www.joint-bonus.biz Open in urlscan Pro
3.1.17.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://joint-bonus.biz/
Effective URL:
https://www.joint-bonus.biz/
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 17 via api (June 17th 2023, 5:07:22 am UTC) from FI — Scanned from SG

Summary HTTP 107 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 14 domains to perform 107 HTTP transactions. The main IP is 3.1.17.18, located in Singapore and belongs to AMAZON-02, US. The main domain is www.joint-bonus.biz.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 14th 2023. Valid for: 3 months.

This is the only time www.joint-bonus.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.229.38.226 13.229.38.226	16509 (AMAZON-02) (AMAZON-02)
1 2	3.1.17.18 3.1.17.18	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c11::5f	15169 (GOOGLE) (GOOGLE)
9	2400:52e0:150... 2400:52e0:1500::945:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4003:c06::65	15169 (GOOGLE) (GOOGLE)
21	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
2	13.213.218.238 13.213.218.238	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4003:c06::8b	15169 (GOOGLE) (GOOGLE)
20	2404:6800:400... 2404:6800:4003:c1a::88	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2404:6800:400... 2404:6800:4003:c05::9c	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c11::95	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c05::68	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::77	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4003:c11::5e	15169 (GOOGLE) (GOOGLE)
9	2404:6800:400... 2404:6800:4003:3::a	15169 (GOOGLE) (GOOGLE)
13	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
107	21

1 13.229.38.226 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-38-226.ap-southeast-1.compute.amazonaws.com

joint-bonus.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.1.17.18 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-17-18.ap-southeast-1.compute.amazonaws.com

www.joint-bonus.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::5f (Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2400:52e0:1500::945:1 (Singapore)

ASN200325 (BUNNYCDN, SI)

w.ladicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f00c:300:face:b00c:0:3 (Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::65 (Singapore)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2404:6800:4003:c04::5e (Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.213.218.238 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-218-238.ap-southeast-1.compute.amazonaws.com

a.ladipage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c06::8b (Singapore)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2404:6800:4003:c1a::88 (Singapore)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f10c:381:face:b00c:0:25de (Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c05::9c (Singapore) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c11::95 (Singapore)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c05::5f (Singapore)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c05::68 (Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::77 (Singapore)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::84 (Singapore)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c11::5e (Singapore)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4003:3::a (Singapore)

ASN15169 (GOOGLE, US)

rr5---sn-npoe7ner.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	tawk.to embed.tawk.to — Cisco Umbrella Rank: 8876 va.tawk.to — Cisco Umbrella Rank: 8555	203 KB
23	gstatic.com fonts.gstatic.com www.gstatic.com	375 KB
21	youtube.com img.youtube.com — Cisco Umbrella Rank: 3600 www.youtube.com — Cisco Umbrella Rank: 97	1 MB
9	googlevideo.com rr5---sn-npoe7ner.googlevideo.com — Cisco Umbrella Rank: 54818	1 MB
9	ladicdn.com w.ladicdn.com — Cisco Umbrella Rank: 36852	1 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80 jnn-pa.googleapis.com — Cisco Umbrella Rank: 279	33 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 static.doubleclick.net — Cisco Umbrella Rank: 349	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	247 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	70 KB
3	joint-bonus.biz 2 redirects joint-bonus.biz www.joint-bonus.biz	34 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 252	6 KB
2	google.com docs.google.com — Cisco Umbrella Rank: 278 www.google.com — Cisco Umbrella Rank: 3	17 KB
2	ladipage.com a.ladipage.com — Cisco Umbrella Rank: 51253	632 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 123	50 KB
107	14

	Domain	Requested by
21	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
20	www.youtube.com	w.ladicdn.com www.youtube.com
19	embed.tawk.to	www.joint-bonus.biz embed.tawk.to
9	rr5---sn-npoe7ner.googlevideo.com	www.youtube.com
9	w.ladicdn.com	www.joint-bonus.biz w.ladicdn.com
5	va.tawk.to	embed.tawk.to
4	jnn-pa.googleapis.com	www.youtube.com
3	www.facebook.com	www.joint-bonus.biz
3	connect.facebook.net	www.joint-bonus.biz connect.facebook.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	yt3.ggpht.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	a.ladipage.com	w.ladicdn.com
2	www.joint-bonus.biz	1 redirects
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	docs.google.com	w.ladicdn.com
1	img.youtube.com	www.joint-bonus.biz
1	fonts.googleapis.com	www.joint-bonus.biz
1	joint-bonus.biz	1 redirects
107	21

This site contains no links.

Subject Issuer	Validity	Valid
www.joint-bonus.biz ZeroSSL RSA Domain Secure Site CA	`2023-06-14` - `2023-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
w.ladicdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-10` - `2024-03-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-26` - `2023-06-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
a.ladipage.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-06-06` - `2023-08-15`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.joint-bonus.biz/
Frame ID: 9A2873EC97F1DA18F6665A28DD049641
Requests: 60 HTTP requests in this frame

Frame: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
Frame ID: A27CFBF18515EE434708E43356268058
Requests: 42 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64795e77f7f/css/min-widget.css
Frame ID: 093AB85785BFBBCF4BE9D86C5C8AC33C
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64795e77f7f/css/bubble-widget.css
Frame ID: 778CB98F3007CF89BED51DEEEB7636E5
Requests: 2 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/64795e77f7f/css/max-widget.css
Frame ID: DE8C19CE2C71AE19C3789C39A6377B32
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Joint Bonus - Điều Trị Xương Khớp Số 1 Tại Mỹ

Page URL History Show full URLs

http://joint-bonus.biz/ HTTP 301
http://www.joint-bonus.biz/ HTTP 301
https://www.joint-bonus.biz/ Page URL

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

107
Requests

99 %
HTTPS

86 %
IPv6

14
Domains

21
Subdomains

21
IPs

2
Countries

4384 kB
Transfer

8294 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://joint-bonus.biz/ HTTP 301
http://www.joint-bonus.biz/ HTTP 301
https://www.joint-bonus.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

107 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.joint-bonus.biz/
Redirect Chain

http://joint-bonus.biz/
http://www.joint-bonus.biz/
https://www.joint-bonus.biz/

180 KB
34 KB

21ms
7ms

Document
text/html

3.1.17.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.17.18 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-17-18.ap-southeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 59fdf94e2aafb4d44e55197e7f2eb636500c59d704d64c9832b547a9cd96d3b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 17 Jun 2023 05:07:16 GMT
server: openresty
statuscode: 200
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 17 Jun 2023 05:07:16 GMT
Location: https://www.joint-bonus.biz/
Server: openresty

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 19ms
9ms Stylesheet
text/css 2404:6800:4003:c11::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7736e2764e7c7dec820a1f504d39fddae2d4a4812884942e18c610397dd68c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 17 Jun 2023 05:07:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 17 Jun 2023 05:07:16 GMT

GET
H2 200 ladipagev3.min.js Show response
w.ladicdn.com/v2/source/ 353 KB
87 KB 136ms
4ms Script
text/javascript 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681269704720
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 9334e8d6841b6224c640fc9c2fb053f998403d52b21388acc5eb99c7c69aed56

