urlscan.io logo urlscan.io
SecurityTrails logo

drbaumann.info Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Effective URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Submission: On August 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 1 countries across 13 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in and belongs to . The main domain is drbaumann.info.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time drbaumann.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    23.158.56.123 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 123-56-158-23.clients.gthost.com
b49ec65071.news-xfuguki.cc
11    23.158.56.201 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 201-56-158-23.clients.gthost.com
b9d3b4b579.news-xhigudo.cc
3    136.243.42.50 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de
6108e8a47c.news-xfojuxu.cc
1    173.214.244.181 (None, )

ASN- ()
gpshtb.com
1    188.114.96.3 (None, )

ASN- ()
ykrvt.bestssp.top
17    104.21.10.221 (None, )

ASN- ()
ykrvt.check-tl-ver-297-1.com
cdnstatic.check-tl-ver-297-1.com
4    2a00:1450:4001:82b::2003 (None, )

ASN- ()
www.gstatic.com
2    173.214.240.15 (None, )

ASN- ()
nwstpwrld.com
3    157.90.33.68 (None, )

ASN- ()
system-notify.app
2    157.90.33.121 (None, )

ASN- ()
uidsync.net
1    2a06:98c1:3121::9 (None, )

ASN- ()
bghm.info
14    2a06:98c1:3121::3 (None, )

ASN- ()
drbaumann.info
4    2606:4700:3033::ac43:8b4a (None, )

ASN- ()
burningapril.info
Domain Requested by
14 drbaumann.info nwstpwrld.com
drbaumann.info
11 ykrvt.check-tl-ver-297-1.com 6108e8a47c.news-xfojuxu.cc
ykrvt.check-tl-ver-297-1.com
cdnstatic.check-tl-ver-297-1.com
11 b9d3b4b579.news-xhigudo.cc b49ec65071.news-xfuguki.cc
b9d3b4b579.news-xhigudo.cc
6 cdnstatic.check-tl-ver-297-1.com ykrvt.check-tl-ver-297-1.com
cdnstatic.check-tl-ver-297-1.com
4 burningapril.info 1 redirects
4 www.gstatic.com cdnstatic.check-tl-ver-297-1.com
3 system-notify.app nwstpwrld.com
system-notify.app
3 6108e8a47c.news-xfojuxu.cc 1 redirects b9d3b4b579.news-xhigudo.cc
6108e8a47c.news-xfojuxu.cc
3 b49ec65071.news-xfuguki.cc b49ec65071.news-xfuguki.cc
2 uidsync.net system-notify.app
2 nwstpwrld.com
1 bghm.info 1 redirects
1 ykrvt.bestssp.top 1 redirects
1 gpshtb.com 1 redirects
62 14

This site contains no links.

Subject Issuer Validity Valid
*.news-xfuguki.cc
E5		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.news-xhigudo.cc
E6		 2024-07-23 -
2024-10-21		 3 months crt.sh
*.news-xfojuxu.cc
E5		 2024-07-25 -
2024-10-23		 3 months crt.sh
check-tl-ver-297-1.com
WE1		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
www.tpnwsgm.com
E5		 2024-06-18 -
2024-09-16		 3 months crt.sh
system-notify.app
R10		 2024-06-17 -
2024-09-15		 3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA		 2023-12-30 -
2025-01-29		 a year crt.sh
drbaumann.info
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
burningapril.info
GTS CA 1P5		 2024-06-05 -
2024-09-03		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Frame ID: 8C4C394662DC0635502AAF14B6343C3E
Requests: 57 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/loading.svg?b=12
Frame ID: 5733CDB6F4A233F422C1511F69E6B765
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/play.svg?b=12
Frame ID: 5FDDEC3823D7C6A51AEAF9D4C6C86F73
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/options.svg?b=12
Frame ID: A0D43A77BE51CEE12566EA5E9A8A79B6
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/full.svg?b=12
Frame ID: F71E07385639A33E5E7F5583AC60167D
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/sound.svg?b=12
Frame ID: 29E1295D3EB02F35474E724F08AE7934
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/save.svg?b=12
Frame ID: 57AE34904E0622E95AB24987AF2E97E0
Requests: 1 HTTP requests in this frame

Frame: https://drbaumann.info/media/landings/youtube/images/go.svg?b=12
Frame ID: 2BB9356B6428DD7DC49C5121B399B800
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 HTTP 307
    https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 Page URL
  2. https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&trace... Page URL
  3. https://6108e8a47c.news-xfojuxu.cc/?fingerprint=1d9rncf&i=2&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26... Page URL
  4. https://6108e8a47c.news-xfojuxu.cc/tb?i=2&id=1218717454&land=43&monetization=user&p1=741&p2=&p3=&p4=&traceId=10... HTTP 302
    https://gpshtb.com/go/710?source=741 HTTP 302
    https://ykrvt.bestssp.top/?pl=39kQQACXPESo2MSVRQ8QTg&sub_id=741 HTTP 302
    https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a2... Page URL
  5. https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a2... Page URL
  6. https://cdnstatic.check-tl-ver-297-1.com/ps/tb?id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&click_id=&nrid=a9... Page URL
  7. https://nwstpwrld.com/?source=tk_214151 Page URL
  8. https://bghm.info/rs/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151&ut... HTTP 302
    https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_21... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

