norfolkfxtrader.systeme.io Open in urlscan Pro
18.154.63.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://norfolkfxtrader.systeme.io/
Effective URL:
https://norfolkfxtrader.systeme.io/
Submission: On December 17 via api (December 17th 2023, 2:48:09 pm UTC) from US — Scanned from DE

Summary HTTP 187 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 187 HTTP transactions. The main IP is 18.154.63.2, located in United States and belongs to AMAZON-02, US. The main domain is norfolkfxtrader.systeme.io.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 26th 2023. Valid for: a year.

This is the only time norfolkfxtrader.systeme.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.154.63.112 18.154.63.112	16509 (AMAZON-02) (AMAZON-02)
3	18.154.63.2 18.154.63.2	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
9	2600:9000:224... 2600:9000:224a:1c00:1c:d937:ae40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 75	2606:4700::68... 2606:4700::6812:1ad0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
9	2606:4700:20:... 2606:4700:20::ac43:44d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:231... 2600:9000:2315:8400:f:a462:c1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2600:9000:206... 2600:9000:206f:8200:f:e793:dc40:21	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.49.214.81 52.49.214.81	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:224... 2600:9000:224a:4e00:10:6a77:5f80:93a1	16509 (AMAZON-02) (AMAZON-02)
10	54.211.100.135 54.211.100.135	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:cc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6812:dc0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
187	20

1 18.154.63.112 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-112.dus51.r.cloudfront.net

norfolkfxtrader.systeme.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.63.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-2.dus51.r.cloudfront.net

norfolkfxtrader.systeme.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

www.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:224a:1c00:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3fit27i5nzkqh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2606:4700::6812:1ad0 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dubb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:44d6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2315:8400:f:a462:c1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1yei2z3i6k35z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2600:9000:206f:8200:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)

d3syewzhvzylbl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.214.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-214-81.eu-west-1.compute.amazonaws.com

log.cookieyes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:4e00:10:6a77:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.211.100.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-100-135.compute-1.amazonaws.com

client-api.provesrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:cc0 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-provesrc.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

media.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:dc0 (United States)

ASN13335 (CLOUDFLARENET, US)

fra1.do.dubbcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
75	dubb.com 4 redirects dubb.com — Cisco Umbrella Rank: 468349	4 MB
32	cloudfront.net d3fit27i5nzkqh.cloudfront.net d1yei2z3i6k35z.cloudfront.net d3syewzhvzylbl.cloudfront.net	3 MB
18	tenor.com tenor.com — Cisco Umbrella Rank: 5697 media.tenor.com — Cisco Umbrella Rank: 6695	842 KB
12	provesrc.com cdn.provesrc.com — Cisco Umbrella Rank: 96261 client-api.provesrc.com — Cisco Umbrella Rank: 78013	114 KB
10	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9615 va.tawk.to — Cisco Umbrella Rank: 9337	142 KB
9	cdn-cookieyes.com cdn-cookieyes.com — Cisco Umbrella Rank: 10335	82 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	272 KB
7	dubbcdn.com fra1.do.dubbcdn.com Failed	596 KB
4	systeme.io 1 redirects norfolkfxtrader.systeme.io	117 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	digitaloceanspaces.com cdn-provesrc.nyc3.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 266342	7 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
2	cookieyes.com log.cookieyes.com — Cisco Umbrella Rank: 11277	305 B
2	polyfill.io www.polyfill.io — Cisco Umbrella Rank: 271152	778 B
187	15

	Domain	Requested by
75	dubb.com	4 redirects norfolkfxtrader.systeme.io dubb.com
19	d3syewzhvzylbl.cloudfront.net	norfolkfxtrader.systeme.io
17	tenor.com	norfolkfxtrader.systeme.io tenor.com
10	client-api.provesrc.com	cdn.provesrc.com
9	cdn-cookieyes.com	norfolkfxtrader.systeme.io cdn-cookieyes.com
9	d3fit27i5nzkqh.cloudfront.net	norfolkfxtrader.systeme.io d3fit27i5nzkqh.cloudfront.net
8	www.youtube.com	dubb.com www.youtube.com
8	embed.tawk.to	norfolkfxtrader.systeme.io embed.tawk.to
7	fra1.do.dubbcdn.com	dubb.com
4	d1yei2z3i6k35z.cloudfront.net	norfolkfxtrader.systeme.io
4	norfolkfxtrader.systeme.io	1 redirects norfolkfxtrader.systeme.io
2	va.tawk.to	embed.tawk.to
2	www.google-analytics.com	tenor.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	cdn-provesrc.nyc3.cdn.digitaloceanspaces.com	norfolkfxtrader.systeme.io
2	fonts.googleapis.com	cdn.provesrc.com
2	cdn.provesrc.com	norfolkfxtrader.systeme.io
2	log.cookieyes.com	cdn-cookieyes.com
2	www.polyfill.io	norfolkfxtrader.systeme.io
1	media.tenor.com	tenor.com
187	20

This site contains links to these domains. Also see Links.

Domain
www.iubenda.com
www.cookieyes.com
t.me
uk.trustpilot.com
d1yei2z3i6k35z.cloudfront.net
provesrc.com

Subject Issuer	Validity	Valid
systeme.io Amazon RSA 2048 M03	`2023-11-26` - `2024-12-24`	a year	crt.sh
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
dubb.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
tenor.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
cdn-cookieyes.com GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
log.cookieyes.com Amazon RSA 2048 M02	`2023-04-25` - `2024-05-24`	a year	crt.sh
*.provesrc.com Amazon RSA 2048 M03	`2023-10-12` - `2024-11-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.tenor.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
dubbcdn.com E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://norfolkfxtrader.systeme.io/
Frame ID: 282EAC1B6A00BC06EF1AD6F896AA4BCC
Requests: 57 HTTP requests in this frame

Frame: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
Frame ID: 0AD97833B90DF5329CBACB11DEFDA490
Requests: 22 HTTP requests in this frame

Frame: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
Frame ID: EF4A92B383DBC5F5C5A37E08482B9A65
Requests: 19 HTTP requests in this frame

Frame: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
Frame ID: D858831E560BBAE1A1691CCB2720C2A2
Requests: 22 HTTP requests in this frame

Frame: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
Frame ID: 4411E95A76FF580287CE431E056ECAE7
Requests: 22 HTTP requests in this frame

Frame: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Frame ID: 1760E4A6F0BCB47044E480318610A644
Requests: 15 HTTP requests in this frame

Frame: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/
Frame ID: 1376256DDF726F6D81D6C84AC61B7DFE
Requests: 19 HTTP requests in this frame

Frame: https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: CDD6A9AD694DF3CFEFFC645B4100667A
Requests: 2 HTTP requests in this frame

Frame: https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: C2A75DD53F63BD99B5D90428C1879FEA
Requests: 2 HTTP requests in this frame

Frame: https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 67C910E7AF22645DF1AF683A01331E9A
Requests: 2 HTTP requests in this frame

Frame: https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: 362A988F3DA5A53579F447614785E9A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norfolk FX Trader

Page URL History Show full URLs

http://norfolkfxtrader.systeme.io/ HTTP 301
https://norfolkfxtrader.systeme.io/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

187
Requests

95 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

8767 kB
Transfer

24293 kB
Size

14
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.iubenda.com/privacy-policy/60800316/cookie-policy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.cookieyes.com/product/cookie-consent