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: br
cdn-edgestorageid: 981
perma-cache: MISS
cdn-cachedat: 05/05/2023 04:50:19
cdn-pullzone: 575124
server: BunnyCDN-SG1-945
cdn-proxyver: 1.03
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-max-age: 2592000
access-control-allow-credentials: true
cache-control: public, max-age=31919000
cdn-requestid: 338d748ce37a00d41dfabff3956d677b
cdn-requestcountrycode: SG
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Access-Control-Allow-Credentials
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 15ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: FOiRNmaGAZtKKQMB/7WKn/LerdFWqSmgkKKGd/B36c21u+y/j1W/HmOUotI7PkoWIvl1KcSUt4fdQGTGlq62wA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 notify.svg
w.ladicdn.com/source/ 2 KB
1 KB 115ms
10ms Image
image/svg+xml 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/source/notify.svg?v=1.0
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: br
cdn-edgestorageid: 945
perma-cache: HIT
cdn-storageserver: SG-76
cdn-cachedat: 03/14/2023 06:26:29
cdn-pullzone: 575124
last-modified: Sat, 25 Feb 2023 09:16:22 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 561
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f9d1e6-60b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3128467ec53fd1696a4fc60731833f3d
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 185 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7b19a5f4f817848b38918116cc77d6712324eae91fda54ee546a24d0fa94c1b

Request headers

Referer
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 15ae1b02584b9e15c75a-removebg-preview-20221028172918-yxjb-.png
w.ladicdn.com/s600x650/6219d4607a50930012344380/ 176 KB
177 KB 214ms
153ms Image
image/png 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s600x650/6219d4607a50930012344380/15ae1b02584b9e15c75a-removebg-preview-20221028172918-yxjb-.png
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 27c56a8531909198c844a42c1df71710e2c7d6ff874fa2be5667c755a8b00e55

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
cdn-edgestorageid: 858
perma-cache: HIT
cdn-storageserver: SG-561
cdn-cachedat: 06/17/2023 05:07:16
cdn-pullzone: 575124
content-length: 180167
last-modified: Sat, 29 Oct 2022 01:07:30 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 424
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "635c7cd2-2bfc7"
content-type: image/png
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 5f49598c8a405fe49878be1b70f5805c
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ss-152050016-removebg-preview-20221028173149-ouiis.png
w.ladicdn.com/s500x500/6219d4607a50930012344380/ 218 KB
219 KB 1014ms
954ms Image
image/png 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s500x500/6219d4607a50930012344380/ss-152050016-removebg-preview-20221028173149-ouiis.png
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 264c60b9780ed0421503d8f49988a3a9082436872baca21b9833b1e337eaf2c1

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
cdn-edgestorageid: 981
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 06/17/2023 05:07:17
cdn-pullzone: 575124
content-length: 223071
last-modified: Sat, 29 Oct 2022 02:00:48 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "635c8950-3675f"
content-type: image/png
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 142ae84ebb61728c09b614d5a8173d03
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 icon-hotline-20200615023734.gif
w.ladicdn.com/5d073db498f55a757c43887e/ 39 KB
40 KB 71ms
11ms Image
image/gif 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/5d073db498f55a757c43887e/icon-hotline-20200615023734.gif
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 91597ebd1078effa815a2c9efd99edeb578081236e9ef503db5a902ffd2370a3

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
cdn-edgestorageid: 989
perma-cache: HIT
cdn-storageserver: SG-105
cdn-cachedat: 09/14/2022 06:01:53
cdn-pullzone: 575124
content-length: 40103
last-modified: Fri, 14 Jan 2022 08:54:59 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 145
cdn-requestpullcode: 200
cdn-proxyver: 1.02
etag: "61e13a63-9ca7"
content-type: image/gif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 3e7eb5e2f0338f4d137a778c9a32ffcd
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 dm_20221029025218_001-20221028195923-s7cdn.png
w.ladicdn.com/s650x700/6219d4607a50930012344380/ 503 KB
504 KB 151ms
91ms Image
image/png 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s650x700/6219d4607a50930012344380/dm_20221029025218_001-20221028195923-s7cdn.png
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: f543b72b8359cd2d8b5d984eb78940b9c8699f54cfc0564c5c7723e0b350adba

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
cdn-edgestorageid: 981
perma-cache: HIT
cdn-storageserver: SG-561
cdn-cachedat: 06/17/2023 05:07:16
cdn-pullzone: 575124
content-length: 514765
last-modified: Sat, 29 Oct 2022 01:07:27 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 425
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "635c7ccf-7dacd"
content-type: image/png
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 2577bbbd20476e68e18dcb046831e2db
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/37JhJaAovBE/ 34 KB
34 KB 427ms
410ms Image
image/jpeg 2404:6800:4003:c06::65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/37JhJaAovBE/hqdefault.jpg

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::65 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2133ea83a43fce418675ef1afc5ba543bc9c2a454c8a918297de9415aa39a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34519
x-xss-protection: 0
server: sffe
etag: "1666976592"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Jun 2023 07:07:16 GMT

GET
H2 200 ss-152050016-removebg-preview-20221028173149-ouiis.png
w.ladicdn.com/s550x500/6219d4607a50930012344380/ 190 KB
191 KB 904ms
875ms Image
image/png 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s550x500/6219d4607a50930012344380/ss-152050016-removebg-preview-20221028173149-ouiis.png
Requested by: Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 3826b205b3aadf36bce4e5fabdcc4caf48d8429360f80e822e743dc180c5c592

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
cdn-edgestorageid: 869
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 06/17/2023 05:07:17
cdn-pullzone: 575124
content-length: 194503
last-modified: Sat, 29 Oct 2022 01:07:37 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "635c7cd9-2f7c7"
content-type: image/png
access-control-allow-origin: *
cdn-cache: MISS
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: f132ea3e440e768e23a7a0aa1e2012b4
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v30/ 25 KB
26 KB 21ms
6ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 12:28:39 GMT
x-content-type-options: nosniff
age: 405517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25672
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 12:28:39 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2
fonts.gstatic.com/s/quicksand/v30/ 22 KB
22 KB 23ms
9ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJVQNcOM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:38:50 GMT
x-content-type-options: nosniff
age: 1706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22164
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:21:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 04:38:50 GMT

GET
H2 200 6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2
fonts.gstatic.com/s/quicksand/v30/ 7 KB
7 KB 29ms
15ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hJFQNcOM.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4300f8b2fe7c4584f81acd4797abeab846f74378ef6d7d6420f6e6fe95b2dd9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 18:58:43 GMT
x-content-type-options: nosniff
age: 122913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:21:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 18:58:43 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 24ms
11ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 16:09:54 GMT
x-content-type-options: nosniff
age: 133042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 16:09:54 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 22ms
10ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:08:14 GMT
x-content-type-options: nosniff
age: 255542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 06:08:14 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2
fonts.gstatic.com/s/oswald/v49/ 14 KB
14 KB 27ms
15ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlYHYjedg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:09:25 GMT
x-content-type-options: nosniff
age: 176271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14156
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:38:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 04:09:25 GMT

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2
fonts.gstatic.com/s/oswald/v49/ 4 KB
5 KB 38ms
26ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlZHYjedg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:58:26 GMT
x-content-type-options: nosniff
age: 292130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4552
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:46:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 19:58:26 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 34 KB
35 KB 41ms
30ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 03:46:24 GMT
x-content-type-options: nosniff
age: 4852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35184
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 16 Jun 2024 03:46:24 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 16 KB
16 KB 39ms
28ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb74f52d595b97010ee3601e1ed536cccc19ee8ceb78fade65507a34f87c53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 21:46:10 GMT
x-content-type-options: nosniff
age: 26466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16524
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 21:46:10 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GzWQI.woff2
fonts.gstatic.com/s/mavenpro/v32/ 18 KB
18 KB 36ms
26ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v32/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 11:11:15 GMT
x-content-type-options: nosniff
age: 150961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18144
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:35:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 11:11:15 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3Gw2QIAFg.woff2
fonts.gstatic.com/s/mavenpro/v32/ 16 KB
16 KB 38ms
29ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v32/7Au9p_AqnyWWAxW2Wk3Gw2QIAFg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bce2cf8e06ad2dc30050bee750600157e8d3e928b938594a49547224afd936f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 06:04:43 GMT
x-content-type-options: nosniff
age: 601353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16004
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 06:04:43 GMT

