urlscan.io logo urlscan.io
SecurityTrails logo

1f09.net Open in urlscan Pro
172.67.187.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1f03.net/v/uC6gj9pTJH8?p=QJf1
Effective URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Submission: On April 30 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 56 HTTP transactions. The main IP is 172.67.187.153, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1f09.net.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2023. Valid for: 3 months.
This is the only time 1f09.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.202.217 13335 (CLOUDFLAR...)
7 172.67.187.153 13335 (CLOUDFLAR...)
1 104.17.25.14 13335 (CLOUDFLAR...)
6 74.125.68.95 15169 (GOOGLE)
1 104.26.15.62 13335 (CLOUDFLAR...)
3 52.84.225.16 16509 (AMAZON-02)
1 13.33.100.151 16509 (AMAZON-02)
1 104.16.185.65 13335 (CLOUDFLAR...)
4 172.64.132.29 13335 (CLOUDFLAR...)
4 13.33.33.85 16509 (AMAZON-02)
4 104.21.78.14 13335 (CLOUDFLAR...)
1 157.240.235.35 32934 (FACEBOOK)
4 6 172.217.194.84 15169 (GOOGLE)
3 74.125.68.94 15169 (GOOGLE)
1 104.21.10.136 13335 (CLOUDFLAR...)
1 1 142.251.10.190 15169 (GOOGLE)
8 74.125.68.190 15169 (GOOGLE)
2 74.125.200.132 15169 (GOOGLE)
1 2 142.251.12.155 ()
1 142.251.12.148 ()
1 142.251.12.104 ()
1 172.217.194.119 ()
1 74.125.130.132 ()
2 74.125.130.94 ()
56 23
1    172.67.202.217 (United States)

ASN13335 (CLOUDFLARENET, US)
1f03.net
7    172.67.187.153 (United States)

ASN13335 (CLOUDFLARENET, US)
1f09.net
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net
fonts.googleapis.com
jnn-pa.googleapis.com
1    104.26.15.62 (None, )

ASN13335 (CLOUDFLARENET, US)
fonts.cdnfonts.com
3    52.84.225.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-225-16.sin2.r.cloudfront.net
d13qwbj37sfx89.cloudfront.net
1    13.33.100.151 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-151.sin2.r.cloudfront.net
d3hv9xfqzxy46o.cloudfront.net
1    104.16.185.65 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsforms.net
4    172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
4    13.33.33.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-85.sin2.r.cloudfront.net
nedukeration.info
4    104.21.78.14 (None, )

ASN13335 (CLOUDFLARENET, US)
ranopportunit.info
1    157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com
www.facebook.com
6    172.217.194.84 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f84.1e100.net
accounts.google.com
3    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
fonts.gstatic.com
1    104.21.10.136 (None, )

ASN13335 (CLOUDFLARENET, US)
equirekeither.xyz
1    142.251.10.190 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f190.1e100.net
youtube.com
8    74.125.68.190 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f190.1e100.net
www.youtube.com
2    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
yt3.googleusercontent.com
2    142.251.12.155 (None, )

ASN- ()
googleads.g.doubleclick.net
1    142.251.12.148 (None, )

ASN- ()
static.doubleclick.net
1    142.251.12.104 (None, )

ASN- ()
www.google.com
1    172.217.194.119 (None, )

ASN- ()
i.ytimg.com
1    74.125.130.132 (None, )

ASN- ()
yt3.ggpht.com
2    74.125.130.94 (None, )

ASN- ()
www.gstatic.com
Apex Domain
Subdomains		 Transfer
9 youtube.com
youtube.com — Cisco Umbrella Rank: 69
www.youtube.com — Cisco Umbrella Rank: 87
870 KB
7 google.com
accounts.google.com — Cisco Umbrella Rank: 92
www.google.com
18 KB
7 1f09.net
1f09.net
415 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 119
jnn-pa.googleapis.com
33 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
92 KB
4 ranopportunit.info
ranopportunit.info
1 KB
4 nedukeration.info
nedukeration.info
4 KB
4 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 16041
202 KB
4 cloudfront.net
d13qwbj37sfx89.cloudfront.net
d3hv9xfqzxy46o.cloudfront.net
101 KB
3 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
1 KB
2 googleusercontent.com
yt3.googleusercontent.com — Cisco Umbrella Rank: 1051
875 KB
1 ggpht.com
yt3.ggpht.com
5 KB
1 ytimg.com
i.ytimg.com
78 KB
1 equirekeither.xyz
equirekeither.xyz
890 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
1 hsforms.net
js.hsforms.net — Cisco Umbrella Rank: 10641
164 KB
1 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 16460
629 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
5 KB
1 1f03.net
1f03.net
444 B
56 19
Domain Requested by
8 www.youtube.com 1f09.net
www.youtube.com
7 1f09.net 1f09.net
6 accounts.google.com 4 redirects 1f09.net
4 jnn-pa.googleapis.com www.youtube.com
4 ranopportunit.info 1f09.net
d13qwbj37sfx89.cloudfront.net
4 nedukeration.info d13qwbj37sfx89.cloudfront.net
4 pogothere.xyz d13qwbj37sfx89.cloudfront.net
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 d13qwbj37sfx89.cloudfront.net 1f09.net
nedukeration.info
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 yt3.googleusercontent.com
2 fonts.googleapis.com 1f09.net
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 youtube.com 1 redirects
1 equirekeither.xyz 1f09.net
1 www.facebook.com 1f09.net
1 js.hsforms.net 1f09.net
1 d3hv9xfqzxy46o.cloudfront.net 1f09.net
1 fonts.cdnfonts.com 1f09.net
1 cdnjs.cloudflare.com 1f09.net
1 1f03.net 1 redirects
56 25

This site contains links to these domains. Also see Links.