62
Requests

97 %
HTTPS

31 %
IPv6

13
Domains

14
Subdomains

11
IPs

1
Countries

300 kB
Transfer

705 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 HTTP 307
    https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 Page URL
  2. https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf Page URL
  3. https://6108e8a47c.news-xfojuxu.cc/?fingerprint=1d9rncf&i=2&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 Page URL
  4. https://6108e8a47c.news-xfojuxu.cc/tb?i=2&id=1218717454&land=43&monetization=user&p1=741&p2=&p3=&p4=&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&type=reject&fingerprint=13xlmxj HTTP 302
    https://gpshtb.com/go/710?source=741 HTTP 302
    https://ykrvt.bestssp.top/?pl=39kQQACXPESo2MSVRQ8QTg&sub_id=741 HTTP 302
    https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648 Page URL
  5. https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648 Page URL
  6. https://cdnstatic.check-tl-ver-297-1.com/ps/tb?id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&click_id=&nrid=a9014a4951ccb5020d9f454f0e9334ec&reason=tb_exit&attempt=1 Page URL
  7. https://nwstpwrld.com/?source=tk_214151 Page URL
  8. https://bghm.info/rs/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151&utm_medium= HTTP 302
    https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4 HTTP 307
  • https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Request Chain 20
  • https://6108e8a47c.news-xfojuxu.cc/tb?i=2&id=1218717454&land=43&monetization=user&p1=741&p2=&p3=&p4=&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&type=reject&fingerprint=13xlmxj HTTP 302
  • https://gpshtb.com/go/710?source=741 HTTP 302
  • https://ykrvt.bestssp.top/?pl=39kQQACXPESo2MSVRQ8QTg&sub_id=741 HTTP 302
  • https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Request Chain 63
  • https://burningapril.info/api/subscription/detect HTTP 307
  • https://burningapril.info/api/subscription/detect?srv=2

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
b49ec65071.news-xfuguki.cc/
Redirect Chain
  • http://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
  • https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
49 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
4589af4451fa2a3ef2d683c543c598636bd7711f840a54568bb24f743378a333
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:23 GMT
server
nginx
vary
Origin
x-frame-options
DENY

Redirect headers

Location
https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Non-Authoritative-Reason
HttpsUpgrades
revopush_v2.js
b49ec65071.news-xfuguki.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b49ec65071.news-xfuguki.cc/revopush_v2.js
Requested by
Host: b49ec65071.news-xfuguki.cc
URL: https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
9caf9858d0001a7deb67ae1573c273f6a7d6e8a16f044c9ee258ffa6c1be0f5f

Request headers

Referer
https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
etag
"66acf6cc-321c"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
12828
landsw_v2.js
b49ec65071.news-xfuguki.cc/ 		0
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://b49ec65071.news-xfuguki.cc/landsw_v2.js
Requested by
Host: b49ec65071.news-xfuguki.cc
URL: https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.123 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
123-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b49ec65071.news-xfuguki.cc/?id=1218717454&p1=741&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:23 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
etag
"66acf6cc-15d2"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
5586
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
/
b9d3b4b579.news-xhigudo.cc/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Requested by
Host: b49ec65071.news-xfuguki.cc
URL: https://b49ec65071.news-xfuguki.cc/revopush_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
063ca3205f86d7b676d4eebc6133272618899436cd34217ee2d00e6869672f43
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://b49ec65071.news-xfuguki.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:24 GMT
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
b9d3b4b579.news-xhigudo.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b9d3b4b579.news-xhigudo.cc/revopush_v2.js
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
9caf9858d0001a7deb67ae1573c273f6a7d6e8a16f044c9ee258ffa6c1be0f5f

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:24 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
etag
"66acf6cc-321c"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
12828
icon1.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon1.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:24 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-1c54"
content-length
7252
content-type
image/png
icon2.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon2.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:24 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-11e0"
content-length
4576
content-type
image/png
icon3.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon3.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:24 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-1ea7"
content-length
7847
content-type
image/png
icon4.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon4.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:24 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-1b78"
content-length
7032
content-type
image/png
icon5.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon5.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:25 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-cc0"
content-length
3264
content-type
image/png
icon7.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon7.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:25 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-cd3"
content-length
3283
content-type
image/png
icon8.png
b9d3b4b579.news-xhigudo.cc/lands/39/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/img/icon8.png
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:25 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-fe0"
content-length
4064
content-type
image/png
landsw_v2.js
b9d3b4b579.news-xhigudo.cc/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://b9d3b4b579.news-xhigudo.cc/landsw_v2.js
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:25 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
etag
"66acf6cc-15d2"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
5586
favicon.png
b9d3b4b579.news-xhigudo.cc/lands/39/ 		589 B
709 B 		Other
General
Check archive.org
Download Go to
Full URL
https://b9d3b4b579.news-xhigudo.cc/lands/39/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.158.56.201 Frankfurt am Main, Germany, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS
201-56-158-23.clients.gthost.com
Software
nginx /
Resource Hash
53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/?i=1&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4&fingerprint=1d9rncf
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:25 GMT
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
accept-ranges
bytes
etag
"66acf6cc-24d"
content-length
589
content-type
image/png
/
6108e8a47c.news-xfojuxu.cc/ 		49 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6108e8a47c.news-xfojuxu.cc/?fingerprint=1d9rncf&i=2&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Requested by
Host: b9d3b4b579.news-xhigudo.cc
URL: https://b9d3b4b579.news-xhigudo.cc/revopush_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
87fb3e0be6e22be8e6bf236450bbe771d883527fabdac4c7d7146af9437c2129
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://b9d3b4b579.news-xhigudo.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:28 GMT
server
nginx
vary
Origin
x-frame-options
DENY
revopush_v2.js
6108e8a47c.news-xfojuxu.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://6108e8a47c.news-xfojuxu.cc/revopush_v2.js
Requested by
Host: 6108e8a47c.news-xfojuxu.cc
URL: https://6108e8a47c.news-xfojuxu.cc/?fingerprint=1d9rncf&i=2&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.243.42.50 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.50.42.243.136.clients.your-server.de
Software
nginx /
Resource Hash
9caf9858d0001a7deb67ae1573c273f6a7d6e8a16f044c9ee258ffa6c1be0f5f