GET
H2 200 7Au9p_AqnyWWAxW2Wk3GwmQIAFg.woff2
fonts.gstatic.com/s/mavenpro/v32/ 6 KB
6 KB 33ms
24ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/mavenpro/v32/7Au9p_AqnyWWAxW2Wk3GwmQIAFg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b160315ff190f6fff918c65d44f12aa86cec767a318e1b47bb01a1bfc03d3b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 05:10:55 GMT
x-content-type-options: nosniff
age: 258981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5824
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:41:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 05:10:55 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 20ms
18ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:28:38 GMT
x-content-type-options: nosniff
age: 106718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34432
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jun 2024 23:28:38 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v25/ 20 KB
21 KB 16ms
14ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufD5qW54A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9499d2bf924cf5b463a7df1edaaa3dfff31928f78f9c99cadd02c93c234256b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 23:04:20 GMT
x-content-type-options: nosniff
age: 367376
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20976
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:54:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 23:04:20 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2
fonts.gstatic.com/s/robotoslab/v25/ 10 KB
10 KB 29ms
27ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufC5qW54A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe06db86dea162e6e57982c04e1dbcb468f1289de9b6759a0c4a84c65f4cde5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 18:16:49 GMT
x-content-type-options: nosniff
age: 298227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9968
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:47:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jun 2024 18:16:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 33ms
32ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 16:31:56 GMT
x-content-type-options: nosniff
age: 390920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 16:31:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 5 KB
6 KB 22ms
21ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfCxc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 23:41:16 GMT
x-content-type-options: nosniff
age: 19560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5548
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 23:41:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 22ms
21ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 00:05:38 GMT
x-content-type-options: nosniff
age: 277298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 00:05:38 GMT

GET
H2 200 527979739342011 Show response
connect.facebook.net/signals/config/ 74 KB
20 KB 319ms
319ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/527979739342011?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9b777b0d099b6622b571c92bee8d4cca8534ce6c4df694c71885245d3fad686

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 0ltNMDKeJUNpwlU6LNIFlBU3vS0YKvWvPKOTUV4+86yyxGwvIj1SSGOk0W0jzFiHZc47rsW5raEKSKapdwMY6Q==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 event
a.ladipage.com/ Frame 0
0 15ms
4ms Preflight
application/json 13.213.218.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.218.238 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-218-238.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,ladi_camp_form_submit,ladi_camp_id,ladi_camp_name,ladi_camp_origin_url,ladi_camp_page_view,ladi_camp_target_url,ladi_camp_type,ladi_client_id,ladi_form_submit,ladi_page_view
Access-Control-Request-Method: POST
Origin: https://www.joint-bonus.biz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 2592000
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sat, 17 Jun 2023 05:07:16 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 ladipage.formdata.min.js Show response
w.ladicdn.com/v2/source/ 51 KB
15 KB 4ms
4ms Script
text/javascript 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://w.ladicdn.com/v2/source/ladipage.formdata.min.js?v=1681269704720
Requested by: Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681269704720
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 5329557d2ef5f153ceceb013260974458b8596f12df9939b8e2caf7bb9b9c10e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: br
cdn-edgestorageid: 979
perma-cache: HIT
cdn-storageserver: SG-516
cdn-cachedat: 05/05/2023 04:50:26
cdn-pullzone: 575124
last-modified: Wed, 03 May 2023 12:57:34 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 381
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"64525a3e-cc96"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
cache-control: public, max-age=31919000
cdn-requestid: d5dfbf018ee26deb718ab6a5945d5861
cdn-requestcountrycode: SG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tq Show response
docs.google.com/spreadsheets/d/1icauPZ1ppkPZex-Xk6Py7UrqUqvAGC-8ybab6CBvK84/gviz/ 4 KB
2 KB 607ms
592ms XHR
application/javascript 2404:6800:4003:c06::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/spreadsheets/d/1icauPZ1ppkPZex-Xk6Py7UrqUqvAGC-8ybab6CBvK84/gviz/tq?tqx=out:json

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681269704720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::8b , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

369cdeadb6b24a3a009a6c21aa9f671a60989f8c98e2a7422ff5cfd58980f1bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-ssKFKADboLM8wcsIB94uKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: base-uri 'self';object-src 'self';report-uri https://docs.google.com/spreadsheets/cspreport;script-src 'report-sample' 'nonce-ssKFKADboLM8wcsIB94uKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';worker-src 'self' blob:
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.joint-bonus.biz
access-control-expose-headers: Cache-Control,Content-Disposition,Content-Encoding,Content-Length,Content-Type,Date,Expires,Pragma,Server,Transfer-Encoding
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-robots-tag: noindex, nofollow, nosnippet
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 event Show response
a.ladipage.com/ 106 B
632 B 7ms
7ms XHR
text/plain 13.213.218.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a.ladipage.com/event

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681269704720

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.213.218.238 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-213-218-238.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

LADI_CLIENT_ID: 11139461-deae-4abe-54d6-57d4c58ee4d8
LADI_CAMP_ORIGIN_URL
LADI_FORM_SUBMIT: 0
LADI_CAMP_ID
LADI_CAMP_FORM_SUBMIT: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
LADI_CAMP_NAME
Content-Type: application/json
accept-language: zh-SG,zh;q=0.9
LADI_CAMP_TARGET_URL
LADI_CAMP_PAGE_VIEW: 0
Referer: https://www.joint-bonus.biz/
LADI_PAGE_VIEW: 1
LADI_CAMP_TYPE

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-max-age: 2592000
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Accept-Encoding, ladi_camp_form_submit, ladi_camp_form_submit_daily, ladi_camp_id, ladi_camp_name, ladi_camp_origin_url, ladi_camp_page_view, ladi_camp_page_view_daily, ladi_camp_target_url, ladi_camp_type, ladi_client_id, ladi_form_submit, ladi_form_submit_daily, ladi_page_view, ladi_page_view_daily
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 73ms
64ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: w.ladicdn.com
URL: https://w.ladicdn.com/v2/source/ladipagev3.min.js?v=1681269704720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3c498f811bc404171ad11779e3c81f2da26f27b0e1179b1544c1487030b16e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=zh-CN for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sat, 17 Jun 2023 05:07:16 GMT

GET
H2 200 1ft9ahd78 Show response
embed.tawk.to/622172dda34c2456412957f8/ 2 KB
925 B 860ms
835ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d8656ae85036f7dc03e8d35f25c1b3f59532aa08b01881a316c91dd656af97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-64795e77f7f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 7d88c49b69114619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/ 197 KB
61 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce64739515c1fb2b75b61cce955a1843453d21819cf66f3a05e1d3771103994f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 01:57:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62565
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 01:57:00 GMT