Domain
withkoji.com
www.youtube.com
pastebin.com
Subject Issuer Validity Valid
*.1f09.net
GTS CA 1P5		 2023-03-24 -
2023-06-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.cdnfonts.com
GTS CA 1P5		 2023-04-07 -
2023-07-06		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
nedukeration.info
Amazon RSA 2048 M01		 2023-04-16 -
2024-05-14		 a year crt.sh
ranopportunit.info
GTS CA 1P5		 2023-04-27 -
2023-07-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-06 -
2023-05-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Frame ID: B13CE228606E26A17E18340B65F713E2
Requests: 33 HTTP requests in this frame

Frame: https://nedukeration.info/ZmR0bHYHBhcBSQdZFkoDFAhJSUQgQUYqEldXBRsUDFdDHxAeXE1CFQoLAQgQFAsaGFgIAQBJRCAjF14BVABEOScnVRM+EwEHMjkdFlwlKhEnNkciICQPITU9ESomOyMnBzsVQiUqIFxDNQ89Ij8zURcpNBUPPD0FKjEnLRIiEwArLx4tPTozFhwiPh4hIzdZOSIIFyg4JAshOB5SEDU5BiIiGgsTJ1QDCT00XDopRjMgJgc/ITEaCDI0ITEJPR4HMD0nNAMlOg4/JUYuND4lECQXVio+LiIwAyU6DiQsHRgwMSY6KTRXPhEuEV8eJlwjMjYsOSUuIVk1FC8lJSYgJBMHLkYNITk0NCczDAQzBVUuCTQKXAErDg4GM140JCgMIjACNkwqLjQuEz0gHjYxBS8/JQxVJQJUOTwuATEFJBENMCY9OCU8JT4sAjJFNjcjPgM0IFYhJgE0JDwxOSEvHD0JLlcuRyIgDSIlKwInMxwtNQMhPUocFQsaHEsJUy0kNFImDCY
Frame ID: BBE960394CD827BF5A1CDB6441946BE5
Requests: 2 HTTP requests in this frame

Frame: https://nedukeration.info/VUgzUXU0KlA8SjR1UXcAJyQOdEcTbQEXEWR7QiYXP3sEIhMtcAp/FjknRjUTJyddJVs7LUd0RxMAZzoZIRx7BAEfL34gJj8nVBItEwVVCUQDLXY1GhwwBzsyL30DFyc5BXkmNGwPSWUaMwpcIDkROwoCDzIYeD8nMSlbOgMfP0MpICw7XRUbEw1SEhIfBFg5QzcwWGkyPB4DFQxlCmMoNAMGcSYYGnhAZDMdBVgQHwwrejggGClmMjwzDX1pIB0wBgMhJit6EkUWB0QLBzB5Azg0AjwECS1kDmoZGRwuSTUHMHkDZj0WChZjMwIfXxYxEjBVNzRkfFUEWAc4YWJBOgBnJi8eMgcYOT18XQEgPW0BEzhmPAUGGB8PVhYNMy51YRkcGlg5MgI8BB0YOQBVOCAQAksTBzB5AyMwFnhaEBgDGVUZHhoCcjIdHwlbISciIAcJPWAqVTwRDC1YA0IPeUt0RxcadCVCDRwLBD4WL1UbIxdwd2AdcHp1ABgXfmRjGhQrADZTPztcPwVoMGZoHBwYZBoTYD9VCAAh
Frame ID: BFF1B4594A0DACB6DB7EA246DADD4422
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/uC6gj9pTJH8
Frame ID: 9AC726C74F205BB4BB6B763DD4ECAE80
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

1-fo

Page URL History Show full URLs

  1. https://1f03.net/v/uC6gj9pTJH8?p=QJf1 HTTP 302
    https://1f09.net/v/uC6gj9pTJH8?p=QJf1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

56
Requests

95 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

23
IPs

3
Countries

2861 kB
Transfer

10642 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1f03.net/v/uC6gj9pTJH8?p=QJf1 HTTP 302
    https://1f09.net/v/uC6gj9pTJH8?p=QJf1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHGM3K8SI_4wH2xbzmvLhPCRqQlFA-935gqeg4X3jAOlorucW26m6I2c1ny4krPEMY4NYn3 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S1711903651%3A1682831919295933&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGqgrTMSOxiSN6IDj6EtHiWBWsyL6n6yuZ9R9fyP58Wu0qa86ZkdI1STM6av9P1DCjiqLTP1g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 19
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEGZxbXR-QBYrBrR9EYVPF9mhogBgDizmLkoXAEBiaoVdCzU63plDS2DqcLxiqQy4B6mAw8 HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1677566490%3A1682831919300281&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFb5U5QMgnvzboc1B69wFyOuiGpqj0j9IATzytYQq19Vby3OYkJcv-lujtf-lzvfFOarK3VzQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Request Chain 32
  • https://youtube.com/embed/uC6gj9pTJH8 HTTP 301
  • https://www.youtube.com/embed/uC6gj9pTJH8
Request Chain 43
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request uC6gj9pTJH8
1f09.net/v/
Redirect Chain
  • https://1f03.net/v/uC6gj9pTJH8?p=QJf1
  • https://1f09.net/v/uC6gj9pTJH8?p=QJf1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d81cf84dff1f4c978875e0a4b32809af42da933ed665004325ce94d7ead8d4f3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, content-type
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bfd53384fb66a72-SYD
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 05:18:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0BspKSVKQqLW8Av4nCNZzPZAISUrxQlyd6MGz5EzC%2FD9PJpZpZnwSYrY0ICsPvGTLIM2T6DUzIaNGYyl%2F5KxminIJxvwg1318%2B9qCw%2B9WoZehyb85W8k3pFjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bfd53337eb1a8b2-SYD
content-type
text/html
date
Sun, 30 Apr 2023 05:18:36 GMT
location
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lO7BNsw6y9Z9o6FDABG%2FDQdgZVOLvALWqJwtNm%2BsQq3OVHVtRpc9AEMYiY%2FzZDtTJokcYGTxvwTE8X0Djaq7XETLlyZxvyOlCew0GeBrDgBsQ71L7jbXBavsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
14286133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2B3RdfHMPjaQzI1J86XH5rXwRI%2BCeEfQkjtytClLjKyqn300Z5tvsIY1t9EMgL7S8J9vBMy3GQ7%2Fhu%2FCmDYTGQsMGTn9zZJAGxkJAAr6UMEoDcbyuJvsIL1zZxO8SW5oziDPEH0f"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bfd533cfa4aa801-SYD
expires
Fri, 19 Apr 2024 05:18:37 GMT
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito:wght@300;400;600;700;800&display=swap
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
882988404daa61b1d3f158c786be1365d10c787948e9d3b924e542430577fe76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 05:05:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 05:18:37 GMT
minecraft-4
fonts.cdnfonts.com/css/ 		169 B
629 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/minecraft-4
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.15.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 27 Oct 2022 12:08:59 GMT
server
cloudflare
age
15959378
cf-polished
origSize=204
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MA3RlOzkFWI0PXyvHukmFfg1%2F2aBsrQ3OEbFbAJ2U%2Bpf5FiSecv64D6kUnY9%2Bh0eOClWkpq4iB4gpB%2FhPiwhAMSQiGzLJiCoZ0mYbkR2nIF9rgkICvPeoFAo2bTMRcN8%2BwFWPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7bfd533d0dcbaad5-SYD
/
d13qwbj37sfx89.cloudfront.net/ 		308 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.225.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-225-16.sin2.r.cloudfront.net
Software
/
Resource Hash
99f00044daa4b6b9edbbad7ab7650a0fa8236745fc25934b95f39cd97c536368