Request headers

Referer
https://6108e8a47c.news-xfojuxu.cc/?fingerprint=1d9rncf&i=2&id=1218717454&p1=741&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&traceid=0e9a815c-8430-4449-9366-66c99e2580b4
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:28 GMT
content-encoding
gzip
last-modified
Fri, 02 Aug 2024 15:10:04 GMT
server
nginx
etag
"66acf6cc-321c"
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
12828
landsw_v2.js
6108e8a47c.news-xfojuxu.cc/ 		0
0
/
ykrvt.check-tl-ver-297-1.com/allow-button/
Redirect Chain
  • https://6108e8a47c.news-xfojuxu.cc/tb?i=2&id=1218717454&land=43&monetization=user&p1=741&p2=&p3=&p4=&traceId=103f7d8c-9cf3-4003-b26a-8aca41f3655e&type=reject&fingerprint=13xlmxj
  • https://gpshtb.com/go/710?source=741
  • https://ykrvt.bestssp.top/?pl=39kQQACXPESo2MSVRQ8QTg&sub_id=741
  • https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
11 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Requested by
Host: 6108e8a47c.news-xfojuxu.cc
URL: https://6108e8a47c.news-xfojuxu.cc/revopush_v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c2846f0b6dad203a86f274b36836b591b0ca859e153d4bae8255e488d28d8902

Request headers

Referer
https://6108e8a47c.news-xfojuxu.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ad12e493812372f-FRA
content-encoding
br
content-type
text/html
date
Fri, 02 Aug 2024 21:32:29 GMT
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SmuedCUJraP1qRBlQ0ERghQ35NiaAPl2uDAWaO8TK4mlb%2BGQ%2BUQFw6mquzuWfbakjhm6qcjdKg1FxdZ4cOJ%2Bvaf6oWxuWxmvzvdHncw3qEIS6I5E7VttqObPG3w5hBFL%2BzqsLRGBvU%2B2DzRGfFv6"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ad12e48ac849217-FRA
content-length
0
date
Fri, 02 Aug 2024 21:32:28 GMT
location
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lj4Ndm%2Fn%2BQ8DiVHM3q8nh1jEJVijq7klTTLObaA2azZxSXaEfuZbqdRz3Xwg72ECFiOGX%2FYglpu%2F5uzX9lRbovmoiuySAIcFOTvd5y0bjH9MYVWkIoYWUCV2Sp1bstMLy%2BPACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
ykrvt.check-tl-ver-297-1.com/allow-button/assets/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/assets/trls.js
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a89193-1e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3%2FoDtK1jwckRUThZUz%2BQU2uhKgmPmR1K4kmcHQUmmSZx%2F0tVNzL7PRgpY%2BnULc4N0DfL7bPrmMXSluS66vdJScPwEIoyeY5wFYcYb6gXDXogCYJ15Dah5DzfnuVv5AsgdxtvmIVnX5IGxEhkpf2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e499874372f-FRA
alt-svc
h3=":443"; ma=86400
style.css
ykrvt.check-tl-ver-297-1.com/allow-button/assets/ 		595 B
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/assets/style.css
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a89193-253"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpxavQIOqnZ4p7htJyLR%2BZXc3CJ0xsnuvdL5MWJy92vR1iXYyHfmtN55CCX75rh%2BT%2BBVw4qpoldjSmNfYMNhVOsbmVFS%2FH6IVSu7YfCpMoFbS%2BRBn1gPBsB7cAFYcnCIsUZn0LBAMwgylhoCLRC6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ad12e499878372f-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
ykrvt.check-tl-ver-297-1.com/shared-js/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/shared-js/assets/static-pl.js?v=4
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b93d1602b0cc91235d5957fcbdbf2839ed8f3e7584e5efe74e3c6f3d2f061c

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3405
etag
W/"66a89193-ea0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMXUrYKJtPVaIsy6e8HV8G2zty6f3xvjLQk6oIIT3amJJBHR3W8LnfamaRLWirecIYV1YQphCwz0%2B%2Ba6pdH8N3ZlU13DqkfMGYvtxMp6ErUFjf%2FEpANyVQnhl5qq7AdRbyLOwsLGzvVS6fy4JKiD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e49987b372f-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
ps.js
cdnstatic.check-tl-ver-297-1.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/shared-js/assets/static-pl.js?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3078d3b1b544d4791878ce64060919936ac1a154e256af9a92a8244159a0fdfd

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDbH5NR4lew4xYw38WnjAoU26b%2FNvAX7FunFZeqHq7P2B4gAdhtqO2NGmSChNkWPfLnxFKQ40qqHi3cqN9nhehoSaZ2nb%2F3ALCmsv8WiyvWCVU7UFUu8%2Bk%2F56%2BGz5cP%2BbuishSnKANdJ9%2FGZ9vAmLbY9Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8ad12e4a08fe372f-FRA
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.check-tl-ver-297-1.com/ps/ 		360 B
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/ps/config.js?id=39kQQACXPESo2MSVRQ8QTg
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9798fa6c4c90f3700bea63432cd92dcd7d2c458df9ca3a6f3864df00106e9bf7