GET
H3 200 37JhJaAovBE Show response
www.youtube.com/embed/ Frame A27C 74 KB
30 KB 95ms
94ms Document
text/html 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dee5bf7bc371d1e939a789ad2d0011301678a5536b3e2198ba77fa9f3f639a48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.joint-bonus.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 17 Jun 2023 05:07:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/6ed0d907/ Frame A27C 410 KB
48 KB 5ms
5ms Stylesheet
text/css 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 23:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 106121
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49278
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jun 2024 23:38:35 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/ Frame A27C 308 KB
93 KB 8ms
7ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 17:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94811
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 17:28:49 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/ Frame A27C 2 MB
747 KB 10ms
9ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a05e2b73bf9854c456f21ad4e4f047382f8e0be3f101da744daf09f4199ca24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 20:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 764675
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 20:30:29 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/ Frame A27C 9 KB
3 KB 11ms
10ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 03:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 91402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2625
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 03:43:54 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-xss-protection: 0
pragma: public
x-fb-debug: 60zCdTRjmQsXQnMg009EdAUyCzBbS9fR0cMtsbghNezEQtKjcBqFIz2CU7xoCDxLlkXVU1mtezJ/uCVe/x9YQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
3ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527979739342011&ev=PageView&dl=https%3A%2F%2Fwww.joint-bonus.biz%2F&rl=&if=false&ts=1686978436646&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=28&fbp=fb.1.1686978436645.198973914&it=1686978436261&coo=false&rqm=GET

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527979739342011&ev=ViewContent&dl=https%3A%2F%2Fwww.joint-bonus.biz%2F&rl=&if=false&ts=1686978436647&sw=1600&sh=1200&v=2.9.107&r=stable&ec=1&o=28&fbp=fb.1.1686978436645.198973914&it=1686978436261&coo=false&rqm=GET

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 26ms
5ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=527979739342011&ev=ScrollDepth_25_percent&dl=https%3A%2F%2Fwww.joint-bonus.biz%2F&rl=&if=false&ts=1686978436648&sw=1600&sh=1200&v=2.9.107&r=stable&ec=2&o=28&fbp=fb.1.1686978436645.198973914&it=1686978436261&coo=false&rqm=GET

Requested by

Host: www.joint-bonus.biz
URL: https://www.joint-bonus.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 17 Jun 2023 05:07:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A27C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

6ms
5ms

XHR
application/json

2404:6800:4003:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Server

2404:6800:4003:c05::9c , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db6a64d66c47c54ce37543b12de52788a6c9b4bb06c75fb1a2f27ffa78bfab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 17 Jun 2023 05:07:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A27C 29 B
495 B 14ms
4ms Script
text/javascript 2404:6800:4003:c11::95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::95 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 04:53:38 GMT
x-content-type-options: nosniff
age: 818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Jun 2023 05:08:38 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
24ms Preflight
text/html 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 05:07:16 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A27C 68 KB
31 KB 16ms
14ms XHR
application/json+protobuf 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f55e1f32e266bd52e033a890c13d8436c437d2fdf3e860e7162019b7115c2157

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31786
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/ Frame A27C 116 KB
33 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c332814fa35de66da44ffb2aa7898ab080f69273fb6da39f231e6792ce19363e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 02:31:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33712
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 16 Jun 2024 02:31:57 GMT

GET
H2 200 PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js Show response
www.google.com/js/th/ Frame A27C 37 KB
15 KB 15ms
5ms Script
text/javascript 2404:6800:4003:c05::68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/PL4KOxJRKAJ5K5jApE3L9HXpIfC5FQxeQ0eBEvK16Jc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::68 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 19:59:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 292079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 19:59:17 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/37JhJaAovBE/ Frame A27C 50 KB
50 KB 131ms
117ms Image
image/jpeg 2404:6800:4003:c1a::77
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/37JhJaAovBE/sddefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::77 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b68a470d291462181954338b65b3f6c386830db9e527e7c078230d032fe9e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:16 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50942
x-xss-protection: 0
server: sffe
etag: "1666976592"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 17 Jun 2023 07:07:16 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/ Frame A27C 29 KB
8 KB 5ms
4ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a8c37066819453d72d03010ba39b55ffc1580ad16cc57795d38b0d6ebd73f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 00:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102497
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8241
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 00:38:59 GMT

GET
DATA 200
OK truncated
/ Frame A27C 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 S5DAnXmeHTj3mclF422BpdA-t-JMPVgGO0NX2lGQSRiWMuRyxLwljo5aMC2GFyANMB-6wfaw-w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A27C 3 KB
3 KB 315ms
304ms Image
image/jpeg 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/S5DAnXmeHTj3mclF422BpdA-t-JMPVgGO0NX2lGQSRiWMuRyxLwljo5aMC2GFyANMB-6wfaw-w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f68076d258ba60cb4829845ec536cc80c17a95a9df190c55f8a4f9a0aaaaed4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2616
x-xss-protection: 0
expires: Sun, 18 Jun 2023 05:07:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A27C 15 KB
15 KB 5ms
3ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 14:45:17 GMT
x-content-type-options: nosniff
age: 397319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Jun 2024 14:45:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A27C 12 KB
12 KB 6ms
4ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 11:09:09 GMT
x-content-type-options: nosniff
age: 237487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11936
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Jun 2024 11:09:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A27C 5 KB
5 KB 6ms
5ms Font
font/woff2 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 02:10:28 GMT
x-content-type-options: nosniff
age: 97008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Jun 2024 02:10:28 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame A27C 73 KB
24 KB 141ms
140ms XHR
application/json 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d45e0188391946b20f73ca712a3c77295b80e4c7f8995dac0dabdc2122ce1570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230613.01.00
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24834
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A27C 259 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 18a92de77b3f1ba60ee2affb0852898fcd76f213f673f7a395cabe55778f986a

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 7ms
6ms Preflight
text/html 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 17 Jun 2023 05:07:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame A27C 90 B
134 B 10ms
10ms XHR
application/json+protobuf 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c05::5f , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ee39f200543ed2cb4276d1b17a4bf957c3c033ec16fb0258bb6306e9746f805e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A27C 4 KB
2 KB 23ms
6ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 17 Jun 2023 05:07:17 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A27C 0
10 B 7ms
6ms Image
text/plain 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?dpcp_Q
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame A27C 0
19 B 5ms
5ms XHR
text/html 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=6tzbyZ3KUi9xA8vU&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24219382%2C24255165%2C24364789%2C24366065%2C24366917%2C24378125%2C24379215%2C24380264%2C24415864%2C24416291%2C24439361%2C24532855%2C39323074&cl=540057686&seq=1&docid=37JhJaAovBE&ei=hD-NZN7COMynwgPvypLQBA&event=streamingstats&plid=AAX-TEZ7RqMAJVe0&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F37JhJaAovBE%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.joint-bonus.biz%26widgetid%3D1&qclc=ChA2dHpieVozS1VpOXhBOHZVEAE&cbr=Chrome&cbrver=114.0.5735.133&c=WEB_EMBEDDED_PLAYER&cver=1.20230613.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.015:B,0.218:B,0.218:B&cat=streaming&cmt=0.015:0.000,0.218:0.000&afs=0.218:251::i&vfs=0.218:243:243::r&view=0.218:420:236&bwe=0.218:130000&bat=0.218:1:1&vis=0.218:0&bh=0.218:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436690&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 05:07:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 72 KB
73 KB 478ms
458ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=video%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=6861785&dur=245.945&lmt=1667103775288982&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJ803mpSLy94mQpc9wqmgpd_PlOfM8jIDi1Dezw5T0YoAiEAnLpoUxqukIncUzivwUK5-7g4wzge8AAoW-eB-MusbEk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=0-73703&rn=1&rbuf=0&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d6a3addcd1509a399b7714c1f77162c7c8ad51303c61669a68523a550322722d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 05:07:17 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 30 Oct 2022 04:22:55 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 17 Jun 2023 05:07:17 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 65 KB
66 KB 62ms
45ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=251&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=3606332&dur=245.961&lmt=1667103657943702&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPRbMMRz0HQyhSU3ThE7hczE1jNCU8jW9XNL1CRVlkR0AiEAjcEHjoWpRg52cjndVdVNmXnm7bVJ2MKO-LKW0JbQrhw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=0-66223&rn=2&rbuf=0&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eaa5c14e81c5194c138a3289a71cdf5a2d208f950f070b4fd62f599984cd14e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 05:07:17 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Sun, 30 Oct 2022 04:20:57 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Sat, 17 Jun 2023 05:07:17 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/ Frame A27C 69 KB
23 KB 5ms
5ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06f13aae2b71a9a8dfc488207fa298d6630e616fd2502ff427ab377413d656da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 18:28:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23744
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 18:28:43 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/ Frame A27C 33 KB
8 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77844f8a9967802a01bb5d0cf8b18f9cc60d9ea0dd5decab9c034e0b6ff978bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 22:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8460
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 01:47:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 15 Jun 2024 22:37:26 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame A27C 9 KB
3 KB 274ms
274ms XHR
application/json 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