Search URL Search Domain Scan URL

URL: https://t.me/NorfolkFX
Title: Free Telegram

Search URL Search Domain Scan URL

URL: https://uk.trustpilot.com/review/norfolkfxtrader.com

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/6481ec0837a83_GBPUSDbuyentry.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/6480de1b54073_GBPUSD.rM30TP1.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/6481ee2550fca_GBPUSD.rM30partials.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/6482d8d6cf2ee_GBPUSD.rM30fullprofithit.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64bae718d43c5_AUDUSD.rH4sellatmanipulation.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64bae744af3db_AUDUSD.rM30entry.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64bae777891dc_AUDUSD.rM30partials.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64bae796333b5_AUDUSD.rM30fulltargethit.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64c378538e49c_EURUSD.rH4buy25july23.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64c378817deec_EURUSD.rH4fulltargethit.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64c7efefa69f1_XAUUSD.rM30buytrade.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64c7f0179d71f_XAUUSD.rM30FTP.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64d7b5f40c810_NZDUSD.rM5supplysell.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64d7b61b032fa_NZDUSD.rM5Takeprofit1low.png

Search URL Search Domain Scan URL

URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/64d7b63f58d0e_NZDUSD.rM5fulltakeprofit.png

Search URL Search Domain Scan URL

URL: https://www.iubenda.com/privacy-policy/60800316
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://provesrc.com/verified?src=norfolkfxtrader.systeme.io&utm_source=https://norfolkfxtrader.systeme.io/&utm_medium=notification&utm_campaign=powered-by-provesrc&utm_content=64b114d22a06e36848c0dec9&utm_term=Full%20course%20Sales
Title: ProveSource

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://norfolkfxtrader.systeme.io/ HTTP 301
https://norfolkfxtrader.systeme.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 107

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 131

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Request Chain 133

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

187 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
norfolkfxtrader.systeme.io/
Redirect Chain

http://norfolkfxtrader.systeme.io/
https://norfolkfxtrader.systeme.io/

653 KB
100 KB

279ms
234ms

Document
text/html

18.154.63.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-2.dus51.r.cloudfront.net

Software

nginx/1.24.0 /

Resource Hash

ee8bb541d697a3cb6bfc81348618f6ed8b4fbe3dd84fd11cf1354e950c925af9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=30, must-revalidate, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:04 GMT
server: nginx/1.24.0
vary: Accept-Encoding,Origin
via: 1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
x-amz-cf-id: aHfhv73Xv4jAUoDGZyf5NHrvBLc8GXx3mTx8XsexLXV27XTIeKqqjw==
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Sun, 17 Dec 2023 14:48:03 GMT
Location: https://norfolkfxtrader.systeme.io/
Server: CloudFront
Via: 1.1 3e1c75dd4bc1e056caa1604e0e55ea30.cloudfront.net (CloudFront)
X-Amz-Cf-Id: sMQK5B0uKVzzRq9puF8G4ILdb-7w-jcC4auKkYQ9AEFaGyMBSO51bg==
X-Amz-Cf-Pop: DUS51-P4
X-Cache: Redirect from cloudfront

GET
H2 200 polyfill.min.js Show response
www.polyfill.io/v3/ 104 B
615 B 98ms
23ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.polyfill.io/v3/polyfill.min.js?features=Intl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:04 GMT
age: 6693
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 486 KB
81 KB 106ms
26ms Stylesheet
text/css 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 14:49:04 GMT
content-encoding: gzip
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 12:25:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 4751941
etag: W/"325672b036bab9b57f6873aed5eccc43"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: Fx2e7q5dIQOIjC5znv-9j4VZ4IPa_qrMypKTdaZzb_0HLvtEOxn7Wg==

GET
H2 200 embed Show response
dubb.com/v/w5OG49/ Frame 0AD9 7 KB
3 KB 1001ms
688ms Document
text/html 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3178e5a50864d9b51ce30ddf527eba6703a967008563b9fe5f3de0c70cb651

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 836ff7042b559bce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:05 GMT
expect-ct: max-age=604800, report-uri="https://o4505855671599104.ingest.sentry.io/api/4505881156780032/security/?sentry_key=8dff49c8a529496882b8db7ffd45d27e"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-request-id: 93920b2c5e5b446588d0fcc666c8007a
x-xss-protection: 1; mode=block

GET
H2 200 embed Show response
dubb.com/v/euVn49/ Frame EF4A 7 KB
3 KB 645ms
333ms Document
text/html 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f1c7e828c681dba92a8b92f384756053eaab2455dc37e9de44aedb8d438f0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 836ff7042b599bce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:04 GMT
expect-ct: max-age=604800, report-uri="https://o4505855671599104.ingest.sentry.io/api/4505881156780032/security/?sentry_key=8dff49c8a529496882b8db7ffd45d27e"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-request-id: 594739ab33b14c54bae530589b55a12e
x-xss-protection: 1; mode=block

GET
H2 200 embed.js Show response
tenor.com/ 3 KB
3 KB 526ms
182ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/embed.js

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bb6c0589696b220c9c9d60bdd5c867551d697db32cb016186c634da6d0bafe35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-NWVmNjU2MmItZWJlYS00ODg5LTljOTgtY2EzNGUzNWFjYjY5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-NWVmNjU2MmItZWJlYS00ODg5LTljOTgtY2EzNGUzNWFjYjY5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:04 GMT
content-encoding: gzip
age: 76475
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 997
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200116-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.543710,VS0,VE141
etag: W/"c8f-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 702, 0

GET
H2 200 embed Show response
dubb.com/v/i7IXGi/ Frame D858 7 KB
3 KB 971ms
659ms Document
text/html 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2ec7d776605a182e4efaad6bc7983c21f9019f520a65155764bf984c1d26d01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 836ff7042b4d9bce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:05 GMT
expect-ct: max-age=604800, report-uri="https://o4505855671599104.ingest.sentry.io/api/4505881156780032/security/?sentry_key=8dff49c8a529496882b8db7ffd45d27e"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-request-id: 30bab2e5ff04460293b25d30aa75c6ae
x-xss-protection: 1; mode=block

GET
H2 200 embed Show response
dubb.com/v/bEbLfq/ Frame 4411 7 KB
3 KB 676ms
367ms Document
text/html 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce3500b3d99b4d85154c3acd0d1f6a8ecfaf1bcdfa844874625421311a8fb050

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 836ff7042b519bce-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:04 GMT
expect-ct: max-age=604800, report-uri="https://o4505855671599104.ingest.sentry.io/api/4505881156780032/security/?sentry_key=8dff49c8a529496882b8db7ffd45d27e"
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding Origin
x-content-type-options: nosniff
x-request-id: 28de50df99934b858ef3a81d45b4f1d5
x-xss-protection: 1; mode=block

GET
H2 200 1182416971c2975408f3b7d92c02438547ac1b1a.js Show response
norfolkfxtrader.systeme.io/public/remote/page/ 6 KB
6 KB 79ms
79ms Script
text/javascript 18.154.63.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://norfolkfxtrader.systeme.io/public/remote/page/1182416971c2975408f3b7d92c02438547ac1b1a.js

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-2.dus51.r.cloudfront.net

Software

nginx/1.24.0 /

Resource Hash

33ce5d61142785c00e6033cf704828c54912fa02ad87347c3b25238894525c53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:04 GMT
via: 1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.24.0
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
x-robots-tag: noindex
x-amz-cf-id: K56zqkaYRbLxBZqN6x6_7Vy3SgKx9jzWBK8FjXjyqF8HE1BqT6z0dw==
x-xss-protection: 1; mode=block

GET
H2 200 runtimeSimplePage.1f5d57551aa31777b361.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ 2 KB
1 KB 112ms
67ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 14:12:38 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 14:12:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 261327
etag: W/"b36fb59db1b08c77338df8b86396266b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: u7R4U_uvSuJrvcPCL3qRpgE9EoNl3Haxf_X6SvZfyclwwBm9ojo0MQ==

GET
H2 200 simplePage.b7d77eb6c54e42454357.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ 570 KB
98 KB 112ms
67ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/simplePage.b7d77eb6c54e42454357.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7533b3bd06dfcbb2519bae125e94fa1f0bf19861017cc9aa3d79410bb8160f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:19:46 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 21:19:39 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62898
etag: W/"05def1e12b5fc9d643da05635137f50c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: eusT6wW2un1yYnNdw_8A4FTBtRxwbv8tJpq8QNu-0lkO7XmWtJ9gWQ==