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S59%2B2Jvga8CzEbuEiF6OP3ucPT5i1dQKlvevJ9JNQ5Z4hGrQS7URPxybrk3ChMdalBaybBX4x8rmDGqf6%2F6aqNvrgL49Dye5NUZ9n6Y0X5LnJGox6MMVRCbMO9IrC%2FIT7gcQRtpyBRMM%2FobKBIVUtc7bSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8ad12e4a5956372f-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Jul 2025 15:26:58 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Jul 2025 17:12:38 GMT
favicon.ico
ykrvt.check-tl-ver-297-1.com/ 		0
418 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2238
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfGN222spbNhvJZN4AZJjzv1jXIZTkDmOO2%2F23yZBGE578y7NU2Uq4rkDnFiTdj8bNyEUGYtFTMC0jz8evOSldt9F050UcI1ZkOVw%2BwSUG4iEkJQuPfEMg9CHd%2F%2F3ptbdqU3NYzTq9kRj%2F9Oso5Q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8ad12e4afa2d372f-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
ykrvt.check-tl-ver-297-1.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2238
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfGN222spbNhvJZN4AZJjzv1jXIZTkDmOO2%2F23yZBGE578y7NU2Uq4rkDnFiTdj8bNyEUGYtFTMC0jz8evOSldt9F050UcI1ZkOVw%2BwSUG4iEkJQuPfEMg9CHd%2F%2F3ptbdqU3NYzTq9kRj%2F9Oso5Q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8ad12e4afa2d372f-FRA
alt-svc
h3=":443"; ma=86400
/
ykrvt.check-tl-ver-297-1.com/allow-button/ 		11 KB
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c2846f0b6dad203a86f274b36836b591b0ca859e153d4bae8255e488d28d8902

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ad12e56c8d0372f-FRA
content-encoding
br
content-type
text/html
date
Fri, 02 Aug 2024 21:32:31 GMT
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UsCG4CWF3RWxaXjom279K9Cm4zZQoXB%2BxIL6P9CzlEQjWbNOEvTLMw7jJNezesVe5oB5xy6BU%2Bb11vyvFKp6fDwdHHFZcMnB2x63EPPQUYyVPREkJYnywvaEuvEFcdyus9LIl8EZY0YAPUSjKX3u"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
ykrvt.check-tl-ver-297-1.com/allow-button/assets/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/assets/trls.js
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a89193-1e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3%2FoDtK1jwckRUThZUz%2BQU2uhKgmPmR1K4kmcHQUmmSZx%2F0tVNzL7PRgpY%2BnULc4N0DfL7bPrmMXSluS66vdJScPwEIoyeY5wFYcYb6gXDXogCYJ15Dah5DzfnuVv5AsgdxtvmIVnX5IGxEhkpf2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e499874372f-FRA
alt-svc
h3=":443"; ma=86400
style.css
ykrvt.check-tl-ver-297-1.com/allow-button/assets/ 		595 B
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/allow-button/assets/style.css
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66a89193-253"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dpxavQIOqnZ4p7htJyLR%2BZXc3CJ0xsnuvdL5MWJy92vR1iXYyHfmtN55CCX75rh%2BT%2BBVw4qpoldjSmNfYMNhVOsbmVFS%2FH6IVSu7YfCpMoFbS%2BRBn1gPBsB7cAFYcnCIsUZn0LBAMwgylhoCLRC6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ad12e499878372f-FRA
alt-svc
h3=":443"; ma=86400
static-pl.js
ykrvt.check-tl-ver-297-1.com/shared-js/assets/ 		4 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/shared-js/assets/static-pl.js?v=4
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c6b93d1602b0cc91235d5957fcbdbf2839ed8f3e7584e5efe74e3c6f3d2f061c

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 30 Jul 2024 07:09:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3405
etag
W/"66a89193-ea0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gMXUrYKJtPVaIsy6e8HV8G2zty6f3xvjLQk6oIIT3amJJBHR3W8LnfamaRLWirecIYV1YQphCwz0%2B%2Ba6pdH8N3ZlU13DqkfMGYvtxMp6ErUFjf%2FEpANyVQnhl5qq7AdRbyLOwsLGzvVS6fy4JKiD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e49987b372f-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
ps.js
cdnstatic.check-tl-ver-297-1.com/ps/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Requested by
Host: ykrvt.check-tl-ver-297-1.com
URL: https://ykrvt.check-tl-ver-297-1.com/shared-js/assets/static-pl.js?v=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a06501736514d2886980687234b5764bfabeccd650305c281af15c1e6a10a973

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:31 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a8OiAjo4FAfig6xWMMsu3diUWkiZer%2Fy8kD5d1rQ92%2FdgFyu0%2B8D8kvqEPtkHASX0dN8qesGsXqOuajow7pHK2qS644sAZNCJu1eNVk%2FMsn6VxQtRJZWxsSZ75iMRwI43leKqdnzs2mijwAALOgJd4iv%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8ad12e572931372f-FRA
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.check-tl-ver-297-1.com/ps/ 		360 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/ps/config.js?id=39kQQACXPESo2MSVRQ8QTg
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:31 GMT
content-encoding
gzip
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B4DZ%2Bv7llcCVATb6SBM1wyBj3YIFQRwqlaEHgjL98tEO%2Bh4c3nEe8FObYhs2lP5sGXIMQ2Yrq7dImxuwY7a4qyOw3AmS0QQcz9g%2B%2Fj8zoCONol4mMmu0C5xLKZTjbCY1tfc7PEzozd4PUDv5roocp6DOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
8ad12e575994372f-FRA
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 15:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
281131
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Jul 2025 15:26:58 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		37 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 17:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
274791
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9934
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:50 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Jul 2025 17:12:38 GMT
favicon.ico
ykrvt.check-tl-ver-297-1.com/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://ykrvt.check-tl-ver-297-1.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/allow-button/?pl=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&nrid=73a201d3119344c8a2a2e20db1333ae5&hash=WnDXY3Yaxzn_12L0cL-YDw&exp=1722634648
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2238
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YfGN222spbNhvJZN4AZJjzv1jXIZTkDmOO2%2F23yZBGE578y7NU2Uq4rkDnFiTdj8bNyEUGYtFTMC0jz8evOSldt9F050UcI1ZkOVw%2BwSUG4iEkJQuPfEMg9CHd%2F%2F3ptbdqU3NYzTq9kRj%2F9Oso5Q"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8ad12e4afa2d372f-FRA
alt-svc
h3=":443"; ma=86400
tb
cdnstatic.check-tl-ver-297-1.com/ps/ 		258 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/ps/tb?id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&sub_id=741&click_id=&nrid=a9014a4951ccb5020d9f454f0e9334ec&reason=tb_exit&attempt=1
Requested by
Host: cdnstatic.check-tl-ver-297-1.com
URL: https://cdnstatic.check-tl-ver-297-1.com/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=39kQQACXPESo2MSVRQ8QTg&sm=allow-button&click_id=&sub_id=741&appspot=&d=https%3A%2F%2Fcdnstatic.check-tl-ver-297-1.com&timeout=180&tb=true&nrid=73a201d3119344c8a2a2e20db1333ae5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5dbb9e1c9ff0df88505e690a4846bc5effa76adc38a787d7a724bba48fb1a1