3c7e17c3b17ca92577a4d1c5454ab47b9a3a997045ca6cd947073fe28c253348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230613.01.00
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3146
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/114/ Frame A27C 51 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4003:c11::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/114/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c11::5e , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 09:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15225
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 15:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 17 Jun 2023 09:23:36 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A27C 28 B
50 B 14ms
14ms XHR
application/json 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1686978437175
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436599&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 121 B
275 B 13ms
11ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 231963
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad394619-SIN

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 81 KB
29 KB 417ms
415ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad3a4619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 210 KB
62 KB 419ms
417ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
content-encoding: br
etag: W/"01b31f3e100a09c2fbb450c0599a9d8e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad3b4619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 205 KB
41 KB 628ms
627ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
content-encoding: br
etag: W/"00aa43670bf94cf802dd5797a4416a00"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad3c4619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 2 KB
1 KB 215ms
214ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
content-encoding: br
etag: W/"471fc97e0f884da442b8dc6ac18e204a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad3d4619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 151 B
206 B 216ms
215ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/622172dda34c2456412957f8/1ft9ahd78

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
Origin: https://www.joint-bonus.biz
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4a0ad3e4619-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 S5DAnXmeHTj3mclF422BpdA-t-JMPVgGO0NX2lGQSRiWMuRyxLwljo5aMC2GFyANMB-6wfaw-w=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame A27C 3 KB
4 KB 46ms
45ms Image
image/jpeg 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/S5DAnXmeHTj3mclF422BpdA-t-JMPVgGO0NX2lGQSRiWMuRyxLwljo5aMC2GFyANMB-6wfaw-w=s88-c-k-c0x00ffffff-no-rj

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d41638d9d8929ea88d6185dbe6524c662b3bc3833b8a8113e7340c9b8a984b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:17 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3531
x-xss-protection: 0
expires: Sun, 18 Jun 2023 05:07:17 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame A27C 0
17 B 7ms
7ms XHR
text/html 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=6tzbyZ3KUi9xA8vU&ver=2&cmt=0.016&fmt=243&fs=0&rt=0.824&euri=https%3A%2F%2Fwww.joint-bonus.biz%2F&lact=984&cl=540057686&mos=1&volume=100&cbr=Chrome&cbrver=114.0.5735.133&c=WEB_EMBEDDED_PLAYER&cver=1.20230613.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=zh_CN&cr=SG&len=245.961&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24219382%2C24255165%2C24364789%2C24366065%2C24366917%2C24378125%2C24379215%2C24380264%2C24415864%2C24416291%2C24439361%2C24532855%2C39323074&rtn=8&afmt=251&size=420%3A236&inview=0&muted=1&docid=37JhJaAovBE&ei=hD-NZN7COMynwgPvypLQBA&plid=AAX-TEZ7RqMAJVe0&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F37JhJaAovBE%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.joint-bonus.biz%26widgetid%3D1&of=1gUfgraRJ0bAs7VkYco9bg&vm=CAEQABgEOjJBQ00wQ1lqMHF6Um9Ickk5UjN3WEJhSmRTUXVUby1BTjlYRHlMMnliSGpQQmJjZVJCQWJYQVBta0tESU1NOV93Y3JtLU5GTXNib25KWVhCenhkTVdwcUY0UkxvWTMzOXZiOVJ3MThhQ2MwUkJHanBkXzVfVEoyX2dxcjBFQmFuUndtcEdwbzRjTlBWamgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436690&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 05:07:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame A27C 0
17 B 6ms
5ms XHR
text/html 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=37JhJaAovBE&cpn=6tzbyZ3KUi9xA8vU&ei=hD-NZN7COMynwgPvypLQBA&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436690&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 05:07:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 842ms
829ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=622172dda34c2456412957f8&widgetId=1ft9ahd78&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa9422e15e4bf77c5c8a83ecc8a6679f994f5fdd8d1af2e6b9e039199e2c3800

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-lsq6
server: cloudflare
etag: W/"2-39-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 7d88c4a4e9854619-SIN
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 996 B
1 KB 413ms
405ms Fetch
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85bd2f4550a0a582f736505c09222857a7f32f683347c85c223d00c18c32105c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.joint-bonus.biz
access-control-allow-credentials: true
cf-ray: 7d88c4a66cfb3fb1-SIN
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-lsq6

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 238ms
232ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.joint-bonus.biz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.joint-bonus.biz
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d88c4a4e9864619-SIN
date: Sat, 17 Jun 2023 05:07:18 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-74b7

GET
H2 200 photo-0-1484192224553-20221025044509-6zohg.jpg
w.ladicdn.com/s250x250/5f55eb73ef9293158e521a84/ 25 KB
25 KB 5ms
4ms Image
image/jpeg 2400:52e0:1500::945:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.ladicdn.com/s250x250/5f55eb73ef9293158e521a84/photo-0-1484192224553-20221025044509-6zohg.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1500::945:1 , Singapore, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-SG1-945 /
Resource Hash: 5d5eb8c04a25e1f27e6d5a44d37f3951ebe9743e3013a80bafe339f0de4959ae

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
cdn-edgestorageid: 982
perma-cache: HIT
cdn-storageserver: SG-560
cdn-cachedat: 06/17/2023 03:33:38
cdn-pullzone: 575124
content-length: 25157
last-modified: Tue, 25 Oct 2022 04:58:08 GMT
server: BunnyCDN-SG1-945
cdn-fileserver: 345
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: "63576ce0-6245"
content-type: image/jpeg
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 595f2f5d-bafe-46b1-9efc-ee9b65944aba
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 4dc83a6686841a2ef5d84cfaa5ce90aa
accept-ranges: bytes
cdn-requestcountrycode: SG
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 71 KB
71 KB 10ms
3ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=video%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=6861785&dur=245.945&lmt=1667103775288982&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJ803mpSLy94mQpc9wqmgpd_PlOfM8jIDi1Dezw5T0YoAiEAnLpoUxqukIncUzivwUK5-7g4wzge8AAoW-eB-MusbEk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=73704-146363&rn=3&rbuf=1881&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a4dcfaaaa4f4d90313871b8a906eca5bf3aaced669532f987c685ba90602d74a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 05:07:18 GMT
date: Sat, 17 Jun 2023 05:07:18 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 30 Oct 2022 04:22:55 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 64 KB
64 KB 4ms
4ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=251&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=3606332&dur=245.961&lmt=1667103657943702&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPRbMMRz0HQyhSU3ThE7hczE1jNCU8jW9XNL1CRVlkR0AiEAjcEHjoWpRg52cjndVdVNmXnm7bVJ2MKO-LKW0JbQrhw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=66224-131759&rn=4&rbuf=3918&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e2e3a08e1235ce15106a1a97ad345a93bbc360fff185edfbfa688845dd49f975

