26:34 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ Frame A940 82 KB
29 KB 25ms
9ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:12:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29725
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Sep 2023 14:12:34 GMT

GET
H3 200 cookienotice.js Show response
cak36.blogspot.com/js/ Frame A940 6 KB
2 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cak36.blogspot.com/js/cookienotice.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/p/cpa1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 03:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44639
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2026
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 00:49:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 11 Sep 2022 03:29:45 GMT

GET
H3 200 1538240412-widgets.js Show response
www.blogger.com/static/v1/widgets/ Frame A940 154 KB
154 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1538240412-widgets.js

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db990b09f521d08b941d572d6ab8c2e9815781c199f3ef30ca3af114c1847e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:14:52 GMT
x-content-type-options: nosniff
age: 27532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157931
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 01:52:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Mon, 04 Sep 2023 08:14:52 GMT

GET
H2 200 css.css
d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/ 1010 B
1 KB 158ms
158ms Stylesheet
text/css 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: E5GAZZ5r4JLNArHXCGBCP7XDxz60G7u6Ob9dtsYSKCMGiMDmV3DZRA==

GET font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ Frame A940 0
0

GET
H2 200 authorization.css
draft.blogger.com/dyn-css/ Frame A940 1 B
684 B 653ms
579ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=1242368307147139153&zx=a71c6122-0c8b-48fa-81e5-ff76d31a7aef

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 04 Sep 2022 15:53:44 GMT
server: GSE
date: Sun, 04 Sep 2022 15:53:44 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html.2949942.8c7a3.0.js Show response
d35kbxc0t24sp8.cloudfront.net/public/external/v2/ Frame A940 17 KB
18 KB 169ms
168ms Script
application/javascript 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/v2/html.2949942.8c7a3.0.js
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 76963f40dafff1ca727fb26b975d44c3f21a3e8ad040604fcc9ed3ffeacbd7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: Furnj2R3UdPW6v4t6usO9is4Oj0bbyCZ9tr5MmEFOxDjsvKooXdVbA==

GET
H2 200 css_front.css
d35kbxc0t24sp8.cloudfront.net/public/external/ Frame A940 6 KB
7 KB 161ms
161ms Stylesheet
text/css 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/css_front.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jun 2020 20:06:47 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
etag: "19c4-5a8c5e62e9d0a"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6596
x-amz-cf-id: 1dkm3o7LVqbMFX1fup5YILZnjjxkr6byf4_kGlInFtcfB_u7TXytmg==

GET
H2 200 ep3.jpg
i.ibb.co/N9pXsxx/ Frame A940 104 KB
104 KB 15ms
14ms Image
image/jpeg 51.210.32.132
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/N9pXsxx/ep3.jpg
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.32.132 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3172604.ip-51-210-32.eu
Software: nginx /
Resource Hash: 926d616cb16b56e7a597a61aaed7ada26aed1722fbcf2220b7e3459a71605ecf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
last-modified: Sat, 03 Sep 2022 15:05:33 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 106446
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.min.js Show response
iclickcdn.com/ Frame A940 71 KB
25 KB 55ms
15ms Script
text/javascript 2606:4700:20::681a:c76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://iclickcdn.com/tag.min.js
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bf36e8b3921c26d78397e789be79bdb7273dafd1517c63cd53eedb22ca3097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin: *
age: 42919
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
x-trace-id: 577aacaf73e477d537b8c61ce55ab4eb
pragma: no-cache
last-modified: Thu, 01 Sep 2022 10:00:33 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CsRkfZcMFxMqn46DhgTTi5WXt8K5%2FjgCNCM2rlV3pULTqw6ET93wQodgNdzcdBIrkXrO1gIyScNKnbvtxbFvgMj3j%2FPVvqmcKqH1vTYnBgwHi99PT4EsvSMsc5QbZDE3g8t72T7LtnoWPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
cf-ray: 7457e654bbe29273-FRA
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
expires: Mon, 05 Sep 2022 03:58:25 GMT

GET
H3 200 Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/ Frame A940 10 KB
10 KB 25ms
9ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Tajawal

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://cak36.blogspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:49:29 GMT
x-content-type-options: nosniff
age: 331455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10256
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:06:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:49:29 GMT