Request headers

Referer
https://ykrvt.check-tl-ver-297-1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ad12e57ba19372f-FRA
content-encoding
br
content-type
text/html
date
Fri, 02 Aug 2024 21:32:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hH5NvBvotjeSkL1FO%2FIpCWHDjILVEJoUqPQ5TS%2BnvJa4mm7vrAw%2BYB6QBUNxxczwY9efqN6dnZDcx1sfQMRNjUCbdXy4d8z7Le28I4q5KERtGyGFrrIm8Px8p95KwIlZkHic3Ab0fTDmC0oPZmMi%2Fensnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
nwstpwrld.com/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nwstpwrld.com/?source=tk_214151
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
81f5a8805662d28e6144000fc6211c90fc9a73f18ee03b025737f2f82f5cc479

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:31 GMT
server
nginx
favicon.ico
cdnstatic.check-tl-ver-297-1.com/ 		0
422 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.check-tl-ver-297-1.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.10.221 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
480
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HosSVhui5hC9frVZenumhi7OL361Eqf2ivTO%2BirF491DjNb5PfFoh4Y8GziEyfn1hEABnFwTjA2FDGYfg5MTVeclfDMxXexeMg%2FpBAsMLILvkAmd1i8z%2F9GTKrKeYp2sGhjGmWQjh2bFAK4YCP1L8Y0WvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8ad12e582b12372f-FRA
alt-svc
h3=":443"; ma=86400
sdk.js
system-notify.app/f/ 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://system-notify.app/f/sdk.js?z=1223433
Requested by
Host: nwstpwrld.com
URL: https://nwstpwrld.com/?source=tk_214151
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 -, , ASN (),
Reverse DNS
Software
Angie /
Resource Hash
94e60ab438f17f0a9720eac38a985353d04e941e0bc589f5d3e03450af8e89e7

Request headers

Referer
https://nwstpwrld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:31 GMT
content-encoding
gzip
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
server
Angie
content-length
15353
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
event
system-notify.app/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://system-notify.app/event?z=1223433
Requested by
Host: system-notify.app
URL: https://system-notify.app/f/sdk.js?z=1223433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 -, , ASN (),
Reverse DNS
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nwstpwrld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 21:32:31 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nwstpwrld.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
favicon.ico
nwstpwrld.com/lnd/ 		548 B
245 B 		Other
General
Check archive.org
Download Go to
Full URL
https://nwstpwrld.com/lnd/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
173.214.240.15 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
https://nwstpwrld.com/?source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:32 GMT
content-encoding
gzip
server
nginx
content-type
text/html
sync
uidsync.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=yx26YI8c3h8EGit3q0C2LN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 -, , ASN (),
Reverse DNS
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nwstpwrld.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nwstpwrld.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Fri, 02 Aug 2024 21:32:32 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
sync
uidsync.net/ 		62 B
706 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://uidsync.net/sync?user_id=yx26YI8c3h8EGit3q0C2LN
Requested by
Host: system-notify.app
URL: https://system-notify.app/f/sdk.js?z=1223433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.121 -, , ASN (),
Reverse DNS
Software
Angie /
Resource Hash
8094fa8ee912e6f2358715282fb3728af7037a6974be2dd6e8adbe0ce5d43b00

Request headers

Referer
https://nwstpwrld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 21:32:32 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nwstpwrld.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
62
expires
Tue, 11 Jan 1994 00:00:00 GMT
event
system-notify.app/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://system-notify.app/event?z=1223433
Requested by
Host: system-notify.app
URL: https://system-notify.app/f/sdk.js?z=1223433
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 -, , ASN (),
Reverse DNS
Software
Angie /
Resource Hash

Request headers

Referer
https://nwstpwrld.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 02 Aug 2024 21:32:33 GMT
server
Angie
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nwstpwrld.com
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
content-length
0
expires
Tue, 11 Jan 1994 00:00:00 GMT
Primary Request 53275
drbaumann.info/r/youtube/
Redirect Chain
  • https://bghm.info/rs/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151&utm_medium=
  • https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Requested by
Host: nwstpwrld.com
URL: https://nwstpwrld.com/?source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1065398fc3bcceb5a58f7b5ce629801668dd98d89a68d4d19e5e26c027cfddca
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://nwstpwrld.com/?source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ad12e64b84b4d37-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3IpUBWIdtyip%2FM6mWhf%2FPCu7GikADOCTiEEN%2BdxzxPE3LlA0AqGbqly6qrlPO6eQGbv7lmkjMa3SDrbkU%2Bji%2Fuw0dykfDghkx%2FcGxWVR5xXfTW57%2BoO5ASIFz2o0B9%2B3eAn2ci9ZpqDYnvJug%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=7776000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8ad12e643a5371cd-FRA
content-type
text/html; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:33 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VOr4pebkxufVsd0D4Jl%2FNLPf2w2aeDWAc9qbeoLC0gL9bG8xGUgBUTE2ap%2BqtdpTUSEwKnwPzbRmVElFDWs8M%2BjrpUKnLnT3a4BwvAx92%2FnRGnrnpw258vXVlkvPTyAqCWBoDE9egfU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=7776000; includeSubDomains
style.css
drbaumann.info/media/landings/youtube/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/css/style.css?b=42
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6e2c6ad798c6fc032041052378e84a4e2d0b322b68f4fa3c11c79e73d0148b1a