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 17 Jun 2023 05:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Oct 2022 04:20:57 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 17 Jun 2023 05:07:18 GMT

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 151 KB
151 KB 5ms
5ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=video%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=6861785&dur=245.945&lmt=1667103775288982&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJ803mpSLy94mQpc9wqmgpd_PlOfM8jIDi1Dezw5T0YoAiEAnLpoUxqukIncUzivwUK5-7g4wzge8AAoW-eB-MusbEk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=146364-300502&rn=5&rbuf=4243&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d6e90166ca19307f63f11416a0a577b2e0fbd637606a0e04958267bf4581119c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 05:07:18 GMT
date: Sat, 17 Jun 2023 05:07:18 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 30 Oct 2022 04:22:55 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 122 KB
122 KB 4ms
4ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=251&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=3606332&dur=245.961&lmt=1667103657943702&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPRbMMRz0HQyhSU3ThE7hczE1jNCU8jW9XNL1CRVlkR0AiEAjcEHjoWpRg52cjndVdVNmXnm7bVJ2MKO-LKW0JbQrhw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=131760-256696&rn=6&rbuf=8316&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d1534692570edf73788fe0e066142b9a117f1030170b045051e6d945886e804a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 17 Jun 2023 05:07:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Oct 2022 04:20:57 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 17 Jun 2023 05:07:18 GMT

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 191 KB
191 KB 4ms
4ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=video%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=6861785&dur=245.945&lmt=1667103775288982&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJ803mpSLy94mQpc9wqmgpd_PlOfM8jIDi1Dezw5T0YoAiEAnLpoUxqukIncUzivwUK5-7g4wzge8AAoW-eB-MusbEk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=300503-496030&rn=7&rbuf=8539&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8ad605bfbc9f3de4b6441d27d846bbbe60b17e4c9ed22f6c01edb6b1c6c10854

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 05:07:18 GMT
date: Sat, 17 Jun 2023 05:07:18 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 30 Oct 2022 04:22:55 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 200 vi.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/languages/ 17 KB
5 KB 16ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/languages/vi.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d363b609156e7caa17a2cf66227e26fcfd9eab20d9040d75c35242f3b541c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1282572
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"0158f0762d06b293898bebb1ce614f7b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa19cc3fb1-SIN

GET
H3 200 twk-chunk-2c78ba82.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 7 KB
2 KB 18ms
17ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2c78ba82.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0411bd9e471f272135c9cd02f2a28757862e8b59733f1501d9ad1af2dec5a879

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301953
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"a365c34c6cb5f6c0443d0e2a66a93be2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a0b3fb1-SIN

GET
H3 200 twk-chunk-696bc286.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 18 KB
5 KB 16ms
15ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-696bc286.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a137b6d915c842f317b92af003081805d36f2037062eead04c3cecc3893cc9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301953
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"6dd996f847762fe19aadcbd932a92b08"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a0c3fb1-SIN

GET
H3 200 twk-chunk-f1596d96.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 11 KB
4 KB 15ms
15ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-f1596d96.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

214a552a60d83d9b746191d65391e98126e2b9cf207894f6a590494f1623f74a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301953
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"ecc97f98f23e936ee6e93a25b5deda4e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a0d3fb1-SIN

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 906 B
662 B 13ms
13ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301954
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a0e3fb1-SIN

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 535 B
574 B 15ms
14ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301954
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a0f3fb1-SIN

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 689 B
673 B 17ms
16ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301953
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"a6432972b93f7d0476635e7ac224d718"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a103fb1-SIN

GET
H3 200 twk-chunk-07cad36d.js Show response
embed.tawk.to/_s/v4/app/64795e77f7f/js/ 92 KB
19 KB 17ms
17ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-07cad36d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c55670ad77526b0eb69b7fab93da3bf979e4197bafffb5e6802d36aed72249fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.joint-bonus.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301954
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 02 Jun 2023 03:15:39 GMT
server: cloudflare
etag: W/"c1f0a7a7efb96bfdcdc443a0d6dfd1ca"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa4a113fb1-SIN

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/64795e77f7f/css/ Frame 093A 24 KB
5 KB 17ms
17ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51e73fb66e2b18f262f86ba2880f9369b6a66d7411a3c8daa1146aaafc2690e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301922
cf-polished: origSize=24840
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 03:15:38 GMT
server: cloudflare
etag: W/"3d22e9f29d90d6fd0e66aebbeadc0ca2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa7a3e3fb1-SIN

GET
H3 200 bubble-widget.css
embed.tawk.to/_s/v4/app/64795e77f7f/css/ Frame 778C 13 KB
3 KB 13ms
12ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/css/bubble-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301953
cf-polished: origSize=13594
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 03:15:38 GMT
server: cloudflare
etag: W/"ce7913b80c763449b3895d46419f7a6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aa8a5d3fb1-SIN

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/64795e77f7f/css/ Frame DE8C 73 KB
14 KB 14ms
13ms Stylesheet
text/css 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/64795e77f7f/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-2c78ba82.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a374cd80761045b46086558d2a9449f98c578d9f9bd68cc435ae780a845770c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1301922
cf-polished: origSize=74548
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 02 Jun 2023 03:15:38 GMT
server: cloudflare
etag: W/"f335908186585c187eea3163811286d9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aaaa833fb1-SIN

GET
H3 200 168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 778C 22 KB
6 KB 14ms
13ms Image
image/svg+xml 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 17 Jun 2023 05:07:18 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1497311
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 May 2021 07:25:19 GMT
server: cloudflare
etag: W/"f66e029841759471d2ec78b86760dca7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 7d88c4aaca983fb1-SIN

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 225ms
224ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.joint-bonus.biz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.joint-bonus.biz
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7d88c4afbce09fa3-SIN
date: Sat, 17 Jun 2023 05:07:19 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-334l

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
264 B 230ms
229ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/64795e77f7f/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.joint-bonus.biz/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sat, 17 Jun 2023 05:07:20 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.joint-bonus.biz
access-control-allow-credentials: true
cf-ray: 7d88c4b12e5b9fa3-SIN
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-jtbp

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A27C 28 B
50 B 10ms
10ms XHR
application/json 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
X-Goog-Request-Time: 1686978440496
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436599&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 17 Jun 2023 05:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 300 KB
300 KB 4ms
4ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=video%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=6861785&dur=245.945&lmt=1667103775288982&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJ803mpSLy94mQpc9wqmgpd_PlOfM8jIDi1Dezw5T0YoAiEAnLpoUxqukIncUzivwUK5-7g4wzge8AAoW-eB-MusbEk%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=496031-803232&rn=8&rbuf=12344&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