GET
H2 206 ep22.mp4
baboapp.com/film/ Frame A940 61 KB
0 259ms
26ms Media
video/mp4 2606:4700:3037::ac43:9dcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baboapp.com/film/ep22.mp4
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cak36.blogspot.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Aug 2022 18:20:44 GMT
server: cloudflare
age: 1684
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0ApHIyBbdMyTIKfwv9iWftH%2FJrPTmsXpKl31OVLPOONt%2Bv2w68GfCmjJZi5w0q6mTQ7lEFzUw98%2BuesL0ksiWR3kwcmHj7J3nW5SQSuATRawICRYZ7fVZtV4MsTwsfDFqDxDHrJpEo2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 0-11017188/11017189
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 7457e6560825bc03-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 11017189

GET
H2 200 / Show response
bedrapiona.com/5/3541293/ Frame A940 45 B
543 B 74ms
13ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/3541293/?oo=1&js_build=iclick-v1.418.0-rc
Requested by: Host: iclickcdn.com
URL: https://iclickcdn.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 8ebbf2dba9811075da71ccd527f40b19d51d546dab66cc18632794040d7329b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-trace-id: 414b58b97a9d2e00d51ace569c2c5099
pragma: no-cache, no-cache
date: Sun, 04 Sep 2022 15:53:44 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://cak36.blogspot.com
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
content-length: 45
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 guid Show response
d35kbxc0t24sp8.cloudfront.net/public/ 0
287 B 161ms
160ms Script
text/html 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=931ancoa9&e=ll&t=1662306824608
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: AGy7BjCB5XF4OqrTKb5nmUSzEQ7y7mjaUviX-zEn0mulzRmDhs_xsg==

GET
H2 200 css.css
d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/ Frame A940 1010 B
1 KB 161ms
161ms Stylesheet
text/css 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash: a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 22:29:00 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
etag: "3f2-5a2f7428ae907"
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 1010
x-amz-cf-id: FZIclg5p9h_3R-Cw3F_ezACMLclmkAkYEToxbNA4sCIt3bHeJfwEhA==

GET
H3 206 ep22.mp4
baboapp.com/film/ Frame A940 69 KB
0 36ms
16ms Media
video/mp4 2606:4700:3037::ac43:9dcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baboapp.com/film/ep22.mp4
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cak36.blogspot.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=10878976-

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Aug 2022 18:20:44 GMT
server: cloudflare
age: 1684
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnFa3uC3M%2B0p7cOnHWVW3fpC2bRYMtnrdBO7QqLYq%2BguuSAhmQiZf6trTQ75MtMs5U8KF5Nk2dmskFdjpQy%2FlzRWDmVrICq%2BHeaT3GGCd4o7WHpucxyCWp9zrKey01v%2FNx7LpVlPDG6jjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 10878976-11017188/11017189
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 7457e6565e7bbb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 138213

GET ep22.mp4
baboapp.com/film/ Frame A940 0
0

GET
H3 206 ep22.mp4
baboapp.com/film/ Frame A940 71 KB
72 KB 14ms
14ms Media
video/mp4 2606:4700:3037::ac43:9dcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baboapp.com/film/ep22.mp4
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d477331b666146ce70964853722c553e01a1462229f73c975f0c37415567488

Request headers

Referer: https://cak36.blogspot.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=10944512-

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Aug 2022 18:20:44 GMT
server: cloudflare
age: 1684
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1Q56ghDjzyJlfdi2zbYjJkJNctPo%2FPSaLRkscItOp0O7hv0xWGgLBxh8NzVoX0NUpa7HAmmfHNJ311RRW%2FA5CBK%2B%2B1Q0C66aMavN7j5qeIrFn97Zxsgz7TtKrm1fld%2FuSJ08Wjo5Qc7cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 10944512-11017188/11017189
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 7457e6568ee1bb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 72677

GET
H3 206 ep22.mp4
baboapp.com/film/ Frame A940 69 KB
0 14ms
14ms Media
video/mp4 2606:4700:3037::ac43:9dcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baboapp.com/film/ep22.mp4
Requested by: Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9dcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://cak36.blogspot.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range: bytes=32768-

Response headers

date: Sun, 04 Sep 2022 15:53:44 GMT
cf-cache-status: HIT
last-modified: Sun, 28 Aug 2022 18:20:44 GMT
server: cloudflare
age: 1684
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeCbzAiGkkIBQ15SKmk88y1FYUvznZDuUyLSuY5HjgsVEhrSiNOf3L4OgYZBkbCyuIVLn9DdK2TtDQjYdW89urEgbPfxFNrQL4%2Fm4lfCQfR6m5Jvc4dh7MZne7hZ%2FrAgKr3iyg131ufs2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
Content-Range: bytes 32768-11017188/11017189
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 7457e656af3dbb79-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10984421