GET
H2 200 vendors~simplePage.a4df2fe0a24043afb232.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ 846 KB
228 KB 125ms
80ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.a4df2fe0a24043afb232.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b151edf8642f4b2cb2f075212c69e8eaa7daa683d7d489a8ffdf48ce378e7d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 14:12:38 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 14:12:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 261327
etag: W/"25e529d0f96bbe9ed9709ab0c2804b9e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: nbzO6nvE-7gkEAtSSlkHaOyUjj64HnhcZU8bLNCF72RjCBVHbRPB0w==

GET
H2 200 script.js Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/ 95 KB
35 KB 85ms
36ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/script.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc30b5b5507193483788eb989a7fdf683ba36ade007766349da59c3b12422fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17c4f-60c4553307521-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tn0kGD8wVwJqLwkpGWFxYcMNwbBnegL2%2FHvMg%2F1unlYHBwvN1sefDGz7xviB%2F2DKM%2Fr5XFBx5LCd1nby6z1og7vZN2KLHhkJbMp3cyZaUYWt2mUlQCURcp9XuA2r1iOmA4Yp8bAwOQOJ1pVQnox0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff702ba2fbb83-FRA

GET
H2 200 656ced24ae541_10XGROWTH2.jpg
d1yei2z3i6k35z.cloudfront.net/1575644/ 100 KB
100 KB 269ms
207ms Image
image/jpeg 2600:9000:2315:8400:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/656ced24ae541_10XGROWTH2.jpg
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0882cbbe5e48753cac29319e26386251edf3433ca22e22e12a2188f28b3c2e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
last-modified: Sun, 03 Dec 2023 21:03:34 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "62f2fa99783c9ed66298181dd3897641"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
content-length: 102245
x-amz-cf-id: QU1P2T_9QszSorzYj9cS82udO1T2jLIdF3YdY04poto71t5-i9lSzA==

GET
H2 200 65636b8a9a44b_Screenshot2023-11-26at15.59.58.png
d1yei2z3i6k35z.cloudfront.net/1575644/ 340 KB
341 KB 264ms
202ms Image
image/png 2600:9000:2315:8400:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/65636b8a9a44b_Screenshot2023-11-26at15.59.58.png
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 403c4af1a9c92f23af0aae7283ee5d49f48298759867281c9fb6c75e9a8d5b11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
last-modified: Sun, 26 Nov 2023 16:00:12 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "8d8bdfd188172de4ff9e776b08535c64"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
content-length: 348609
x-amz-cf-id: YcinxRLoiJchLQmiSi4QXfXhTLUXHgy8H0xl0hI2pvE7rLz7V9jbEQ==

GET
H2 200 300.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/ 22 KB
23 KB 233ms
174ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/300.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21af5b32438bce3f95385b41f652218ea4ed3a58bd75c3d96cc27b03ae456644

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 06:24:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "a967d5d28bd4c5b0090b77b8d6b6d6e5"
x-amz-server-side-encryption: AES256
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
x-cache: Miss from cloudfront
accept-ranges: bytes
content-length: 23012
x-amz-cf-id: dctH4ehsJDSHvJ-5_ooNk_Q1jARtXNmz-s9AN91q2Yppv9GoDsQ9kA==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 32 KB
33 KB 156ms
98ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/regular.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73ba62a6e6a8335135fc997dc56bd2c9dc602ce6c1a1f42a696f37439a7e6299

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 10:03:14 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 17091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33028
last-modified: Fri, 14 Apr 2023 06:24:35 GMT
server: AmazonS3
etag: "b39b161a2ac276e8cd0e573eff7eb905"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Pn0BdMs4ec3imSiyrdgeJ7quhE0cFzFPXP6U0P0P1PaGdHxwzvgZ_A==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/ 62 KB
63 KB 127ms
68ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/roboto/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:09:15 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 27530
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 63512
last-modified: Fri, 14 Apr 2023 06:25:16 GMT
server: AmazonS3
etag: "9912eb289b9a8018ffe746b38a1f4138"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: OghocBu6jtuuDzbz6mFfZP9P09msAmYjg8dQHD3uN2nSAadSjf-nqw==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 32 KB
33 KB 114ms
56ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92ce515eed3b949bdb0c372f032c27f5c7dda57ac3ba7703e267da5bf468539b

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 10:44:47 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 14598
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 32856
last-modified: Fri, 14 Apr 2023 06:24:34 GMT
server: AmazonS3
etag: "e4a7489fd359edc9a3bc2b2240007029"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 0sENpnBZie5PGkaQqKw2fTNsGBBQvpsR7vXVdjDfpi3HrRVSasmuqQ==

GET
H2 200 800.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/ 23 KB
23 KB 159ms
101ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/800.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1145e905d1d3c3625be2a792a3f179aa1d7cd065513f52574c27dadfffc056e6

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:45:58 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 7327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23184
last-modified: Fri, 14 Apr 2023 06:24:12 GMT
server: AmazonS3
etag: "96dc3f6e6ff4471671bc770b0c0b8f9d"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Qa1VzxTd49-Gv3kfduvbYRkIyrv3wrKkXFlZPR5K3RPkTx_1NKPAyg==

GET
H2 200 fa-solid-900.woff2
d3fit27i5nzkqh.cloudfront.net/assets/webfonts/ 321 KB
322 KB 66ms
25ms Font
binary/octet-stream 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/webfonts/fa-solid-900.woff2
Requested by: Host: d3fit27i5nzkqh.cloudfront.net
URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

Request headers

Referer: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 14:49:07 GMT
via: 1.1 c7a5852ebe9db847874084d43de89f0e.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 12:25:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 4751937
etag: "6ebcf9f18ded9c54f71ec1198c32aa52"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 329204
x-amz-cf-id: G0SXHnKriaVZBnpS75q3aAMBYXtlPxAo6ptVzlnMHbPxVXlaFy8fyg==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/ 23 KB
23 KB 175ms
117ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 885869d6a894e36e2db6be5cdf5acab8bb8394c0cdc4bf611fec9287a447b729

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:08:05 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 9600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23144
last-modified: Fri, 14 Apr 2023 06:24:11 GMT
server: AmazonS3
etag: "c37c58648411b4d37d7088d0e4c04bd5"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: G11FNKe2Ly5CURUCGFyndsqLF6WxjaCOdGrIGhB1MelpFre0gD5jZQ==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 109 KB
110 KB 163ms
105ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/regular.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d90c23b813ac21cd3d6d5225a075e7626a22d6d2cb1a222617709701eb60f40

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 03:31:00 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 40625
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 111640
last-modified: Fri, 14 Apr 2023 06:25:55 GMT
server: AmazonS3
etag: "29fd689814bb4c452774ed374c99c5e3"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: J-7OdWoudH1Db1T5lV7tq6hi-HaCMbb2-BhEQ1dWyHZuWXvmecL1RQ==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 95 KB
96 KB 172ms
114ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:37:32 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 47433
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 97272
last-modified: Fri, 14 Apr 2023 06:25:55 GMT
server: AmazonS3
etag: "e67a51623103aaeb28a214b32108b46a"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: DBqpfhlrpHRpOE1cF-wR55Y-NoeBsqjq3kcq73iVOjnCYTgiTsUBCw==

GET
H2 200 italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/ 117 KB
118 KB 136ms
78ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/ubuntu/italic.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b7b76a91ef9d36db9aef8edf68ba7c2e716677848c640190a1052efc1d48d37

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:08:05 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 5697
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 119936
last-modified: Fri, 14 Apr 2023 06:25:55 GMT
server: AmazonS3
etag: "ec773ab3ee05024300505f4236e2b58e"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 5S2Dsn5ROZ8GRRHy7qXAfRzTn9bM7WOSdbLQyO9DFKVOPzB2Ug6c7w==