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 05:18:38 GMT
content-encoding
gzip
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
100849
x-amz-cf-id
1772Dzo-ego509Z38U9kh97thWIJ49btes2gKMaVDiG2XgaEIiO3lg==
/
d3hv9xfqzxy46o.cloudfront.net/ 		0
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d3hv9xfqzxy46o.cloudfront.net/?fxvhd=981754
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.151 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-151.sin2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 05:18:38 GMT
via
1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-id
lvu3qilz6ruQtrjQGdyr64o1QjcIRDmiiSRsFovHxarDQ4PfMXhBIg==
ksdjgfks.js
1f09.net/v/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://1f09.net/v/ksdjgfks.js
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTbpsrF9LAiehRT93bh1MBE7TDxwmBS7RRJ3BV2RVMFKaoVEOAoYHv1o1w7w8ICtfrEqns711FBtijW4y7BIvF6Bnh5GK0L0%2Bw66NXD4F8IlsR5AMVok1igfwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
7bfd533bbacf6a72-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v2.js
js.hsforms.net/forms/ 		524 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsforms.net/forms/v2.js
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.185.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-encoding
br
age
154
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3102/bundles/project-v2.js&cfRay=7bfd4f770ad7a88e-IAD
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"250bc2c0c0e298494335c72c83b09e23"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3102/bundles/project-v2.js
date
Sun, 30 Apr 2023 05:18:37 GMT
x-amz-version-id
5gHIUZSUvmnzlEXn3ZiYc88hx3wrAZ6P
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
IAD12-P3
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
7
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
29713fde-c00f-4526-a8b0-ecb2e16ef8d7
last-modified
Tue, 25 Apr 2023 11:31:17 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQ5Evr%2FnHKPxAgq0UFaBBprlPBqNQZCx62gdKFok0gVcqdw7pxFtdUXoQHLlFQvAWYnat55o0hbiq0gmQDClNSWLEBDbYe6uUIt09RItxh9AuJxH5KUj23FZw6%2F3S4U%2F"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-589c5fd4fb-sbk7p
cf-ray
7bfd533d0efea865-SYD
x-amz-cf-id
tQhqS6vmafXKi3YmDBJ8GK1IiQE24dfK0qjBG0KBf7ECB7dG8KUwQQ==
regsw.js
1f09.net/ 		282 B
484 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1f09.net/regsw.js
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 30 Apr 2023 05:11:37 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tIirhkMYMaBtGHJMjWNeiGqI26UODD298mgm1Vc4E%2BAEDcWin6qxmAfSrCEK%2FzXnzO4VeQ6z42LUXDICV8IbfofvKNrN5jjhf4JZ0HruKGPF2DPqayBrv2JF0g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7bfd533bbad16a72-SYD
access-control-allow-headers
X-Requested-With, content-type
main.6d247c3c.js
1f09.net/static/js/ 		181 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1f09.net/static/js/main.6d247c3c.js
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a644e21b85a88201b2914c3403415e24965c8d7e5139ca6b2f33dcb1f9383ea3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
338
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 30 Apr 2023 05:13:00 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PA5Iq%2F4mSJ0a%2BmtI3RDo2ki6F24bt8RsNSQGN%2B0LNqKODUYeUX553VQpVzEJ68OS%2BL1jSErkaYkISfnhKz6Use0oHf5ognANe9AflaBuelpB7eLQiByU0489Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7bfd53409b27aad7-SYD
access-control-allow-headers
X-Requested-With, content-type
main.0a18f6fe.css
1f09.net/static/css/ 		95 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1f09.net/static/css/main.0a18f6fe.css
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7cfbfe2db63e7e7586e26fb6fa8e52d61e84e78e5a007103eeca7e110d979c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 30 Apr 2023 05:11:37 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdSAYWek6ew4QYB8U7lgRRPpiLFIfd2JyZhcJBel0ev6XKhn5NJbmkSabGc%2FwQofBa%2F8KVcOUihQ4EMoyRAiGdIVZd6c0cQx6g0HJDsf1ZhMXIrrwuMvM%2BQCww%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7bfd533bbacb6a72-SYD
access-control-allow-headers
X-Requested-With, content-type
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5949
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 30 Apr 2023 03:39:30 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://1f09.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTcO07iPLpSJxQ36AWV57o%2BkcJHMZNfFqaF7KUnhG6amtIUsn9DZoXz2IHidC55aEKgZy5wB475FA4NBZeDRvVU1lBf2GbYYlVAEfoH%2FtjItwUnlOIZqAGB80i8TBScX"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7bfd53470e85893c-SIN
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cffc14b15e2a2c9f013ad331826915c9d9e60320384cd631ab82e78d714e9f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naCi76s8gtBuXDftG9fnCMGsD7nJrRo4jhvPxQfGTnBeBpXlqmiE6zXpM78XL0A%2FAiW04uUo8JlkjmIJcTSCrgerLIoceOvmqLMc9b9lxVMo3y5LYnWRyH%2BhHikA6nvm"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://1f09.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7bfd53470e87893c-SIN
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
nedukeration.info/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nedukeration.info/utx?cb=GmlhmOwrwFop&top=1f09.net&tid=934606
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-85.sin2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 05:18:39 GMT
via
1.1 d1a7553a1d5e7893c2e3eb99d2820c18.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://1f09.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
QK4ZE1S195EAgjkLI4o0d05ZELr_YKdHdpvF6FAGMdZfk6I5psCXvw==
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5949
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 30 Apr 2023 03:39:30 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://1f09.net
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj%2FW8fMuC1lorbwlwLqC7I6%2FBJlvME90jHfa2fyTjKYoHlhtCktsQGmYcNzElktDXoniPmCSCZrHuNjcIBLSWVEZuDBoPgXI%2BYg6F7xY1TRjcCHkfn7jxK%2FWWfAmvqqC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7bfd53470e88893c-SIN
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		26 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b128fbbf5c8469eff4bb69995d4d5a701817edbec30c23a3e4db6fe85c21d16a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrwfiIGHmzXUMpcuMSA%2F097CEOx%2BbLf15mll1v%2BOVnLlZ6j8UPg2rzfa%2FFZU73ZUMhwFhS%2BLtCCyTYxb3vW1boU1YsTkJ%2F8%2FAcZpzrum6QVG1Uj5n%2FkswMVnXp%2BS1lsx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://1f09.net