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1515
etag
W/"63b61279-8e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrHxSCx4i3h229IkQEGoH64p%2F2nS8JR4k5u2mf5cEswmF7Ts30iKCyVaTOj9cSNfUCkCiVdz6CQcQ57%2F5EI6Ge5S1EIw0drRYGEyjiVGIgHvEy6uHocU7G%2B%2FX1L12IN7PpDEBMNRxCGTcs%2FVPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8ad12e6518ad4d37-FRA
alt-svc
h3=":443"; ma=86400
push-wrap.js
drbaumann.info/script/ 		70 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/script/push-wrap.js?b=57
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
96db18a9d620229c34b83414537bfa9d7b89ddce08c5f2d06709f8e2467cc3b4
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
strict-transport-security
max-age=7776000; includeSubDomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="push-wrap.js"
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 02 Aug 2024 21:30:00 GMT
server
cloudflare
etag
W/"qTI+EsgHqhc+PT1jjFZwGQ7dZSQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l8Y55jop%2FOkMhEeDlqmvhdjXzIEdHpsKYkhpP%2Fg5JDYUvETOv0Yy2EXyFvbcq9OjRtZL02l1ZRxURCmn1oGj7NCrAzHhJC0fPK%2B83qtbbV0YYdO4vfGSX1NDz3jyXofwLbw3uqdbu5n%2F4MSdOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8ad12e6518b24d37-FRA
expires
Fri, 02 Aug 2024 22:32:33 GMT
block.js
drbaumann.info/ 		142 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/block.js?b=42
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3555
etag
W/"63b61279-8e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnMvoROiZmyPeNEFkwHClZ5Ij7k01oaP8%2BvK22iWGPq%2B%2FifbNR31gtq9mn1pHEJUMEjV30eJSDqidlaAoFlcCL4%2FibIiQJh705lHLxAql3mO2h6OSITH8POn2BwqGOFMffljqchrehE0lfkcfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e6528b84d37-FRA
alt-svc
h3=":443"; ma=86400
main.js
drbaumann.info/media/landings/youtube/js/ 		636 B
734 B 		Script
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/js/main.js?b=42
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
22bdf4d5c184ec6bd1849d5963cf54d2cd7ae991f9fb4c29429c254937f27223

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2141
etag
W/"63b61279-27c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCv5rqxYWblSHSzTqljqGb389Tg5Yh%2B8lJTElpStITOI%2FfriVFD9vFTCGhmdHQyun59gtdg23hBl67TGNod0eTiFjYsGbZ95YwNkwAsW9%2B2KIjQPtXks7GmABV1EfG4ottGwlPAJ3I183hCJhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8ad12e6528ba4d37-FRA
alt-svc
h3=":443"; ma=86400
push.js
drbaumann.info/script/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/script/push.js?b=57
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/script/push-wrap.js?b=57
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2543a3d57d775606c2985e4996981b4b16aea5d64e0dd0fb6d70f3ae75e2b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=7776000; includeSubDomains

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
strict-transport-security
max-age=7776000; includeSubDomains
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="push.js"
alt-svc
h3=":443"; ma=86400
pragma
public
last-modified
Fri, 02 Aug 2024 21:30:00 GMT
server
cloudflare
etag
W/"2MuGILUQOayqvDa+Ia23ueN1AkI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtuswFGJWy3wQXuzp3Nz0UpmodaPwoO1S2GfweZHPc19LFoZ9J489t709mt332V3qnOzpiqJ%2FLq91CdimO9m16qrhcSGvfRyaitbnC%2BEHTL1I564aJ6B5pt87ofOGaHPZiIDKEtlGX7rV%2BrMBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
8ad12e6579394d37-FRA
expires
Fri, 02 Aug 2024 22:32:33 GMT
loading.svg
drbaumann.info/media/landings/youtube/images/ Frame 5733 		862 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/loading.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
81beab714f69d6457535c73267fe6c30b1ab0bf8e03de425fdf9f87de3b465ff

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6589524d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-35e"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIHoqfqsCm%2FdNOzjdMwdI%2Ff71VC%2BgFG8dSkKyTmFvlf9SZnMgmFGPo%2BrkIRBMIaN77WnuTJJ7QWX4X7UnOZWFVcBuiSZ6P3xurhkIYoSgc34AUjihEN%2BvDdhBM3o7toeo8s1QCA%2BNHakVGJDlA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
play.svg
drbaumann.info/media/landings/youtube/images/ Frame 5FDD 		132 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/play.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b676c958383a6239980ae0655df9d7b9b9035db22d7e7dac1af15e95abd55e9a

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6599574d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-84"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oONUZWg0e%2FMe%2BWgVVnk%2FJgkbNm7F%2BnuriKuUqQXzqXH23D4xI%2BaYDmzyq8OoLLelLSbzivaRO0kmjoiujr1n%2FWBIyw1JOeFL2ycrUK1Du5PprPK%2BH%2Bqrbl%2FFBkOfy5hKvqLhQtSAfkw2113NMg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
options.svg
drbaumann.info/media/landings/youtube/images/ Frame A0D4 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/options.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3894e15214e364294997c76be3fc9b874c0ecbf03aff4ac44af1208b7e5f2c