GET
H2 200 italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 35 KB
35 KB 168ms
110ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/italic.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 315df5b36799ca109f360dba934bf77faa54f28dfa9b11483ee1581be5054569

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:25:39 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 33746
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35588
last-modified: Fri, 14 Apr 2023 06:24:35 GMT
server: AmazonS3
etag: "3549ce5aa1454d7ef33c5413c71e8535"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 00z9ln1tIuqnqAKqBzZng_MkUOqJGXAONacc3VLhzo0Azm5aLNAnXw==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/rubik/ 39 KB
40 KB 152ms
95ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/rubik/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2a93b628f412f678ef10173190fd3998e8afe07b2631692a10382fa4bc4dd2a

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 10:06:23 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 41173
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40424
last-modified: Fri, 14 Apr 2023 06:25:23 GMT
server: AmazonS3
etag: "a536a783e9173f1d41d7ba4276ee42c1"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: UcPW4NfMr1yVXsCPecaJOU6dnm7WvKxUMMSao3ogICMNTAvg5habpw==

GET
H2 200 700italic.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/ 35 KB
35 KB 148ms
91ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/mulish/700italic.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81f43732b985a695c87c846b10e296535ca26f6bddcb8b391104a7b5b82b202d

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:25:40 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 33745
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35524
last-modified: Fri, 14 Apr 2023 06:24:34 GMT
server: AmazonS3
etag: "d96b232e12d3952a1bd84860605b60c8"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: hNBBwBNRjGPAgbVzdYRpn0k8ek1NBPp-pzuiRbMyELxcJz_VEbtdXw==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/ 53 KB
53 KB 92ms
35ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50ab71cdc974214800ea28edda3fbe456e08d9731371913f22c6b278323b7aba

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:11:34 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 27391
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 54200
last-modified: Fri, 14 Apr 2023 06:24:45 GMT
server: AmazonS3
etag: "8c3db392e527ff190428aead8c19cc67"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 51MmhXJtmo4Mqhl2v0VulcJsDanJCC_rkUQTrtwkE6mLjICWidVOHw==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/rubik/ 39 KB
40 KB 149ms
112ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/rubik/regular.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46eceae98b29e942e458f79841af75d7f7227c0cd0acbb7fb581bddcff701a9a

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 03:02:09 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 42356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 40344
last-modified: Fri, 14 Apr 2023 06:25:23 GMT
server: AmazonS3
etag: "921e5f355d3cdf244b4b5ec78b10d517"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 5X8Q4mPL6aonHYDY9TDH21jyifAFz6mvLDsh_aWIbHmBXMzZdvCfxg==

GET
H2 200 300.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/ 55 KB
55 KB 136ms
103ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/300.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63dd176baf2da2ee72d59cdb21dd1b38bdb76fd4f7c57e0fa3763eda05e9488f

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 09:29:44 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 19101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 55888
last-modified: Fri, 14 Apr 2023 06:24:44 GMT
server: AmazonS3
etag: "47553d3f791dcc05a152514c0595d454"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: gG6E2hd8Tg6Lr8ChVGIaR8hSNUaKL3NXuVaGdlv1fx6QvTZbyri93g==

GET
H2 200 653bdcc290489_ForexEducation3.png
d1yei2z3i6k35z.cloudfront.net/1575644/ 14 KB
14 KB 60ms
31ms Image
image/png 2600:9000:2315:8400:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/1575644/653bdcc290489_ForexEducation3.png
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 578e46756d1fabfbb28df47c753e5ee9ef6cff015eaeef089a3b4468f9a306ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:07:01 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 326464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 13886
last-modified: Fri, 27 Oct 2023 15:52:35 GMT
server: AmazonS3
etag: "2cc9e3d440cfe1d6ab800d68993a4e2f"
vary: Origin
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: 31i_jVpWf50kk3znI9uEfpKCvbUGU1WlFILqihp_hc9vumlnvZeCyA==

GET
H2 200 show Show response
norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/ Frame 1760 38 KB
10 KB 112ms
111ms Document
text/html 18.154.63.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/remote/page/1182416971c2975408f3b7d92c02438547ac1b1a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-2.dus51.r.cloudfront.net

Software

nginx/1.24.0 /

Resource Hash

ccff69f0625df762f73b0cdab6d48704ca2278de552e523f5f0e587d9a6ea6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 14:48:04 GMT
server: nginx/1.24.0
vary: Accept-Encoding
via: 1.1 e854bbca657208a759bb2d8d135f9d78.cloudfront.net (CloudFront)
x-amz-cf-id: DhapQfpek3Ulfbt0TNgpYm8wmDDjYd1tG7qHKCasvMWzXR82p4S4lg==
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-robots-tag: noindex
x-xss-protection: 1; mode=block

GET
H2 200 default Show response
embed.tawk.to/5fc38b13920fc91564cbb834/ 2 KB
921 B 216ms
158ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13df9823251a2c5814d0d2e004a3b59fbf5759d5383cd5396a98433046405547

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:04 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-6579dd43930"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 836ff703fdde2c79-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
153 B 143ms
52ms Ping
text/plain 52.49.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.214.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-214-81.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://norfolkfxtrader.systeme.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryt5MybpgxM2CnCbFt

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 14:48:04 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 banner.js Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/ 94 KB
33 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/banner.js
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cdb88266b3b9f04742a748c29ad35d217deb5e36a1d7a6dae0ab7959e8d5068

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 478862
etag: W/"1769c-60c4553306581-gzip"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poQp6foFAevr%2Bu8%2BJaZqhDq3uHB9iI5Xzj1taGFMXEmCfcNXE7vmuFpBZyJrPc6WkZwjkxF8SzlV16uwri8gPDsKHfJUOCu3gV8rL2b8BnWVrugelFulJ%2BNFeRBE88hCJ55v5IKQeYUXFPt4ajMO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff703ab7abb83-FRA

GET
H2 200 provesrc.js Show response
cdn.provesrc.com/ 225 KB
55 KB 95ms
27ms Script
application/javascript 2600:9000:224a:4e00:10:6a77:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.provesrc.com/provesrc.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:10:6a77:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fafdc006b816a5d9a75316354a165ff79f66b23635e5128efe8586f7c04c52c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 19:53:27 GMT
content-encoding: gzip
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 09:59:01 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 68078
x-amz-server-side-encryption: AES256
etag: "c147d3d5cc13ce2567befdf82e1baf43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 55627
x-amz-cf-id: 8taMR2ciQxOZjAFgFGY4pSZtx2yeO5YbONR1T5Psn54C7a8hawwLwA==

GET
H2 200 polyfill.min.js Show response
www.polyfill.io/v3/ Frame 1760 104 B
163 B 20ms
19ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.polyfill.io/v3/polyfill.min.js?features=Intl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:04 GMT
age: 6693
detected-user-agent: Chrome Mobile/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ Frame 1760 486 KB
81 KB 24ms
23ms Stylesheet
text/css 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 23 Oct 2023 14:49:04 GMT
content-encoding: gzip
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Wed, 18 May 2022 12:25:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 4751941
etag: W/"325672b036bab9b57f6873aed5eccc43"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: nkY4zTp4Sew_KlZAR7vRE8FCJV8SVslP5sArpMtcqIt1xeveitbYrQ==

GET
H2 200 runtimeSimplePage.1f5d57551aa31777b361.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ Frame 1760 2 KB
1 KB 22ms
22ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/runtimeSimplePage.1f5d57551aa31777b361.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 14:12:38 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 14:12:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 261327
etag: W/"b36fb59db1b08c77338df8b86396266b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: vkXjpUerCGh_jtCp_q2lSWQ4JB51cHfo3Fczcf5t4lediNLqHiu2Cg==