GET
H3 200 authorization.css
draft.blogger.com/dyn-css/ Frame A940 1 B
43 B 109ms
108ms Stylesheet
text/css 2a00:1450:4001:830::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://draft.blogger.com/dyn-css/authorization.css?targetBlogID=1242368307147139153&zx=a71c6122-0c8b-48fa-81e5-ff76d31a7aef

Requested by

Host: cak36.blogspot.com
URL: https://cak36.blogspot.com/p/cpa1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 04 Sep 2022 15:53:44 GMT
server: GSE
date: Sun, 04 Sep 2022 15:53:44 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 guid Show response
d35kbxc0t24sp8.cloudfront.net/public/ Frame A940 0
286 B 161ms
160ms Script
text/html 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/guid?cpguid=jzgm9d3ca&e=ll&t=1662306825323
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:45 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-length: 0
x-amz-cf-id: _lr_wsUx7gA--UyhgV5rWkQUfD9F4IVujZgJ0s6nANid54PDPy7DzA==

GET
H2 200 check.php Show response
d35kbxc0t24sp8.cloudfront.net/public/external/ 78 B
372 B 307ms
307ms Script
application/javascript 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/check.php?it=2949942&time=1662306825989
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.msgame.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: bJmuHuxK5nvptcIOP3G6TJ8ypg3JFbSK8bCeGyayhylFmPyB9Y4DAg==

GET
H2 200 check.php Show response
d35kbxc0t24sp8.cloudfront.net/public/external/ Frame A940 78 B
371 B 161ms
161ms Script
application/javascript 2600:9000:225e:b400:12:a4d0:1300:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d35kbxc0t24sp8.cloudfront.net/public/external/check.php?it=2949942&time=1662306826649
Requested by: Host: dyodrs1kxvg6o.cloudfront.net
URL: https://dyodrs1kxvg6o.cloudfront.net/fc2e6a7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:b400:12:a4d0:1300:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash: 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cak36.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 15:53:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop: FRA60-P4
x-powered-by: PHP/7.4.11
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 78
x-amz-cf-id: 3dt6n-S0j17WXNNBd04-uL-cwK0N47r5aR4ZJ2fPNC2EM9bgY5pUfA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: yourjavascript.com
URL: https://yourjavascript.com/4739242120/hghg.js

Domain: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Domain: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Domain: baboapp.com
URL: https://baboapp.com/film/ep22.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 10:04:18	Name: _bit Value: m84fRH-827ac752275f54a3c2-00N
			www.msgame.xyz/	1970-01-20 05:59:30	Name: _cpguid Value: 931ancoa9