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e65995d4d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-5f7"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6fr5LHVuRIG%2B1%2BtRCHkr0l0SC7qMMY9Gz33lgzSo0KTt20YW2qdsho4NxCkPehPhWu5dxbxOZDlEPYftnvihLbODMQQSta3SROK1dyVJ5v6Dz0oz%2BEWCRw1%2BJQT37qALGTFVuQQv79H82mzYYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
full.svg
drbaumann.info/media/landings/youtube/images/ Frame F71E 		305 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/full.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4467eed0b4cc6bb87db9f108d4ac0a13ac914e080628a769b159c285cede542d

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6599624d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-131"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a9ZNnKRNKr4tjNSXnkRyNc%2BXFWyneIvlrXOkwWmo%2FgaMq1LG85ql%2Bj4d%2FB%2FvZhhT6bfrs2f2ChRBM7%2Fx9sL3tT4ug4tC0OazhsBTydr5WLwiwpcnZykoYDPtfl%2B0GevAq%2BoMOG3XgOIzNn7vjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sound.svg
drbaumann.info/media/landings/youtube/images/ Frame 29E1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/sound.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fd50b17f7017b34864ab2a28e3ea3432b939de3f692c5beae8070add8c92a0c1

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6599714d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-56c"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ld0PZy26WIGHkcqgc6ng%2BkGOL12SZlTBmbCtDE%2FTjWpXu5Zsfe%2Bha25W9SbNEYknRYGwKUbnNw7w3RzVG4z0c0AZyeq9n1d%2FAIOtslf%2FxQe0fOGWv9SBwQnxx8kLGjnuSwnBRMb%2B0Yr44KbtsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
save.svg
drbaumann.info/media/landings/youtube/images/ Frame 57AE 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/save.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1332e9a816bb46b234e53ab0f1bb1586f027e2a5ec13f728fe3999342e92c9e

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6599724d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-416"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZG6QtIYUSMtBSdJ7aDHfs2%2FMQ4SB16vvMthhGA4fA4a1JweIiP%2FJrJ5eoBfbFS%2FvYIIWM2qSZ9EhMbhPBR%2BLFXZb6A8BbzQGySr%2BPboLN0bvw8QeTCixKxODSvz3WNk2ELP4klZvs%2FxF5ryJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
go.svg
drbaumann.info/media/landings/youtube/images/ Frame 2BB9 		236 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/youtube/images/go.svg?b=12
Requested by
Host: drbaumann.info
URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
16cddcdbd6bf8d468f42088ad5bb8646ad63e542ecc5ef079fd7203211f5eb5b

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

age
2140
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
8ad12e6599754d37-FRA
content-encoding
br
content-type
image/svg+xml
date
Fri, 02 Aug 2024 21:32:33 GMT
etag
W/"63b61279-ec"
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AaXNjIyAhRjWhnCTqNdMsH8ZQU1uo8FdSdqubd%2Fq0e8oW9Ha7zzgY0RgONafo9JoU48V75KlvxKA83t1rnm%2B7soktG1LFvJH8aiwcsBcHhIl%2BJqQPvBocNe6Kzya1JLzUzmbc6%2FhA6y%2FjChxUg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
favicon.ico
drbaumann.info/media/landings/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://drbaumann.info/media/landings/favicon.ico?b=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aba03bde056d15a14bcfa41a0a73bd3f9dcf329c42bfa593fef8de629a7f9e52

Request headers

Referer
https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:57:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3187
etag
W/"63b61279-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwnGrmNfOSNW5B9mZeDlLPvqaHoRE0jiH6vriIMpnrk9F%2B8F53ct%2Bg%2FDXQovD3yuxZ6lNt5Ke4t6kXg0wb9eb%2FIfZ8NhQUI7fXIz%2FUzZiYCuuHvml1HmT0MFtyA%2Fmet9Z8BUAsIZHURxDh5%2F2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8ad12e662a334d37-FRA
alt-svc
h3=":443"; ma=86400
detect
burningapril.info/api/subscription/
Redirect Chain
  • https://burningapril.info/api/subscription/detect
  • https://burningapril.info/api/subscription/detect?srv=2
93 B
895 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://burningapril.info/api/subscription/detect?srv=2
Protocol
H3
Server
2606:4700:3033::ac43:8b4a -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf54f14f16282721305fa1780d90aad065d80bdd1e207b6375500a6f5ae3094

Request headers

Referer
https://drbaumann.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 02 Aug 2024 21:32:33 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
-: Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UnTsyAt1lxNU7T7%2BISWgT%2FEzzl6MJf4MbT1ePWVhky95pEW%2Fq4kiORP2M6zTAVveCAfYbc12EfMb2qGcrlyO47XWitmYC%2Fpj7ANqVCJuICqm4wvLFont6qJcUh%2Fp7%2FQoNTMkMfBnecoIPWc12USwqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://drbaumann.info
access-control-expose-headers
*
access-control-allow-credentials
true
cf-ray
8ad12e6748f6371a-FRA
access-control-allow-headers
Content-type
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 02 Aug 2024 21:32:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
-: Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zPj1eJZkQpX%2FSyWF2WDFV120kmHTR5BxOWmmI1sadByxmMkVree74l1ZNCX10GT9afkK%2BKHD%2BEGOoN9KoCHDyzdJUuQ8AifMCTDf1ZcnQ11N5WQ3O7Lwgq5OBM42apCFOokQxv1QVy6u4kDU3BLTOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
location
https://burningapril.info/api/subscription/detect?srv=2
access-control-allow-origin
https://drbaumann.info
access-control-expose-headers
*
access-control-allow-credentials
true
cf-ray
8ad12e66e864371a-FRA
access-control-allow-headers
Content-type
alt-svc
h3=":443"; ma=86400
detect
burningapril.info/api/subscription/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://burningapril.info/api/subscription/detect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b4a -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://drbaumann.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-type
access-control-allow-origin
https://drbaumann.info
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ad12e6699be2baf-FRA
content-encoding
br
content-type
application/json; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EQOCcQ9AMJC%2FNpUvta1sEpSrPuAYvnlJGo2dSeW5EtNrKNfUOdUo6PABrk47RA1yfBbRxlX9nL%2FRkYs3xDL89xirUjSlbpq%2FIl%2F0dEt1GaEXC9oErjIdpHE3BgAFptA3mClWqtw6T87zxiB4amga6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
-: Origin
detect
burningapril.info/api/subscription/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://burningapril.info/api/subscription/detect?srv=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:8b4a -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://drbaumann.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-type
access-control-allow-origin
https://drbaumann.info
access-control-expose-headers
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ad12e671a512baf-FRA
content-encoding
br
content-type
application/json; charset=UTF-8
date
Fri, 02 Aug 2024 21:32:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LcpGnPZNaPoxLVAZ3%2FJAidTXBHdks0wBe3qOTQVXultCfueWRHd4DrHJv96nKYxPw5BZgXOMjk1M9RePBhJZtxaNc6m2%2FqOXVfCxbcNbmHr7KS8%2Fai%2FiIxrEon%2F2BdE3NcwmNefm8R9EntzSW6LbzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
-: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
6108e8a47c.news-xfojuxu.cc
URL
https://6108e8a47c.news-xfojuxu.cc/landsw_v2.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _GLOBALS object| webpackChunklands_static