GET
H2 200 simplePage.b7d77eb6c54e42454357.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ Frame 1760 570 KB
98 KB 23ms
22ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/simplePage.b7d77eb6c54e42454357.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7533b3bd06dfcbb2519bae125e94fa1f0bf19861017cc9aa3d79410bb8160f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:19:46 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Sat, 16 Dec 2023 21:19:39 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 62898
etag: W/"05def1e12b5fc9d643da05635137f50c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: xr8PLeKAyWe17B_kjpe6DMvwKoFQNGVMpXJNW3EujX27o9uVxTgFPA==

GET
H2 200 vendors~simplePage.a4df2fe0a24043afb232.js Show response
d3fit27i5nzkqh.cloudfront.net/js/ Frame 1760 846 KB
228 KB 27ms
27ms Script
application/javascript 2600:9000:224a:1c00:1c:d937:ae40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3fit27i5nzkqh.cloudfront.net/js/vendors~simplePage.a4df2fe0a24043afb232.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b151edf8642f4b2cb2f075212c69e8eaa7daa683d7d489a8ffdf48ce378e7d69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 14:12:38 GMT
content-encoding: br
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 14:12:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 261327
etag: W/"25e529d0f96bbe9ed9709ab0c2804b9e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: 9OJtGwkm1uQpfPdwxi7q0QJpnHRi7oi_QPvNO3YnQ88BXtDc7E0plQ==

GET
H2 200 provesrc.js Show response
cdn.provesrc.com/ Frame 1760 225 KB
55 KB 27ms
27ms Script
application/javascript 2600:9000:224a:4e00:10:6a77:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.provesrc.com/provesrc.js
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4e00:10:6a77:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fafdc006b816a5d9a75316354a165ff79f66b23635e5128efe8586f7c04c52c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 19:53:27 GMT
content-encoding: gzip
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
last-modified: Thu, 26 Oct 2023 09:59:01 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 68078
x-amz-server-side-encryption: AES256
etag: "c147d3d5cc13ce2567befdf82e1baf43"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 55627
x-amz-cf-id: T5OlWptcJJ8NOhsSC1jpL6Q9gV8hDL1aFiKgRU5lTCNRms2MJBtr8Q==

OPTIONS
H2 200 configuration
client-api.provesrc.com/account/ Frame 0
0 374ms
123ms Preflight 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby8=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: GET
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 17 Dec 2023 14:48:04 GMT
x-ps-host: ip-172-31-33-180
x-request-id: 704d7254-8c88-40d0-aec2-520de107731a

GET
H2 200 configuration Show response
client-api.provesrc.com/account/ 285 B
1 KB 370ms
131ms Fetch
application/json 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby8=
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash: 5fa7c21c9e14754e4ef22939e5bfa098a1883a7027ed19f3b120915abd827d9a

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2NGIxMGUwMTJhMDZlMzY4NDhjMGQwMmQiLCJpYXQiOjE2ODkzMjUwNTd9._mjpLrXXE6Bz29zFUNnrBDMLI1WcBDvcx6dIS5rRhrA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
Accept: application/json
x-ps-url: aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby8=
Referer: https://norfolkfxtrader.systeme.io/
x-ps-uid: 5312bc2e-1673-4d00-97e8-366c5c4ad033
x-ps-version: 4.6.3

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
etag: W/"11d-3WEnIb4BQ7bS79QUUWsv8GVA0G4"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkfxtrader.systeme.io
x-ps-host: ip-172-31-60-16
access-control-expose-headers: x-ps-first
x-ps-first: psuid=704f0838-7585-4093-8714-3e5a53adf65d; expires=Tue, 01 Jan 2030 00:00:00 GMT; maxAge=15552000$ps64b10e012a06e36848c0d02d=true|1702512000000; maxAge=86400000; expires=Sun, 14 Jan 2024 00:00:00 GMT
access-control-allow-credentials: true
vary: Accept-Encoding
x-request-id: d77c0e45-c8f3-46cd-92f1-4cf1c10138e7

GET
H2 200 5dd17bfe2972f_Picture6011.png
d1yei2z3i6k35z.cloudfront.net/systeme-common/ Frame 1760 255 KB
256 KB 27ms
27ms Image
application/octet-stream 2600:9000:2315:8400:f:a462:c1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1yei2z3i6k35z.cloudfront.net/systeme-common/5dd17bfe2972f_Picture6011.png
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:8400:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43bd5bda92afcebf2479700677d487a26469f555045561a26be2abed2978648c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 06:35:42 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
last-modified: Sun, 17 Nov 2019 16:57:35 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 547943
etag: "4d519d6de8c04bb096bce851a352ff45"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
x-robots-tag: noindex
content-length: 261222
x-amz-cf-id: EP07ELaCPgrG_D_zGCkunj6JF-SIDlS0WhkwqQ0kD0InigXNkxUZGw==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/robotocondensed/ Frame 1760 62 KB
62 KB 21ms
21ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/robotocondensed/regular.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 09bacc7d4a9a9a2770f7d67515299b87cfd4a49ee0767ca6c718a7be5cf3d2ea

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 03:50:46 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 39439
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 63468
last-modified: Fri, 14 Apr 2023 06:25:17 GMT
server: AmazonS3
etag: "55e02dc569cbf540c52b7aadf46a19ce"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 9RGYcm6vloJBhr1IlV-KEVmDBvFNJ2Q619KtJUwZErVlim7hNriKdA==

GET
H2 200 700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/ Frame 1760 23 KB
23 KB 24ms
23ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/700.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 885869d6a894e36e2db6be5cdf5acab8bb8394c0cdc4bf611fec9287a447b729

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:08:05 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 9600
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23144
last-modified: Fri, 14 Apr 2023 06:24:11 GMT
server: AmazonS3
etag: "c37c58648411b4d37d7088d0e4c04bd5"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: zgW5zlNTdR3vke60SX9eZOM74dxPMJihf260aiMgVcPdrya2HLefww==

GET
H2 200 regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/ Frame 1760 55 KB
55 KB 22ms
21ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/opensans/regular.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f5c6776653ed628a8eb5e2e3cb74d4acbd59e783173dde380fe51f3f0c76d23

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 06:10:21 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 31064
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 56092
last-modified: Fri, 14 Apr 2023 06:24:45 GMT
server: AmazonS3
etag: "200740017ae2e3a5c5a27ab4f9976f33"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: RC8aq1_3C-bXruw3dRJ_EUQVe1OjTgg2tNvkB1rHcjXDNXt-mMU9uA==

GET
H2 200 800.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/ Frame 1760 23 KB
23 KB 24ms
24ms Font
font/woff2 2600:9000:206f:8200:f:e793:dc40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/librefranklin/800.woff2
Requested by: Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a/show?hostname=norfolkfxtrader.systeme.io?source=https://norfolkfxtrader.systeme.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:8200:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1145e905d1d3c3625be2a792a3f179aa1d7cd065513f52574c27dadfffc056e6

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:45:58 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 7327
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 23184
last-modified: Fri, 14 Apr 2023 06:24:12 GMT
server: AmazonS3
etag: "96dc3f6e6ff4471671bc770b0c0b8f9d"
access-control-max-age: 31536000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: sAmI4RV38fUama40oAjgPF_bB7sPuwpBF7rdXmQ4xJWJRlABN-eceQ==

GET
H2 200 configuration Show response
client-api.provesrc.com/account/ Frame 1760 285 B
1 KB 370ms
130ms Fetch
application/json 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby9wdWJsaWMvMTE4MjQxNjk3MWMyOTc1NDA4ZjNiN2Q5MmMwMjQzODU0N2FjMWIxYS9zaG93P2hvc3RuYW1lPW5vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvP3NvdXJjZT1odHRwczovL25vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvLyNzeXN0ZW1laW8taWZyYW1lLTE3MDI4MjQ0ODQzOTM=
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash: 5fa7c21c9e14754e4ef22939e5bfa098a1883a7027ed19f3b120915abd827d9a