content-type
text/plain
access-control-allow-credentials
true
cf-ray
7bfd53470e89893c-SIN
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
utx
nedukeration.info/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nedukeration.info/utx?cb=CnQ83cp3lQPt&top=1f09.net&tid=934842
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-85.sin2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 05:18:39 GMT
via
1.1 d1a7553a1d5e7893c2e3eb99d2820c18.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://1f09.net
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
QO5kMMLhGpN13YGgZOXSYJVFuH_CyqYbJotFHhmSGd13mbQch-sC5Q==
UmFqTzJ9Xgk8DwhTWwlhYzc5F2oUGAgJfDQFWTtbBDdfd1FgOEw7WzZcU3wGZFFcaUI7BVd+FCEVCztHIVxbaVs8BwVyFCRcW2EBZk9ZfRxgRx9yA3QVGi5Vb1BMP0YmDVd+BGpTUnwDa1BSegJg
ranopportunit.info/ 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunit.info/UmFqTzJ9Xgk8DwhTWwlhYzc5F2oUGAgJfDQFWTtbBDdfd1FgOEw7WzZcU3wGZFFcaUI7BVd+FCEVCztHIVxbaVs8BwVyFCRcW2EBZk9ZfRxgRx9yA3QVGi5Vb1BMP0YmDVd+BGpTUnwDa1BSegJg
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUrE8aniXzqJK%2Fh5wFhrb2JghKGmQ0erzU5KM3f2lS5YYtMv6c0iic7xCyH%2Fza08K9xYu5V03XRM8CM%2FB%2Fb6vwjFFXQk%2Bztmp0ZTkQ8Bg1KDm8pRlq4mU07ehBzGRCNOIulSK2g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7bfd53445ef7aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-04-sin6.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneHGM3K8SI_4wH2xbzmvLhPCRqQlFA-935gqeg4X3jAOlorucW26m6I2c1n...
  • https://accounts.google.com/v3/signin/identifier?dsh=S1711903651%3A1682831919295933&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGqgrTMSOxiSN6IDj6EtHiWBWsyL6n6yuZ9R9fyP58Wu0...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S1711903651%3A1682831919295933&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGqgrTMSOxiSN6IDj6EtHiWBWsyL6n6yuZ9R9fyP58Wu0qa86ZkdI1STM6av9P1DCjiqLTP1g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Server
172.217.194.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f84.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 05:18:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Ozv9Mw-e7-Tec4UTYCmuPg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
390
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S1711903651%3A1682831919295933&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGqgrTMSOxiSN6IDj6EtHiWBWsyL6n6yuZ9R9fyP58Wu0qa86ZkdI1STM6av9P1DCjiqLTP1g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneEGZxbXR-QBYrBrR9EYVPF9mhogBgDizmLkoXAEBiaoVdCzU63plDS...
  • https://accounts.google.com/v3/signin/identifier?dsh=S-1677566490%3A1682831919300281&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFb5U5QMgnvzboc1B69wFyOuiGpqj0j9IATzytYQq19...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-1677566490%3A1682831919300281&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFb5U5QMgnvzboc1B69wFyOuiGpqj0j9IATzytYQq19Vby3OYkJcv-lujtf-lzvfFOarK3VzQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Server
172.217.194.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f84.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 05:18:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Iq3kIDVy5jekvZfk78tHIA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-1677566490%3A1682831919300281&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFb5U5QMgnvzboc1B69wFyOuiGpqj0j9IATzytYQq19Vby3OYkJcv-lujtf-lzvfFOarK3VzQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
ranopportunit.info/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunit.info/popunder.gif
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 05:18:38 GMT
cf-cache-status
HIT
last-modified
Sun, 30 Apr 2023 04:36:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2500
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RVbrzVsMV9ov5fbOiDh7wmBT1KohaYQTwYjoeQ9cb240ENbyHcUKr5gOVGF1KhBN%2F%2BDcODrEOFACqVbhqwNEahlZVr4iDYlixx388au8DaqAnI1er9RXMRqQFWLMSQNLqyeImQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
7bfd53445ef9aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
TGRqWnRjWwkpSRVVBi0ifj45OCEgDzw2Ijk1PRggGTMSEy0gXEwuHShZU2lAdFBYfAQlAFdrUj8QCy4BP1lbfB0iAgVnUjpZW3RHeEpZaFp+Qh9nRWoQGjsTcVVMKgA4CFdrQnRWUmlFdVVSb0V8
ranopportunit.info/ 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ranopportunit.info/TGRqWnRjWwkpSRVVBi0ifj45OCEgDzw2Ijk1PRggGTMSEy0gXEwuHShZU2lAdFBYfAQlAFdrUj8QCy4BP1lbfB0iAgVnUjpZW3RHeEpZaFp+Qh9nRWoQGjsTcVVMKgA4CFdrQnRWUmlFdVVSb0V8
Requested by
Host: 1f09.net
URL: https://1f09.net/v/uC6gj9pTJH8?p=QJf1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjFHvM2uCQGy0zvZAZJ5cgJjG8XhNCtu%2FX6ghDRc4M5scYO4EWN4fuU51FtYfUpyXaMX8gEqWdUumBp6yczdYD4htLBsZBxB0GtfNGxJFRF%2FI0xIJpkVMHuzVVR97K%2FIYQKUAj0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7bfd53445ef8aad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		17 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Requested by
Host: 1f09.net
URL: https://1f09.net/static/css/main.0a18f6fe.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
e4fde3e178e5c36e5af33b71ed2550809222f47d63a05ffc02b7328d5cfa5c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 05:18:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 03:24:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 30 Apr 2023 05:18:38 GMT
JQxVJQJUOTwuATEFJBENMCY9OCU8JT4sAjJFNjcjPgM0IFYhJgE0JDwxOSEvHD0JLlcuRyIgDSIlKwInMxwtNQMhPUocFQsaHEsJUy0kNFImDCY
nedukeration.info/ZmR0bHYHBhcBSQdZFkoDFAhJSUQgQUYqEldXBRsUDFdDHxAeXE1CFQoLAQgQFAsaGFgIAQBJRCAjF14BVABEOScnVRM+EwEHMjkdFlwlKhEnNkciICQPITU9ESomOyMnBzsVQiUqIFxDNQ89Ij8zURcpNBUPPD0FKjEnLRIiEwArLx4tPTo... Frame BBE9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nedukeration.info/ZmR0bHYHBhcBSQdZFkoDFAhJSUQgQUYqEldXBRsUDFdDHxAeXE1CFQoLAQgQFAsaGFgIAQBJRCAjF14BVABEOScnVRM+EwEHMjkdFlwlKhEnNkciICQPITU9ESomOyMnBzsVQiUqIFxDNQ89Ij8zURcpNBUPPD0FKjEnLRIiEwArLx4tPTozFhwiPh4hIzdZOSIIFyg4JAshOB5SEDU5BiIiGgsTJ1QDCT00XDopRjMgJgc/ITEaCDI0ITEJPR4HMD0nNAMlOg4/JUYuND4lECQXVio+LiIwAyU6DiQsHRgwMSY6KTRXPhEuEV8eJlwjMjYsOSUuIVk1FC8lJSYgJBMHLkYNITk0NCczDAQzBVUuCTQKXAErDg4GM140JCgMIjACNkwqLjQuEz0gHjYxBS8/JQxVJQJUOTwuATEFJBENMCY9OCU8JT4sAjJFNjcjPgM0IFYhJgE0JDwxOSEvHD0JLlcuRyIgDSIlKwInMxwtNQMhPUocFQsaHEsJUy0kNFImDCY
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-85.sin2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
9fe02c2be6aa533e73f08e588a7b4ce30fd7e5ac9cc134a85fd2fe03fc862f15