167c3939200f7e3b45cb75f9440c3eeedaacf68ae19da93e604febd5168eb042

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

expires: Sat, 17 Jun 2023 05:07:20 GMT
date: Sat, 17 Jun 2023 05:07:20 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Sun, 30 Oct 2022 04:22:55 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr5---sn-npoe7ner.googlevideo.com/ Frame A27C 179 KB
179 KB 5ms
4ms Fetch
application/vnd.yt-ump 2404:6800:4003:3::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoe7ner.googlevideo.com/videoplayback?expire=1687000037&ei=hD-NZN7COMynwgPvypLQBA&ip=2001%3Adf1%3A800%3Aa004%3A1%3A%3A3&id=o-AMInWyzz3bHI7txRmg9nP8QWLgLUS_M6GR-8KhZLNXY0&itag=251&source=youtube&requiressl=yes&mh=tJ&mm=31%2C26&mn=sn-npoe7ner%2Csn-oguesndr&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=445000&spc=qEK7ByT1NM44wKWIjBPn8Niy6UkxzRqiE_td4UEhXg&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=n3NZPsOUAwrvzk8ZePasTMQN&gir=yes&clen=3606332&dur=245.961&lmt=1667103657943702&mt=1686978066&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=pEq4Jd_6rD6ovw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPRbMMRz0HQyhSU3ThE7hczE1jNCU8jW9XNL1CRVlkR0AiEAjcEHjoWpRg52cjndVdVNmXnm7bVJ2MKO-LKW0JbQrhw%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhAPzqdAeUL-k5DBDp_fTYIV5aGBYnGyk9-m0GHJQVJIBGAiEAyXNISP0l0Df2VoBpIlc0NaUFBkrJ3NIiGpWRGweqJ9s%3D&alr=yes&cpn=6tzbyZ3KUi9xA8vU&cver=1.20230613.01.00&range=256697-440324&rn=9&rbuf=13266&pot=MmQlvBAOkD4XyiWEnIHlqyv93JOu4vzm-KJEcRnd-MRnnupq_tcnVI4l6_sk4Z8vSLifcbTfxnBHfSWqevu1Ws5N_9gfzpjitOqlw0dgpQafA-qrjmFZOuhiGT-73OvOkByh3Ypn&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:3::a , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

661aef20fc75893a4f1b4e34c6a9e5f3abc1a4742726b565043fdc95e1efb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