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2NGIxMGUwMTJhMDZlMzY4NDhjMGQwMmQiLCJpYXQiOjE2ODkzMjUwNTd9._mjpLrXXE6Bz29zFUNnrBDMLI1WcBDvcx6dIS5rRhrA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
Accept: application/json
x-ps-url: aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby9wdWJsaWMvMTE4MjQxNjk3MWMyOTc1NDA4ZjNiN2Q5MmMwMjQzODU0N2FjMWIxYS9zaG93P2hvc3RuYW1lPW5vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvP3NvdXJjZT1odHRwczovL25vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvLyNzeXN0ZW1laW8taWZyYW1lLTE3MDI4MjQ0ODQzOTM=
Referer: https://norfolkfxtrader.systeme.io/
x-ps-uid: 5312bc2e-1673-4d00-97e8-366c5c4ad033
x-ps-version: 4.6.3

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
etag: W/"11d-3WEnIb4BQ7bS79QUUWsv8GVA0G4"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkfxtrader.systeme.io
x-ps-host: ip-172-31-29-194
access-control-expose-headers: x-ps-first
x-ps-first: psuid=2345fad0-4490-4951-9720-b86cc58bc9cb; expires=Tue, 01 Jan 2030 00:00:00 GMT; maxAge=15552000$ps64b10e012a06e36848c0d02d=true|1702512000000; maxAge=86400000; expires=Sun, 14 Jan 2024 00:00:00 GMT
access-control-allow-credentials: true
vary: Accept-Encoding
x-request-id: cd4a493d-6944-49f9-8cff-4c498392523a

OPTIONS
H2 200 configuration
client-api.provesrc.com/account/ Frame 0
0 323ms
121ms Preflight 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/account/configuration?url=aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby9wdWJsaWMvMTE4MjQxNjk3MWMyOTc1NDA4ZjNiN2Q5MmMwMjQzODU0N2FjMWIxYS9zaG93P2hvc3RuYW1lPW5vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvP3NvdXJjZT1odHRwczovL25vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvLyNzeXN0ZW1laW8taWZyYW1lLTE3MDI4MjQ0ODQzOTM=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: GET
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 17 Dec 2023 14:48:04 GMT
x-ps-host: ip-172-31-29-194
x-request-id: 5233ee4c-45e0-42a2-bdd2-d49e9b208c4c

GET
H2 200 22723466 Show response
tenor.com/embed/ Frame 1376 19 KB
7 KB 181ms
181ms Document
text/html 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Requested by

Host: tenor.com
URL: https://tenor.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bdc69a163f123b160fd08c0f169947f2536866485e78a1cc579fe7ecfd3a449b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-ZmYzNDljNzctNWFjOC00OGU2LWExMmYtMzBhYTQyMWUxZWE1' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2633
content-encoding: gzip
content-length: 5620
content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-ZmYzNDljNzctNWFjOC00OGU2LWExMmYtMzBhYTQyMWUxZWE1' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 14:48:04 GMT
etag: W/"4dc6-BhwYe9NUR2Z17OPVEpmdfad2am0"
referrer-policy: origin
strict-transport-security: max-age=31536000; preload
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, x-restricted-country-code, Accept-Encoding
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-content-type-options: nosniff
x-download-options: noopen
x-served-by: cache-bur-kbur8200072-BUR, cache-cph2320029-CPH
x-timer: S1702824485.735312,VS0,VE141
x-xss-protection: 1; mode=block

GET
H2 200 2009.06972211.css
dubb.com/build/ Frame EF4A 41 KB
8 KB 216ms
215ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/2009.06972211.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b901ae4f9f602468737803d35e082729982963dedf76fac1811e366080a4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=41859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:10 GMT
server: cloudflare
etag: W/"657f0142-a383"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7063ecd9bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 embed-video.8954ae74.css
dubb.com/build/css/ Frame EF4A 154 KB
39 KB 237ms
236ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/css/embed-video.8954ae74.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054e70d37d252a23a9c8c698419a8042822a7a8d376a7656f8b85a23d25d41c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=157825
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-26881"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7063ecf9bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 runtime.e6709896.js Show response
dubb.com/build/ Frame EF4A 11 KB
5 KB 214ms
213ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/runtime.e6709896.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1389188ed1c342598c15b2602f1e75d52f6638e2d6f3b2702f5cd32b92d400c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=10816
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:20 GMT
server: cloudflare
etag: W/"657f014c-2a40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed09bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 1959.6276fcc4.js Show response
dubb.com/build/ Frame EF4A 189 KB
61 KB 339ms
338ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1959.6276fcc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86102e61f90279d23401d6125db1b6c569afe5f0dc0246cc3433ee69b98fc5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=195315
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-2faf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed19bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 1297.abe92168.js Show response
dubb.com/build/ Frame EF4A 1 MB
413 KB 377ms
377ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1297.abe92168.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67b7be3456a14ddc6a8ac181c17abc3da6a47d574f802359dc1269879a037ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1423577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-15b8d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed29bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 7143.3c02a58f.js Show response
dubb.com/build/ Frame EF4A 39 KB
12 KB 222ms
221ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/7143.3c02a58f.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff69917a9f60bba88b196bbbb6ef8170abe6645d538bb11ab2caec219626e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=39603
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-9ab3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed39bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 1498.df70f7ec.js Show response
dubb.com/build/ Frame EF4A 170 KB
44 KB 208ms
207ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1498.df70f7ec.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673ad21591c37ad87b78128a2480f669ed7d7e2a9d01dab4ac7f8e834b6c75d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=174334
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-2a8fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed59bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 v4.e7705558.js Show response
dubb.com/build/js/ Frame EF4A 8 KB
3 KB 199ms
198ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/js/v4.e7705558.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e334510cac128f2156754e56f17477eb620596b7f22b1f729b90595cef31bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=7980
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-1f2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7063ed79bce-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 2009.06972211.css
dubb.com/build/ Frame 4411 41 KB
8 KB 223ms
222ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/2009.06972211.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b901ae4f9f602468737803d35e082729982963dedf76fac1811e366080a4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=41859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:10 GMT
server: cloudflare
etag: W/"657f0142-a383"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7066bb03a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 embed-video.8954ae74.css
dubb.com/build/css/ Frame 4411 154 KB
39 KB 235ms
235ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/css/embed-video.8954ae74.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054e70d37d252a23a9c8c698419a8042822a7a8d376a7656f8b85a23d25d41c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=157825
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-26881"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7067bb33a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 runtime.e6709896.js Show response
dubb.com/build/ Frame 4411 11 KB
5 KB 203ms
203ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/runtime.e6709896.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1389188ed1c342598c15b2602f1e75d52f6638e2d6f3b2702f5cd32b92d400c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=10816
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:20 GMT
server: cloudflare
etag: W/"657f014c-2a40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bb63a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1959.6276fcc4.js Show response
dubb.com/build/ Frame 4411 189 KB
61 KB 1048ms
1047ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1959.6276fcc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86102e61f90279d23401d6125db1b6c569afe5f0dc0246cc3433ee69b98fc5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=195315
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-2faf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bb73a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1297.abe92168.js Show response
dubb.com/build/ Frame 4411 1 MB
413 KB 749ms
749ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1297.abe92168.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67b7be3456a14ddc6a8ac181c17abc3da6a47d574f802359dc1269879a037ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1423577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-15b8d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bba3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 7143.3c02a58f.js Show response
dubb.com/build/ Frame 4411 39 KB
12 KB 205ms
205ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/7143.3c02a58f.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff69917a9f60bba88b196bbbb6ef8170abe6645d538bb11ab2caec219626e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=39603
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-9ab3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bbb3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1498.df70f7ec.js Show response
dubb.com/build/ Frame 4411 170 KB
45 KB 358ms
358ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1498.df70f7ec.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673ad21591c37ad87b78128a2480f669ed7d7e2a9d01dab4ac7f8e834b6c75d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=174334
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-2a8fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bbd3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 v4.e7705558.js Show response
dubb.com/build/js/ Frame 4411 8 KB
3 KB 201ms
201ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/js/v4.e7705558.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e334510cac128f2156754e56f17477eb620596b7f22b1f729b90595cef31bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=7980
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-1f2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7067bbe3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 fonts.css
tenor.com/assets/fonts/ Frame 1376 216 B
1 KB 462ms
461ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/fonts/fonts.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ecb7a6be88986ba421fdf833eb602537bf1047966fbdc3d004debd6751e94674