Request headers

Referer
https://1f09.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1229
content-type
text/html
date
Sun, 30 Apr 2023 05:18:39 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 d1a7553a1d5e7893c2e3eb99d2820c18.cloudfront.net (CloudFront)
x-amz-cf-id
frxbKhpTMVDjOMHj73_lLrqN4OI098aOZ4y5FC_Ez9MsRmYgm8wzwA==
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
FjknRjUTJyddJVs7LUd0RxMAZzoZIRx7BAEfL34gJj8nVBItEwVVCUQDLXY1GhwwBzsyL30DFyc5BXkmNGwPSWUaMwpcIDkROwoCDzIYeD8nMSlbOgMfP0MpICw7XRUbEw1SEhIfBFg5QzcwWGkyPB4DFQxlCmMoNAMGcSYYGnhAZDMdBVgQHwwrejggGClmMjwzD...
nedukeration.info/VUgzUXU0KlA8SjR1UXcAJyQOdEcTbQEXEWR7QiYXP3sEIhMtcAp/ Frame BFF1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nedukeration.info/VUgzUXU0KlA8SjR1UXcAJyQOdEcTbQEXEWR7QiYXP3sEIhMtcAp/FjknRjUTJyddJVs7LUd0RxMAZzoZIRx7BAEfL34gJj8nVBItEwVVCUQDLXY1GhwwBzsyL30DFyc5BXkmNGwPSWUaMwpcIDkROwoCDzIYeD8nMSlbOgMfP0MpICw7XRUbEw1SEhIfBFg5QzcwWGkyPB4DFQxlCmMoNAMGcSYYGnhAZDMdBVgQHwwrejggGClmMjwzDX1pIB0wBgMhJit6EkUWB0QLBzB5Azg0AjwECS1kDmoZGRwuSTUHMHkDZj0WChZjMwIfXxYxEjBVNzRkfFUEWAc4YWJBOgBnJi8eMgcYOT18XQEgPW0BEzhmPAUGGB8PVhYNMy51YRkcGlg5MgI8BB0YOQBVOCAQAksTBzB5AyMwFnhaEBgDGVUZHhoCcjIdHwlbISciIAcJPWAqVTwRDC1YA0IPeUt0RxcadCVCDRwLBD4WL1UbIxdwd2AdcHp1ABgXfmRjGhQrADZTPztcPwVoMGZoHBwYZBoTYD9VCAAh
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-85.sin2.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
0a5a50bd7a2c5cc69a93fd463c23fccf9e945d8b3bacb6fe1e1ad200da3610dc

Request headers

Referer
https://1f09.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1244
content-type
text/html
date
Sun, 30 Apr 2023 05:18:39 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 d1a7553a1d5e7893c2e3eb99d2820c18.cloudfront.net (CloudFront)
x-amz-cf-id
d6pMF7bGazIRkNRWhdY9-ZeBc_KHPCI309BoAMJ9bQfCokKoKhOd-Q==
x-amz-cf-pop
SIN2-P1
x-cache
Miss from cloudfront
data.json
1f09.net/ 		2 MB
146 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1f09.net/data.json?tid=934606
Requested by
Host: 1f09.net
URL: https://1f09.net/static/js/main.6d247c3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc21213278c69eafd51bbaa4f6e5837199e2991fc8013806395faba3c7da4f53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVe7tkEhVfLJFA1j10xuwcRAPp7HhG6aFR%2Fyya0jhK7DdYOGAQBoJtA30SyNX0cZOSvQidH82PSBdoYe4muLzSTFJ3Ripvgb1IFl5cUe5qLqhlBlDWMWgZN9Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-credentials
true
cf-ray
7bfd53449f5baad7-SYD
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
data.json
1f09.net/ 		2 MB
145 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1f09.net/data.json?tid=934606
Requested by
Host: 1f09.net
URL: https://1f09.net/static/js/main.6d247c3c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.153 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc21213278c69eafd51bbaa4f6e5837199e2991fc8013806395faba3c7da4f53