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://nwstpwrld.com/lnd/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://drbaumann.info/r/youtube/53275?count=1&declCount=1&fullScreenMode=disabled&utm_source=tk_214151
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6108e8a47c.news-xfojuxu.cc
b49ec65071.news-xfuguki.cc
b9d3b4b579.news-xhigudo.cc
bghm.info
burningapril.info
cdnstatic.check-tl-ver-297-1.com
drbaumann.info
gpshtb.com
nwstpwrld.com
system-notify.app
uidsync.net
www.gstatic.com
ykrvt.bestssp.top
ykrvt.check-tl-ver-297-1.com
6108e8a47c.news-xfojuxu.cc
104.21.10.221
136.243.42.50
157.90.33.121
157.90.33.68
173.214.240.15
173.214.244.181
188.114.96.3
23.158.56.123
23.158.56.201
2606:4700:3033::ac43:8b4a
2a00:1450:4001:82b::2003
2a06:98c1:3121::3
2a06:98c1:3121::9
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
063ca3205f86d7b676d4eebc6133272618899436cd34217ee2d00e6869672f43
0a5dbb9e1c9ff0df88505e690a4846bc5effa76adc38a787d7a724bba48fb1a1
1065398fc3bcceb5a58f7b5ce629801668dd98d89a68d4d19e5e26c027cfddca
16cddcdbd6bf8d468f42088ad5bb8646ad63e542ecc5ef079fd7203211f5eb5b
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
22bdf4d5c184ec6bd1849d5963cf54d2cd7ae991f9fb4c29429c254937f27223
2543a3d57d775606c2985e4996981b4b16aea5d64e0dd0fb6d70f3ae75e2b0a3
3078d3b1b544d4791878ce64060919936ac1a154e256af9a92a8244159a0fdfd
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
3efcd61ce47244f47b15c9f5d5749f79b2ddd57e51ebf995267ab02d4dcf2180
4467eed0b4cc6bb87db9f108d4ac0a13ac914e080628a769b159c285cede542d
4589af4451fa2a3ef2d683c543c598636bd7711f840a54568bb24f743378a333
47b8e33e29528d52649a476908377defe05da7bdfb68a708eea2e18aac42ab1e
4bf54f14f16282721305fa1780d90aad065d80bdd1e207b6375500a6f5ae3094
53466f7f446de27529a565f88bfe3179dd83d6a9fcfab5942dcb13bd6aeb7ce5
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
6e2c6ad798c6fc032041052378e84a4e2d0b322b68f4fa3c11c79e73d0148b1a
8094fa8ee912e6f2358715282fb3728af7037a6974be2dd6e8adbe0ce5d43b00
81beab714f69d6457535c73267fe6c30b1ab0bf8e03de425fdf9f87de3b465ff
81f5a8805662d28e6144000fc6211c90fc9a73f18ee03b025737f2f82f5cc479
87fb3e0be6e22be8e6bf236450bbe771d883527fabdac4c7d7146af9437c2129
94e60ab438f17f0a9720eac38a985353d04e941e0bc589f5d3e03450af8e89e7
96db18a9d620229c34b83414537bfa9d7b89ddce08c5f2d06709f8e2467cc3b4
9798fa6c4c90f3700bea63432cd92dcd7d2c458df9ca3a6f3864df00106e9bf7
9caf9858d0001a7deb67ae1573c273f6a7d6e8a16f044c9ee258ffa6c1be0f5f
9f3894e15214e364294997c76be3fc9b874c0ecbf03aff4ac44af1208b7e5f2c
a06501736514d2886980687234b5764bfabeccd650305c281af15c1e6a10a973
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
aba03bde056d15a14bcfa41a0a73bd3f9dcf329c42bfa593fef8de629a7f9e52
b1332e9a816bb46b234e53ab0f1bb1586f027e2a5ec13f728fe3999342e92c9e
b676c958383a6239980ae0655df9d7b9b9035db22d7e7dac1af15e95abd55e9a
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c2846f0b6dad203a86f274b36836b591b0ca859e153d4bae8255e488d28d8902
c6b93d1602b0cc91235d5957fcbdbf2839ed8f3e7584e5efe74e3c6f3d2f061c
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e992932bc74e41cb59108c3700c7bd98f941c475ac2a19d2c0b48964551901f2
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
fd50b17f7017b34864ab2a28e3ea3432b939de3f692c5beae8070add8c92a0c1