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-YmEwN2QzNDQtMzVhMC00NDc5LTk5NzctNmE1OTBlNmViNjA1' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-YmEwN2QzNDQtMzVhMC00NDc5LTk5NzctNmE1OTBlNmViNjA1' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60351
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 179
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200078-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.920324,VS0,VE413
etag: W/"d8-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 483, 0

GET
H2 200 _base.css
tenor.com/assets/animate.css/source/ Frame 1376 682 B
2 KB 182ms
181ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/animate.css/source/_base.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dbffd163cb4556c11f3f913e08d2de5ab02d60970fbe26f00a04324947b4af90

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-NGRjMGIxN2UtNzE3Mi00ZDA5LWI5M2QtN2FjMTA0NTc0NWFl' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-NGRjMGIxN2UtNzE3Mi00ZDA5LWI5M2QtN2FjMTA0NTc0NWFl' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60351
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 243
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200081-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:18 GMT
x-timer: S1702824485.920662,VS0,VE140
etag: W/"2aa-18c61a5b150"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 514, 0

GET
H2 200 slideInRight.css
tenor.com/assets/animate.css/source/sliding_entrances/ Frame 1376 206 B
1 KB 195ms
194ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/animate.css/source/sliding_entrances/slideInRight.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

517bccd7ca8613a6985fa501585dcb02cdd6c2948c435a984c8f86ed0b97b67f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MTYyYjczNTUtMjAxMC00ZTk3LWIxOTYtNTI0NWQ5YjliNzk2' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MTYyYjczNTUtMjAxMC00ZTk3LWIxOTYtNTI0NWQ5YjliNzk2' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60350
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 145
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200097-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:20 GMT
x-timer: S1702824485.920656,VS0,VE154
etag: W/"ce-18c61a5b920"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 469, 0

GET
H2 200 slideOutRight.css
tenor.com/assets/animate.css/source/sliding_exits/ Frame 1376 208 B
1 KB 593ms
593ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/animate.css/source/sliding_exits/slideOutRight.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3169d0d81c78be483c96cb0032d363c2fcebdf287a6a3e5695801a566c3a6608

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-NWM2YWRkM2YtYTEwZS00MmFjLTlkZTMtNDk2MzZiZGNmNTQy' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-NWM2YWRkM2YtYTEwZS00MmFjLTlkZTMtNDk2MzZiZGNmNTQy' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60350
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 146
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200033-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:20 GMT
x-timer: S1702824485.921049,VS0,VE552
etag: W/"d0-18c61a5b920"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 450, 0

GET
H2 200 slideInDown.css
tenor.com/assets/animate.css/source/sliding_entrances/ Frame 1376 204 B
2 KB 192ms
191ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/animate.css/source/sliding_entrances/slideInDown.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

41f3a570c4a1ec3469b8eb6f266c76476fa0b443b8e213721db33af24359cbcd

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MzEyZDY2NGYtNzFmNS00OWE2LWE1NTItY2E4M2RlZThmYjkz' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MzEyZDY2NGYtNzFmNS00OWE2LWE1NTItY2E4M2RlZThmYjkz' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60351
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 145
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200079-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:20 GMT
x-timer: S1702824485.920872,VS0,VE151
etag: W/"cc-18c61a5b920"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 476, 0

GET
H2 200 slideOutUp.css
tenor.com/assets/animate.css/source/sliding_exits/ Frame 1376 200 B
1 KB 183ms
182ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/animate.css/source/sliding_exits/slideOutUp.css

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a306e00d9125b50e736c0937ee3744cf276772250eb093219ba1fcdea18b3f21

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MzU5ZmZhNzEtM2M2ZC00YWE5LWFhMWYtODQzMjMyMjk0ZGVj' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MzU5ZmZhNzEtM2M2ZC00YWE5LWFhMWYtODQzMjMyMjk0ZGVj' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60351
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 144
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200100-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:20 GMT
x-timer: S1702824485.920863,VS0,VE141
etag: W/"c8-18c61a5b920"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 523, 0

GET
H2 200 player.js Show response
tenor.com/assets/ Frame 1376 14 KB
5 KB 504ms
503ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/player.js

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-ODU4NGMwMmItNWRmYy00OTQ0LWJlZTctMjFjYjcyYWRlZDVk' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-ODU4NGMwMmItNWRmYy00OTQ0LWJlZTctMjFjYjcyYWRlZDVk' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 76469
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 3962
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200109-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:15 GMT
x-timer: S1702824485.920863,VS0,VE453
etag: W/"361c-18c61a5a598"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 702, 0

GET
H2 200 clipboard.js Show response
tenor.com/assets/ Frame 1376 9 KB
5 KB 240ms
240ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/clipboard.js

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-NGUxNjYwNGUtMjk2My00Y2I0LTliMTEtMzY5ZmU1MWI2YzAx' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-NGUxNjYwNGUtMjk2My00Y2I0LTliMTEtMzY5ZmU1MWI2YzAx' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 80340
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 3216
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200141-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 13 Dec 2023 05:28:18 GMT
x-timer: S1702824485.966051,VS0,VE154
etag: W/"23c8-18c61a5b150"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 699, 0

GET
H2 200 tenor-logo-white.svg
tenor.com/assets/img/ Frame 1376 7 KB
5 KB 512ms
511ms Image
image/svg+xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tenor.com/assets/img/tenor-logo-white.svg

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e75c4abc2f21b3f0f3dff14627808b356f7f1e590760bdf81dfa2504b84c9608

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MDhhM2U5YzktNDFmOS00OTdlLTk4MjctNzQwYjFlODQwMGQ3' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MDhhM2U5YzktNDFmOS00OTdlLTk4MjctNzQwYjFlODQwMGQ3' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60353
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 3520
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200086-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Wed, 03 May 2023 21:56:20 GMT
x-timer: S1702824485.966036,VS0,VE425
etag: W/"1d74-187e39dc3a0"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 3075, 0

GET
H2 200 facebook.svg
tenor.com/assets/img/icons/ Frame 1376 1 KB
2 KB 510ms
509ms Image
image/svg+xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tenor.com/assets/img/icons/facebook.svg

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

863a94d91fcab982c88987cca45b5379bb62801f2d22a08c6708dba0812d4393

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MmZiNGFjYWQtYzkyYy00OTE1LWEwY2EtNTVmM2Y5YTNmNTc5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MmZiNGFjYWQtYzkyYy00OTE1LWEwY2EtNTVmM2Y5YTNmNTc5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60354
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 557
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200034-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.966019,VS0,VE421
etag: W/"49f-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 27928, 0

GET
H2 200 twitter.svg
tenor.com/assets/img/icons/ Frame 1376 2 KB
2 KB 660ms
659ms Image
image/svg+xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tenor.com/assets/img/icons/twitter.svg

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bca99e112730eb8e9d3294f5a64955225117ba63efb814974f0f77f0316aa77c

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MWZmNzY3NzUtNmQwMS00YzRhLWFhMzEtMmUxYWVhYjg1YTRj' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MWZmNzY3NzUtNmQwMS00YzRhLWFhMzEtMmUxYWVhYjg1YTRj' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:06 GMT
content-encoding: gzip
age: 60354
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 966
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200101-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.435169,VS0,VE607
etag: W/"86f-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 28278, 0

GET
H2 200 tenor-logo-B3B9BF.svg
tenor.com/assets/img/ Frame 1376 7 KB
5 KB 181ms
180ms Image
image/svg+xml 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tenor.com/assets/img/tenor-logo-B3B9BF.svg