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://yourjavascript.com/4739242120/hghg.js Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
security	error	URL: https://cak36.blogspot.com/p/cpa1.html(Line 74) Message: Mixed Content: The page at 'https://www.msgame.xyz/house%20of%20dragon/' was loaded over HTTPS, but requested an insecure prefetch resource 'http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://cak36.blogspot.com/p/cpa1.html(Line 74) Message: Mixed Content: The page at 'https://www.msgame.xyz/house%20of%20dragon/' was loaded over HTTPS, but requested an insecure stylesheet 'http://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/v6/jwplayer.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.dev.powered-by-haiku.co.uk/jw-html-config/jwplayer/jwplayer-html-config.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://dl.dropboxusercontent.com/s/1sbu88nx2qddejf/jw6-touchscroll.min.js Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
baboapp.com
bedrapiona.com
bit.ly
cak36.blogspot.com
cdn-server.cc
cdn.jsdelivr.net
code.jquery.com
d35kbxc0t24sp8.cloudfront.net
dl.dropboxusercontent.com
draft.blogger.com
dyodrs1kxvg6o.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hotdstream.com
i.ibb.co
iclickcdn.com
jwpsrv.com
maxcdn.bootstrapcdn.com
p.jwpcdn.com
powered-by-haiku.co.uk
resources.blogblog.com
www.blogger.com
www.dev.powered-by-haiku.co.uk
www.msgame.xyz
yourjavascript.com
baboapp.com
maxcdn.bootstrapcdn.com
yourjavascript.com
139.45.197.234
18.66.138.160
185.66.200.221
2001:4de0:ac18::1:a:2a
2001:8d8:100f:f000::263
2600:9000:225e:b400:12:a4d0:1300:21
2600:9000:2491:c400:4:8d81:2c00:21
2606:4700:20::681a:c76
2606:4700:3035::6815:12ea
2606:4700:3037::ac43:9dcb
2620:100:6027:15::a27d:480f
2a00:1450:4001:80f::2001
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2009
2a00:1450:400e:80f::200a
2a04:4e42:600::626
2a04:4e42::485
3.67.234.155
51.210.32.132
67.199.248.10
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1a2eca9e492e3a21e02dd77ad44d7af45c4091d35ede79e948b7a3f23e5b3617
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3918416f8b662bf9d62871f34e70451054865e55a131a3a372bfa1eefb31849c
3c2cfce89604276ae0428ff864c38ab2fc66811e690fa732b2940303b37d1638
41eb05a76086e814292dac86651f07c9c3ec5dc82a6ca0e642711a25f4628579
4912891c1e5e3878e92f522c5aca92007785c0d3ef456bc8d2e2f301214cd4ef
54eeba8189884a9d05eedd33d4d1eda708152f4ffeca9176ae1700e31130ead1
58706f1834084cd699f0166a036ef377b4d7a4ab55627eff206b93a3098269a2
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5dfdf00359b7743919a732ae8eb80536ff206faaf16a99fcdd3f967aca1f81e7
5f47145bc2e9ff1ce383c4bbd7640693e318135d7c80b089b17c00f9745d0fd7
60b5e0baa05c7bc57016e6ac8f97a6a7b9ed47f072d73362ea8a9058232cd214
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67069824277834008549b87d03fb40cef7eefa75eb0f0ee5d5ef443decdac6d6
76963f40dafff1ca727fb26b975d44c3f21a3e8ad040604fcc9ed3ffeacbd7cf
7d477331b666146ce70964853722c553e01a1462229f73c975f0c37415567488
83059e4c1a5c210e5585d96779fe655170817193d43e247c78dffaae7b7ba3a9
86dd6fad0f73d5181659781b9d6c7f0e99d277ed23c3fe9c3547c540358e3bbb
8c3010509fc7480b59413a90d69e9fafcb3d5aa202faf7862466f6bb8be1a335
8ebbf2dba9811075da71ccd527f40b19d51d546dab66cc18632794040d7329b4
926d616cb16b56e7a597a61aaed7ada26aed1722fbcf2220b7e3459a71605ecf
95431d4e4465f4200f2aae56892abf49c6234c9c150411e8b97dd32496bdec24
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b3754e0400f43e67165f832945a9aff6cc75b03d5848f0a2ddce41579da5dbe3
bbc7dd2fc46dc1ba550aade23b810533516168942ce672156b7b4d8f19376261
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c355fb42f94fa9a72def77d70ee8eb5ec4437f1382da257d62ba8e4d4c2b961a
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d7bf36e8b3921c26d78397e789be79bdb7273dafd1517c63cd53eedb22ca3097
db990b09f521d08b941d572d6ab8c2e9815781c199f3ef30ca3af114c1847e7c
e2f7d2878965ad61dcecd013500c1d038c5d6a8311a2da6299510566272e70f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51333e0d97f39a57865cc8fd0d93d0fa3f3fd8006dba18fc5109506947e7719
f0bf2517d507b3836fd20de2da7c34d34d971b5d83e76af1a1572970c7f357aa
f0f2a573c8865ae8576b67d2a40ab1077a9e068c038447391d28db9ea98af931
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff598484d32ac8e952b42fc96f5cc18f64b328d24ba3796fa4d5dff86a3f2341

www.msgame.xyz Open in urlscan Pro 3.67.234.155 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

93 %HTTPS

71 %IPv6

22 Domains

26 Subdomains

21 IPs

7 Countries

1201 kBTransfer

3112 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.msgame.xyz Open in urlscan Pro
3.67.234.155 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

93 %
HTTPS

71 %
IPv6

22
Domains

26
Subdomains

21
IPs

7
Countries

1201 kB
Transfer

3112 kB
Size

2
Cookies

71 HTTP transactions
0 data transactions