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/v/uC6gj9pTJH8?p=QJf1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcvhUBIns6ihYWKfwwsfjINgmymCGjQ1%2BgEhDtB%2FbzRry1j4WQVamvKFzMUh25t2B3ntCzTb216eY7takoDpbHjox0RWKNjfWqN%2BeJWpIF0NOPB6DyDm34ijAg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-credentials
true
cf-ray
7bfd53449f5eaad7-SYD
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1f09.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:52:42 GMT
x-content-type-options
nosniff
age
91557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 03:52:42 GMT
Gc2w2d0UQA1gRegcFUkp8QFgAR3NVBkUYKwNRWUAcOy4CNT05SkINIU5cEBskHQsLUSAdDwtGYxIIVEpxVRhGGC5ODlcDNBoUTh4tAUpDFngeA0weKR8NE0UDRkIGUndDREEeKxcDQQRgQVxYA2BBXAdHa0NJBTVgQVxBHitFWBNEB1ZeBg9zR0UTRXUSHE-YbIAQ...
d13qwbj37sfx89.cloudfront.net/ Frame BBE9 		801 B
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d13qwbj37sfx89.cloudfront.net/Gc2w2d0UQA1gRegcFUkp8QFgAR3NVBkUYKwNRWUAcOy4CNT05SkINIU5cEBskHQsLUSAdDwtGYxIIVEpxVRhGGC5ODlcDNBoUTh4tAUpDFngeA0weKR8NE0UDRkIGUndDREEeKxcDQQRgQVxYA2BBXAdHa0NJBTVgQVxBHitFWBNEB1ZeBg9zR0UTRXUSHE-YbIAQJVBwsB0kEMXBAWxhEc1ZeBl8uGxhbG2BBLxNFdR8FXRJgQVxREiYYAx9Sd0MPXgUqHgkTRQNCXQRZdV1ZAEZwXV0ERmBBXEUWIxIeX1J3NVkFQGtAWhACeEI
Requested by
Host: nedukeration.info
URL: https://nedukeration.info/ZmR0bHYHBhcBSQdZFkoDFAhJSUQgQUYqEldXBRsUDFdDHxAeXE1CFQoLAQgQFAsaGFgIAQBJRCAjF14BVABEOScnVRM+EwEHMjkdFlwlKhEnNkciICQPITU9ESomOyMnBzsVQiUqIFxDNQ89Ij8zURcpNBUPPD0FKjEnLRIiEwArLx4tPTozFhwiPh4hIzdZOSIIFyg4JAshOB5SEDU5BiIiGgsTJ1QDCT00XDopRjMgJgc/ITEaCDI0ITEJPR4HMD0nNAMlOg4/JUYuND4lECQXVio+LiIwAyU6DiQsHRgwMSY6KTRXPhEuEV8eJlwjMjYsOSUuIVk1FC8lJSYgJBMHLkYNITk0NCczDAQzBVUuCTQKXAErDg4GM140JCgMIjACNkwqLjQuEz0gHjYxBS8/JQxVJQJUOTwuATEFJBENMCY9OCU8JT4sAjJFNjcjPgM0IFYhJgE0JDwxOSEvHD0JLlcuRyIgDSIlKwInMxwtNQMhPUocFQsaHEsJUy0kNFImDCY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.225.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-225-16.sin2.r.cloudfront.net
Software
/
Resource Hash
03c232579255b34fe455dc0c270f4d06dfb2e98a4560215111664650a466f5d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nedukeration.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
gzip
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
582
x-amz-cf-id
S_-h4N9iGO9K0i59H9oDWVAdGZLKmELz8ID_tq6JW4zbzf-jut5QqQ==
QmB6W2oAc3g
d13qwbj37sfx89.cloudfront.net/HTkltTHUtJgMqSjogCXFMfX1VeEdoIx4jGz50FRlMJwA9Gz4ofBoqLDs9SzgPKnRdahkvJwpxUysnDnFEaCgJLkh6bxk8GiV0Dy0BPyAVNBwmO0s5FHMkAjYcIiUMaUcIfEN8UHx5RTscIC0COwZre10iAWt7XX1FYHlIfz... Frame BFF1 		807 B
862 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d13qwbj37sfx89.cloudfront.net/HTkltTHUtJgMqSjogCXFMfX1VeEdoIx4jGz50FRlMJwA9Gz4ofBoqLDs9SzgPKnRdahkvJwpxUysnDnFEaCgJLkh6bxk8GiV0Dy0BPyAVNBwmO0s5FHMkAjYcIiUMaUcIfEN8UHx5RTscIC0COwZre10iAWt7XX1FYHlIfzdre107HCB/WWlGDGxffA14fU-RpR34oHTwZKz4ILh4nPUh+M3t6WmJGeGxffF0lIRkhGWt7LmlHfiUEJxBre10rEC0iAmVQfHkOJAchJAhpRwh4XH5bfmdYekR7Z1x+RGt7XT8UKCgfJVB8D1h/QmB6W2oAc3g
Requested by
Host: nedukeration.info
URL: https://nedukeration.info/VUgzUXU0KlA8SjR1UXcAJyQOdEcTbQEXEWR7QiYXP3sEIhMtcAp/FjknRjUTJyddJVs7LUd0RxMAZzoZIRx7BAEfL34gJj8nVBItEwVVCUQDLXY1GhwwBzsyL30DFyc5BXkmNGwPSWUaMwpcIDkROwoCDzIYeD8nMSlbOgMfP0MpICw7XRUbEw1SEhIfBFg5QzcwWGkyPB4DFQxlCmMoNAMGcSYYGnhAZDMdBVgQHwwrejggGClmMjwzDX1pIB0wBgMhJit6EkUWB0QLBzB5Azg0AjwECS1kDmoZGRwuSTUHMHkDZj0WChZjMwIfXxYxEjBVNzRkfFUEWAc4YWJBOgBnJi8eMgcYOT18XQEgPW0BEzhmPAUGGB8PVhYNMy51YRkcGlg5MgI8BB0YOQBVOCAQAksTBzB5AyMwFnhaEBgDGVUZHhoCcjIdHwlbISciIAcJPWAqVTwRDC1YA0IPeUt0RxcadCVCDRwLBD4WL1UbIxdwd2AdcHp1ABgXfmRjGhQrADZTPztcPwVoMGZoHBwYZBoTYD9VCAAh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.225.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-225-16.sin2.r.cloudfront.net
Software
/
Resource Hash
026824c46d9a98ace0965dc0dffabec3d2aef5e228db0b77484d64af6a46c246