client-protocol: quic
date: Sat, 17 Jun 2023 05:07:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 30 Oct 2022 04:20:57 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Sat, 17 Jun 2023 05:07:21 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame A27C 0
20 B 11ms
10ms XHR
text/html 2404:6800:4003:c1a::88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=6tzbyZ3KUi9xA8vU&ver=2&cmt=4.53&fmt=243&fs=0&rt=5.374&euri=https%3A%2F%2Fwww.joint-bonus.biz%2F&lact=5534&cl=540057686&mos=1&volume=100&cbr=Chrome&cbrver=114.0.5735.133&c=WEB_EMBEDDED_PLAYER&cver=1.20230613.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=zh_CN&cr=SG&len=245.961&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24208765%2C24219382%2C24255165%2C24364789%2C24366065%2C24366917%2C24378125%2C24379215%2C24380264%2C24415864%2C24416291%2C24439361%2C24532855%2C39323074&afmt=251&muted=1&docid=37JhJaAovBE&ei=hD-NZN7COMynwgPvypLQBA&plid=AAX-TEZ7RqMAJVe0&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F37JhJaAovBE%3Frel%3D0%26modestbranding%3D0%26playsinline%3D1%26controls%3D1%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252Fwww.joint-bonus.biz%26widgetid%3D1&of=1gUfgraRJ0bAs7VkYco9bg&vm=CAEQABgEOjJBQ00wQ1lqMHF6Um9Ickk5UjN3WEJhSmRTUXVUby1BTjlYRHlMMnliSGpQQmJjZVJCQWJYQVBta0tESU1NOV93Y3JtLU5GTXNib25KWVhCenhkTVdwcUY0UkxvWTMzOXZiOVJ3MThhQ2MwUkJHanBkXzVfVEoyX2dxcjBFQmFuUndtcEdwbzRjTlBWamgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6ed0d907/player_ias.vflset/zh_CN/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::88 , Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/37JhJaAovBE?rel=0&modestbranding=0&playsinline=1&controls=1&enablejsapi=1&origin=https%3A%2F%2Fwww.joint-bonus.biz&widgetid=1
X-YouTube-Client-Version: 1.20230613.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgszUlNtaEwydVFrVSiE_7SkBg%3D%3D
X-YouTube-Ad-Signals: dt=1686978436690&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C420%2C236&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Sat, 17 Jun 2023 05:07:22 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.joint-bonus.biz/	1970-01-20 22:12:18	Name: LADI_DNS_CHECK Value: "2023-06-17 05:07:16.086219468 +0000 UTC m=+241194.735262712"
www.joint-bonus.biz/	1970-01-20 22:12:18	Name: LADI_CLIENT_ID Value: 11139461-deae-4abe-54d6-57d4c58ee4d8
www.joint-bonus.biz/	1970-01-20 22:12:18	Name: LADI_FORM_SUBMIT Value: 0
www.joint-bonus.biz/	1970-01-20 22:12:18	Name: LADI_PAGE_VIEW Value: 1
www.joint-bonus.biz/	1970-01-20 12:37:44	Name: _timenow Value: 1686978436312
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 8LcZS0N2Imc
.youtube.com/	1970-01-20 16:55:30	Name: VISITOR_INFO1_LIVE Value: 3RSmhL2uQkU
.joint-bonus.biz/	1970-01-20 14:45:54	Name: _fbp Value: fb.1.1686978436645.198973914
www.joint-bonus.biz/	1969-12-31 23:59:59	Name: twk_idm_key Value: BnuKUwk7W72AyhPhVEfKo
www.joint-bonus.biz/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.joint-bonus.biz/	1970-01-20 16:55:30	Name: twk_uuid_622172dda34c2456412957f8 Value: %7B%22uuid%22%3A%221.WrrUjXsBiEpuCHgXoPYZtni8LidmVZ8umV9kX4ka3zve8778WmBiLApmZTrZiiAT73rDPn2ZK3l73PTq7SDpFUk6WPzEmNkW2G12fR1SHfio6lWyCrQlc7F6A%22%2C%22version%22%3A3%2C%22domain%22%3A%22joint-bonus.biz%22%2C%22ts%22%3A1686978438753%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.youtube.com/s/player/6ed0d907/www-widgetapi.vflset/www-widgetapi.js(Line 1135) Message: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ladipage.com
connect.facebook.net
docs.google.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
jnn-pa.googleapis.com
joint-bonus.biz
rr5---sn-npoe7ner.googlevideo.com
static.doubleclick.net
va.tawk.to
w.ladicdn.com
www.facebook.com
www.google.com
www.gstatic.com
www.joint-bonus.biz
www.youtube.com
yt3.ggpht.com
13.213.218.238
13.229.38.226
2400:52e0:1500::945:1
2404:6800:4003:3::a
2404:6800:4003:c01::84
2404:6800:4003:c04::5e
2404:6800:4003:c05::5f
2404:6800:4003:c05::68
2404:6800:4003:c05::9c
2404:6800:4003:c06::65
2404:6800:4003:c06::8b
2404:6800:4003:c11::5e
2404:6800:4003:c11::5f
2404:6800:4003:c11::95
2404:6800:4003:c1a::77
2404:6800:4003:c1a::88
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
3.1.17.18
0411bd9e471f272135c9cd02f2a28757862e8b59733f1501d9ad1af2dec5a879
06f13aae2b71a9a8dfc488207fa298d6630e616fd2502ff427ab377413d656da
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0b68a470d291462181954338b65b3f6c386830db9e527e7c078230d032fe9e7f
0d43791134e2e13160c0f0ad2a1b60831798f279d51728750ab7a5e3adce156a
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
167c3939200f7e3b45cb75f9440c3eeedaacf68ae19da93e604febd5168eb042
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
18a92de77b3f1ba60ee2affb0852898fcd76f213f673f7a395cabe55778f986a
1a05e2b73bf9854c456f21ad4e4f047382f8e0be3f101da744daf09f4199ca24
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
214a552a60d83d9b746191d65391e98126e2b9cf207894f6a590494f1623f74a
264c60b9780ed0421503d8f49988a3a9082436872baca21b9833b1e337eaf2c1
27c56a8531909198c844a42c1df71710e2c7d6ff874fa2be5667c755a8b00e55
2b566d22c0563b579149060354f5b869a6721f5b9543c07a7509928a8e6687d5
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
369cdeadb6b24a3a009a6c21aa9f671a60989f8c98e2a7422ff5cfd58980f1bb
3826b205b3aadf36bce4e5fabdcc4caf48d8429360f80e822e743dc180c5c592
3bce2cf8e06ad2dc30050bee750600157e8d3e928b938594a49547224afd936f
3c7e17c3b17ca92577a4d1c5454ab47b9a3a997045ca6cd947073fe28c253348
3cbe0a3b12512802792b98c0a44dcbf475e921f0b9150c5e43478112f2b5e897
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4300f8b2fe7c4584f81acd4797abeab846f74378ef6d7d6420f6e6fe95b2dd9f
468a7593d9eb66bc7d793c5be206ad772da00cc8be691b400ab5c2ea8108c706
49d8656ae85036f7dc03e8d35f25c1b3f59532aa08b01881a316c91dd656af97
4a8c37066819453d72d03010ba39b55ffc1580ad16cc57795d38b0d6ebd73f7b
4ec57f2a80b91090971b83970230ca09ab3568c5f5b224896ca9aa6180a76aa9
4fa02c92c32cd79f96f6032cd26baa89f69748297451280bde4851c486b4c843
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
51e73fb66e2b18f262f86ba2880f9369b6a66d7411a3c8daa1146aaafc2690e6
5329557d2ef5f153ceceb013260974458b8596f12df9939b8e2caf7bb9b9c10e
59fdf94e2aafb4d44e55197e7f2eb636500c59d704d64c9832b547a9cd96d3b3
5d5eb8c04a25e1f27e6d5a44d37f3951ebe9743e3013a80bafe339f0de4959ae
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
661aef20fc75893a4f1b4e34c6a9e5f3abc1a4742726b565043fdc95e1efb954
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d6b969806080e1a761470b1f28859f3ff7d1bf3b6b41a2392ef6143af5b0d13
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
72deb01333692d6942fe77383825537b0dac6653af9b50312a53fdf3b31efa09
7736e2764e7c7dec820a1f504d39fddae2d4a4812884942e18c610397dd68c13
77844f8a9967802a01bb5d0cf8b18f9cc60d9ea0dd5decab9c034e0b6ff978bf
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
85bd2f4550a0a582f736505c09222857a7f32f683347c85c223d00c18c32105c
8ad605bfbc9f3de4b6441d27d846bbbe60b17e4c9ed22f6c01edb6b1c6c10854
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
91597ebd1078effa815a2c9efd99edeb578081236e9ef503db5a902ffd2370a3
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
9334e8d6841b6224c640fc9c2fb053f998403d52b21388acc5eb99c7c69aed56
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9ded0bb5abaface50de91235f0efb29bb16541560b0c71458d49a740777808a2
a137b6d915c842f317b92af003081805d36f2037062eead04c3cecc3893cc9ab
a374cd80761045b46086558d2a9449f98c578d9f9bd68cc435ae780a845770c6
a4dcfaaaa4f4d90313871b8a906eca5bf3aaced669532f987c685ba90602d74a
a6d363b609156e7caa17a2cf66227e26fcfd9eab20d9040d75c35242f3b541c6
a9499d2bf924cf5b463a7df1edaaa3dfff31928f78f9c99cadd02c93c234256b
ac8177161c3038b07597ec544de3c00f46e1a0aa6b4b4c045ff0495553cc5069
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
b160315ff190f6fff918c65d44f12aa86cec767a318e1b47bb01a1bfc03d3b07
b9e3acc3ea33954ac74406b8bbd9489bba42631dda3b1ebfa20bb8874226a95a
bb2709731f5398ffb835d8845f6f4c78f052d7b7792c810b14d443c0f2094724
c332814fa35de66da44ffb2aa7898ab080f69273fb6da39f231e6792ce19363e
c3c498f811bc404171ad11779e3c81f2da26f27b0e1179b1544c1487030b16e3
c55670ad77526b0eb69b7fab93da3bf979e4197bafffb5e6802d36aed72249fb
c950f9d8711acbcb718c05c7d12d9297acfd418b228382d45c92c36deab49b12
ce64739515c1fb2b75b61cce955a1843453d21819cf66f3a05e1d3771103994f
d1534692570edf73788fe0e066142b9a117f1030170b045051e6d945886e804a
d41638d9d8929ea88d6185dbe6524c662b3bc3833b8a8113e7340c9b8a984b54
d45e0188391946b20f73ca712a3c77295b80e4c7f8995dac0dabdc2122ce1570
d6a3addcd1509a399b7714c1f77162c7c8ad51303c61669a68523a550322722d
d6e90166ca19307f63f11416a0a577b2e0fbd637606a0e04958267bf4581119c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
d9b777b0d099b6622b571c92bee8d4cca8534ce6c4df694c71885245d3fad686
db6a64d66c47c54ce37543b12de52788a6c9b4bb06c75fb1a2f27ffa78bfab9c
dbb8f45730d91bffff8307cfdf7c82e67745d84cb6063a1f3880fadfad59c57d
dee5bf7bc371d1e939a789ad2d0011301678a5536b3e2198ba77fa9f3f639a48
e2133ea83a43fce418675ef1afc5ba543bc9c2a454c8a918297de9415aa39a1e
e2e3a08e1235ce15106a1a97ad345a93bbc360fff185edfbfa688845dd49f975
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa5c14e81c5194c138a3289a71cdf5a2d208f950f070b4fd62f599984cd14e8
ebb74f52d595b97010ee3601e1ed536cccc19ee8ceb78fade65507a34f87c53a
ed25316f9b1fa338342fa7af622e15a20c0123d200c4bdcbfca53ce5fede3a23
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee39f200543ed2cb4276d1b17a4bf957c3c033ec16fb0258bb6306e9746f805e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f543b72b8359cd2d8b5d984eb78940b9c8699f54cfc0564c5c7723e0b350adba
f55e1f32e266bd52e033a890c13d8436c437d2fdf3e860e7162019b7115c2157
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68076d258ba60cb4829845ec536cc80c17a95a9df190c55f8a4f9a0aaaaed4f
f7b19a5f4f817848b38918116cc77d6712324eae91fda54ee546a24d0fa94c1b
fa9422e15e4bf77c5c8a83ecc8a6679f994f5fdd8d1af2e6b9e039199e2c3800
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fd0696ea5d7cd294b7921ddb1b74a7a89de7ff7eedf8cda7ada92ef045004e9f
fe06db86dea162e6e57982c04e1dbcb468f1289de9b6759a0c4a84c65f4cde5f
ff49193961823042609f9a392dda2d1eb41f751f567ba54413f21a837b07c725

www.joint-bonus.biz Open in urlscan Pro 3.1.17.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

99 %HTTPS

86 %IPv6

14 Domains

21 Subdomains

21 IPs

2 Countries

4384 kBTransfer

8294 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.joint-bonus.biz Open in urlscan Pro
3.1.17.18 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

99 %
HTTPS

86 %
IPv6

14
Domains

21
Subdomains

21
IPs

2
Countries

4384 kB
Transfer

8294 kB
Size

11
Cookies

107 HTTP transactions
4 data transactions