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nedukeration.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
content-encoding
gzip
via
1.1 7ce6085e4f8f7a25858c982d370bcabe.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
587
x-amz-cf-id
xFsqdDW39R8TmjgIu-xtJ4nre8T6ngAHYDcWRpFAAPuD1HtdW80ziw==
QXNhcmpuTAIBVyI0UCckBjknKj0APTZCOCcpBiA8EB9UBi4HNkcGAyVOWEFed0NXVBooF1xDTDIHAAYfMk5SQlpwVQgcDC5OUUJacFUXT1tvQFVcWXNdU1QffEJHBhogFFxDTDEHFR5XcEVZQFJyQlhDU3dBUA
ranopportunit.info/ 		0
276 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ranopportunit.info/QXNhcmpuTAIBVyI0UCckBjknKj0APTZCOCcpBiA8EB9UBi4HNkcGAyVOWEFed0NXVBooF1xDTDIHAAYfMk5SQlpwVQgcDC5OUUJacFUXT1tvQFVcWXNdU1QffEJHBhogFFxDTDEHFR5XcEVZQFJyQlhDU3dBUA
Requested by
Host: d13qwbj37sfx89.cloudfront.net
URL: https://d13qwbj37sfx89.cloudfront.net/?jbwqd=934606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGcovKsuY%2BCBt80xCWuPL%2BuwCh73HAHtS2mCYJDHdOtGAyPtOyLOO5%2B9ALsLmOn6BHnrjd4Hi1tEjD2%2BR%2FO3FNnpbfDb5MT82GgZ2F0pvIj9XDRRZJaZ%2BKM2LxWaoEEPHxm81fw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7bfd5349fe2baad1-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
equirekeither.xyz/ 		541 B
890 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://equirekeither.xyz/?tid=938968&params_only=1
Requested by
Host: 1f09.net
URL: https://1f09.net/static/js/main.6d247c3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.10.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3528286d89aceba4466d5790f8b919e7292fe1c2d32f0ef4cafb186bc6dd6c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 05:18:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Pk6GNEIcv%2BZ%2BawRyUXEcFOB5iYS8SUQOC4ha%2B5C9ter9KeMD0KcCKduQnpRRpVe5IJWfUi8tjctDTmBrdoPKhRBwph5TeEYoaMujZEJcC0IP9QkpbYW%2FmfV6IplJjdvFg18Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://1f09.net
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
cf-ray
7bfd53532f19a7ea-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
338
uC6gj9pTJH8
www.youtube.com/embed/ Frame 9AC7
Redirect Chain
  • https://youtube.com/embed/uC6gj9pTJH8
  • https://www.youtube.com/embed/uC6gj9pTJH8
73 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/uC6gj9pTJH8
Requested by
Host: 1f09.net
URL: https://1f09.net/static/js/main.6d247c3c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
ESF /
Resource Hash
102c341231a867ba800cf81ea9785a01da43fed85de4503de1720a60355df59c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1f09.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 05:18:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=31536000
content-length
0
content-type
application/binary
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 05:18:41 GMT
expires
Sun, 30 Apr 2023 05:18:41 GMT
location
https://www.youtube.com/embed/uC6gj9pTJH8
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
AGIKgqMEol4KUNDZVD9RXkn6Xgw_Kint4tOYNrNYXBajQw=s176-c-k-c0x00ffffff-no-rj
yt3.googleusercontent.com/ytc/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.googleusercontent.com/ytc/AGIKgqMEol4KUNDZVD9RXkn6Xgw_Kint4tOYNrNYXBajQw=s176-c-k-c0x00ffffff-no-rj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
fife /
Resource Hash
ad2fba88f7cfd75183b2d344562c7b9eb9d494a4cfe469dfcc87543dacba0688
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:02:33 GMT
x-content-type-options
nosniff
age
968
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19759
x-xss-protection
0
server
fife
etag
"v3b1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 May 2023 05:02:33 GMT
truncated
/ 		55 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff8de9035e23b7feebb18888a577fcf7995aab26b53fc6ee23022a0cb1a6495c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
-Uu-3BOAdSFahFadhFvJJ47e1z4yQDQ5x3uo-oLaMYQgcQiOyzc5c1MBY4uCEEbGPQ1fGyYo=w1060-fcrop64=1
yt3.googleusercontent.com/ 		855 KB
856 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.googleusercontent.com/-Uu-3BOAdSFahFadhFvJJ47e1z4yQDQ5x3uo-oLaMYQgcQiOyzc5c1MBY4uCEEbGPQ1fGyYo=w1060-fcrop64=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
fife /
Resource Hash
050692167922136ceb425f4c425cd7c008526cefcef2aca8e3fdfdc4a827cd28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1f09.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:02:33 GMT
x-content-type-options
nosniff
age
968
content-disposition
inline;filename="channels4_banner.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
875734
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 May 2023 05:02:33 GMT
www-player.css
www.youtube.com/s/player/0c487f05/ Frame 9AC7 		402 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
cda1824c406de543ad3fee5890b432420f916fda718b836e4c011f136452d301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:04:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
65657
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52289
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 28 Apr 2024 11:04:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:35:08 GMT
x-content-type-options
nosniff
age
92614
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 03:35:08 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9AC7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 03:41:35 GMT
x-content-type-options
nosniff
age
92227
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 03:41:35 GMT
www-embed-player.js
www.youtube.com/s/player/0c487f05/www-embed-player.vflset/ Frame 9AC7 		336 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
5b90621e7431be1f46f94d4964eae3d52115c2e6ac20aae0a4296519af050c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 21:56:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
285741
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105464
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Apr 2024 21:56:21 GMT
base.js
www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/ Frame 9AC7 		2 MB
636 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
1ec38340e71d32d5d644d95ef2fe6ba4ece5f196a1244fa012d7f347ae720ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 21:57:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
285683
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650775
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Apr 2024 21:57:19 GMT
fetch-polyfill.js
www.youtube.com/s/player/0c487f05/fetch-polyfill.vflset/ Frame 9AC7 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 23:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
105942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2786
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 27 Apr 2024 23:53:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 9AC7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Server
142.251.12.155 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
aaa073b344202a40588cffd677a3e24edc9c52f3ead5b5e59bc9a697eb433c76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 05:18:43 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 9AC7 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.148 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:17:22 GMT
x-content-type-options
nosniff
age
81
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 05:32:22 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 30 Apr 2023 05:18:43 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9AC7 		66 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
be40adc6c50a9470ed0756ea85ef507d24003fcd36cf67621a33965af75fa272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 30 Apr 2023 05:18:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31079
x-xss-protection
0
remote.js
www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/ Frame 9AC7 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
0d6bda990909904fc5a4dbf96227091d3ca45929aae355e997043dbf97399bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 22:46:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
282755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36407
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 Apr 2024 22:46:08 GMT
bPE89HDH-V4wnA2wrUoYzsMhnZJxcfZA3FCGYAqq1aQ.js
www.google.com/js/th/ Frame 9AC7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/bPE89HDH-V4wnA2wrUoYzsMhnZJxcfZA3FCGYAqq1aQ.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.104 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6cf13cf470c7f95e309c0db0ad4a18cec3219d927171f640dc5086600aaad5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 00:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
104454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14280
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 14:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 00:17:49 GMT
sddefault.jpg
i.ytimg.com/vi/uC6gj9pTJH8/ Frame 9AC7 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/uC6gj9pTJH8/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.119 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5f48175794870fd78ba74db0c6272fe75a3c3b779f54a8a34d4fc58c7ece74c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:13:47 GMT
x-content-type-options
nosniff
age
296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78932
x-xss-protection
0
server
sffe
etag
"1682747570"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 30 Apr 2023 05:18:47 GMT
embed.js
www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/ Frame 9AC7 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
sffe /
Resource Hash
87b3b1a7354dbdb337feb4ec160773887f47b5b3b9aa4edfc41ad09e058f8b2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:29:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
17361
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8996
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 02:29:39 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 29 Apr 2024 00:29:22 GMT
truncated
/ Frame 9AC7 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
AGIKgqMEol4KUNDZVD9RXkn6Xgw_Kint4tOYNrNYXBajQw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 9AC7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AGIKgqMEol4KUNDZVD9RXkn6Xgw_Kint4tOYNrNYXBajQw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 -, , ASN (),
Reverse DNS
Software
fife /
Resource Hash
f11e7247dd3ae71cefdbc7b0c05e129edd02f4fb2d50e54561183ef65acddb5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 04:31:48 GMT
x-content-type-options
nosniff
age
2815
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4849
x-xss-protection
0
server
fife
etag
"v3b1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Mon, 01 May 2023 04:31:48 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 9AC7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 05:18:44 GMT
generate_204
www.youtube.com/ Frame 9AC7 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?pOCQYg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/uC6gj9pTJH8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.190 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f190.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/embed/uC6gj9pTJH8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:18:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Sun, 30 Apr 2023 05:18:44 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9AC7 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/0c487f05/player_ias.vflset/en_GB/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
457d2a193957f72e0ea62b489fb9145f415d7f1433576dc6faaa572d793c8fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sun, 30 Apr 2023 05:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/112/ Frame 9AC7 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/112/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14872
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 16:06:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sun, 30 Apr 2023 09:04:14 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless number| LAST_CORRECT_EVENT_TIME object| utr_934606 number| userTrackingInterval number| _2145467797 object| utr_934842 number| _377360770 object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| webpackChunkredesign number| iinf

3 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 379528599807372@1@1682831919
.youtube.com/ Name: YSC
Value: 5b8RfD5waV4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: zzAMIFLZkrU

3 Console Messages

Source Level URL
Text
network error URL: https://1f09.net/v/ksdjgfks.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S1711903651%3A1682831919295933&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGqgrTMSOxiSN6IDj6EtHiWBWsyL6n6yuZ9R9fyP58Wu0qa86ZkdI1STM6av9P1DCjiqLTP1g&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1677566490%3A1682831919300281&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneFb5U5QMgnvzboc1B69wFyOuiGpqj0j9IATzytYQq19Vby3OYkJcv-lujtf-lzvfFOarK3VzQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f03.net
1f09.net
accounts.google.com
cdnjs.cloudflare.com
d13qwbj37sfx89.cloudfront.net
d3hv9xfqzxy46o.cloudfront.net
equirekeither.xyz
fonts.cdnfonts.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
js.hsforms.net
nedukeration.info
pogothere.xyz
ranopportunit.info
static.doubleclick.net
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
youtube.com
yt3.ggpht.com
yt3.googleusercontent.com
104.16.185.65
104.17.25.14
104.21.10.136
104.21.78.14
104.26.15.62
13.33.100.151
13.33.33.85
142.251.10.190
142.251.12.104
142.251.12.148
142.251.12.155
157.240.235.35
172.217.194.119
172.217.194.84
172.64.132.29
172.67.187.153
172.67.202.217
52.84.225.16
74.125.130.132
74.125.130.94
74.125.200.132
74.125.68.190
74.125.68.94
74.125.68.95
026824c46d9a98ace0965dc0dffabec3d2aef5e228db0b77484d64af6a46c246
03c232579255b34fe455dc0c270f4d06dfb2e98a4560215111664650a466f5d1
050692167922136ceb425f4c425cd7c008526cefcef2aca8e3fdfdc4a827cd28
0a5a50bd7a2c5cc69a93fd463c23fccf9e945d8b3bacb6fe1e1ad200da3610dc
0d6bda990909904fc5a4dbf96227091d3ca45929aae355e997043dbf97399bae
102c341231a867ba800cf81ea9785a01da43fed85de4503de1720a60355df59c
1af0f0a4830eea6783c00aa425504cc694842ec9406c57748c28480ff4afc645
1ec38340e71d32d5d644d95ef2fe6ba4ece5f196a1244fa012d7f347ae720ef6
1f52b25daed630fb6129a1356b9ff7a9c4ccb70441209fca3ab8dfb0930fcf8a
2cbba247ca6de6962085423c671b17bd76d58692e32e8e40ad808a12e27bbeab
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
457d2a193957f72e0ea62b489fb9145f415d7f1433576dc6faaa572d793c8fe7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b90621e7431be1f46f94d4964eae3d52115c2e6ac20aae0a4296519af050c06
5f48175794870fd78ba74db0c6272fe75a3c3b779f54a8a34d4fc58c7ece74c0
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cf13cf470c7f95e309c0db0ad4a18cec3219d927171f640dc5086600aaad5a4
6cffc14b15e2a2c9f013ad331826915c9d9e60320384cd631ab82e78d714e9f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87b3b1a7354dbdb337feb4ec160773887f47b5b3b9aa4edfc41ad09e058f8b2f
882988404daa61b1d3f158c786be1365d10c787948e9d3b924e542430577fe76
99f00044daa4b6b9edbbad7ab7650a0fa8236745fc25934b95f39cd97c536368
9fe02c2be6aa533e73f08e588a7b4ce30fd7e5ac9cc134a85fd2fe03fc862f15
a644e21b85a88201b2914c3403415e24965c8d7e5139ca6b2f33dcb1f9383ea3
aaa073b344202a40588cffd677a3e24edc9c52f3ead5b5e59bc9a697eb433c76
ad2fba88f7cfd75183b2d344562c7b9eb9d494a4cfe469dfcc87543dacba0688
b128fbbf5c8469eff4bb69995d4d5a701817edbec30c23a3e4db6fe85c21d16a
bc21213278c69eafd51bbaa4f6e5837199e2991fc8013806395faba3c7da4f53
be40adc6c50a9470ed0756ea85ef507d24003fcd36cf67621a33965af75fa272
cca92f26e5112e394cd022b7e60fec5f50f40c5b79e9a5bb3130684b8c95d9e5
cda1824c406de543ad3fee5890b432420f916fda718b836e4c011f136452d301
d7cfbfe2db63e7e7586e26fb6fa8e52d61e84e78e5a007103eeca7e110d979c0
d81cf84dff1f4c978875e0a4b32809af42da933ed665004325ce94d7ead8d4f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fde3e178e5c36e5af33b71ed2550809222f47d63a05ffc02b7328d5cfa5c58
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f11e7247dd3ae71cefdbc7b0c05e129edd02f4fb2d50e54561183ef65acddb5f
f3528286d89aceba4466d5790f8b919e7292fe1c2d32f0ef4cafb186bc6dd6c8
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
ff8de9035e23b7feebb18888a577fcf7995aab26b53fc6ee23022a0cb1a6495c