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edaa6026676341043f7eeddc791253358afa0056bb8897ad9b03785c22b7cbf5

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MzNlMmI3MGEtOWUzZC00ZDA0LWFhYWQtZDU3YzU2NDkwMzE4' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MzNlMmI3MGEtOWUzZC00ZDA0LWFhYWQtZDU3YzU2NDkwMzE4' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60350
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 3523
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200057-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.436157,VS0,VE140
etag: W/"1d74-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 503, 0

GET
H3 200 2009.06972211.css
dubb.com/build/ Frame D858 41 KB
8 KB 36ms
36ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/2009.06972211.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b901ae4f9f602468737803d35e082729982963dedf76fac1811e366080a4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=41859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:10 GMT
server: cloudflare
etag: W/"657f0142-a383"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7084e083a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 embed-video.8954ae74.css
dubb.com/build/css/ Frame D858 154 KB
39 KB 41ms
40ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/css/embed-video.8954ae74.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054e70d37d252a23a9c8c698419a8042822a7a8d376a7656f8b85a23d25d41c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=157825
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-26881"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7084e0b3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 runtime.e6709896.js Show response
dubb.com/build/ Frame D858 11 KB
5 KB 37ms
37ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/runtime.e6709896.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1389188ed1c342598c15b2602f1e75d52f6638e2d6f3b2702f5cd32b92d400c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=10816
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:20 GMT
server: cloudflare
etag: W/"657f014c-2a40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e0c3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1959.6276fcc4.js Show response
dubb.com/build/ Frame D858 189 KB
61 KB 248ms
247ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1959.6276fcc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86102e61f90279d23401d6125db1b6c569afe5f0dc0246cc3433ee69b98fc5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=195315
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-2faf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e103a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1297.abe92168.js Show response
dubb.com/build/ Frame D858 1 MB
413 KB 204ms
204ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1297.abe92168.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67b7be3456a14ddc6a8ac181c17abc3da6a47d574f802359dc1269879a037ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1423577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-15b8d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e123a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 7143.3c02a58f.js Show response
dubb.com/build/ Frame D858 39 KB
12 KB 39ms
39ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/7143.3c02a58f.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff69917a9f60bba88b196bbbb6ef8170abe6645d538bb11ab2caec219626e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=39603
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-9ab3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e143a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1498.df70f7ec.js Show response
dubb.com/build/ Frame D858 170 KB
45 KB 84ms
83ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1498.df70f7ec.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673ad21591c37ad87b78128a2480f669ed7d7e2a9d01dab4ac7f8e834b6c75d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=174334
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-2a8fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e153a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 v4.e7705558.js Show response
dubb.com/build/js/ Frame D858 8 KB
3 KB 38ms
37ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/js/v4.e7705558.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e334510cac128f2156754e56f17477eb620596b7f22b1f729b90595cef31bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=7980
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-1f2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7084e173a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 2009.06972211.css
dubb.com/build/ Frame 0AD9 41 KB
8 KB 48ms
47ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/2009.06972211.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b901ae4f9f602468737803d35e082729982963dedf76fac1811e366080a4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=41859
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:10 GMT
server: cloudflare
etag: W/"657f0142-a383"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7087e573a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 embed-video.8954ae74.css
dubb.com/build/css/ Frame 0AD9 154 KB
39 KB 49ms
47ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/css/embed-video.8954ae74.css

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

054e70d37d252a23a9c8c698419a8042822a7a8d376a7656f8b85a23d25d41c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=157825
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-26881"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff7087e583a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 runtime.e6709896.js Show response
dubb.com/build/ Frame 0AD9 11 KB
5 KB 32ms
31ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/runtime.e6709896.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1389188ed1c342598c15b2602f1e75d52f6638e2d6f3b2702f5cd32b92d400c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=10816
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:20 GMT
server: cloudflare
etag: W/"657f014c-2a40"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e593a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1959.6276fcc4.js Show response
dubb.com/build/ Frame 0AD9 189 KB
61 KB 389ms
388ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1959.6276fcc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86102e61f90279d23401d6125db1b6c569afe5f0dc0246cc3433ee69b98fc5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=195315
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-2faf3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e5a3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1297.abe92168.js Show response
dubb.com/build/ Frame 0AD9 1 MB
413 KB 495ms
494ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1297.abe92168.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b67b7be3456a14ddc6a8ac181c17abc3da6a47d574f802359dc1269879a037ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=1423577
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-15b8d9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e5b3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 7143.3c02a58f.js Show response
dubb.com/build/ Frame 0AD9 39 KB
12 KB 59ms
59ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/7143.3c02a58f.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff69917a9f60bba88b196bbbb6ef8170abe6645d538bb11ab2caec219626e65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=39603
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-9ab3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e5d3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 1498.df70f7ec.js Show response
dubb.com/build/ Frame 0AD9 170 KB
45 KB 61ms
60ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/1498.df70f7ec.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

673ad21591c37ad87b78128a2480f669ed7d7e2a9d01dab4ac7f8e834b6c75d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=174334
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-2a8fe"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e5f3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 v4.e7705558.js Show response
dubb.com/build/js/ Frame 0AD9 8 KB
3 KB 66ms
66ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/js/v4.e7705558.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e334510cac128f2156754e56f17477eb620596b7f22b1f729b90595cef31bb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 0
cf-polished: origSize=7980
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:46 GMT
server: cloudflare
etag: W/"657f012a-1f2c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff7087e603a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H2 200 googleFonts.css
tenor.com/assets/fonts/ Frame 1376 241 B
2 KB 192ms
192ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/fonts/googleFonts.css

Requested by

Host: tenor.com
URL: https://tenor.com/assets/fonts/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

92983036d28add08f7e687ae241b592ce11c18a58f24530956f8665c2bf7303e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-YmQxYTU5YzAtMjJjOC00MTRjLWEwNzMtNDNhNTZkOTQ1ZGQy' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-YmQxYTU5YzAtMjJjOC00MTRjLWEwNzMtNDNhNTZkOTQ1ZGQy' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60351
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 181
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200079-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.384338,VS0,VE151
etag: W/"f1-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: Accept-Encoding, x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 448, 0

GET
H2 200 inter.css
tenor.com/assets/fonts/ Frame 1376 6 KB
2 KB 497ms
497ms Stylesheet
text/css 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/fonts/inter.css

Requested by

Host: tenor.com
URL: https://tenor.com/assets/fonts/fonts.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

95bf5fdafa4cbcc54a628bd0357a68fdc2d3a86bf183ea417f68b027e928af0b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-MGIxNWNmNTEtOWUzNC00NmQ5LTg3ZGMtMDY1ODFmNDc1YjE5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-MGIxNWNmNTEtOWUzNC00NmQ5LTg3ZGMtMDY1ODFmNDc1YjE5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
age: 60352
via: 1.1 google, 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
content-length: 732
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200058-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824485.384331,VS0,VE454
etag: W/"16d9-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin, Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 486, 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1760 2 KB
498 B 79ms
31ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 14:03:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 14:48:05 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
834 B 46ms
30ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 14:02:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 14:48:05 GMT

GET
H3 200 886.1d4b0bc9.js Show response
dubb.com/build/ Frame D858 6 KB
3 KB 200ms
200ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/886.1d4b0bc9.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb55be32399a179e7839398fbbbffe8afdad2a2d89d30ff95455dc4a92b371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=6070
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:11 GMT
server: cloudflare
etag: W/"657f0143-17b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70aa95c3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

OPTIONS
H2 200 get
client-api.provesrc.com/notifications/ Frame 0
0 123ms
123ms Preflight 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 17 Dec 2023 14:48:05 GMT
x-ps-host: ip-172-31-33-180
x-request-id: fe42cf6a-34ca-4257-b7dc-01846091acba

POST
H2 200 get Show response
client-api.provesrc.com/notifications/ Frame 1760 2 B
376 B 125ms
125ms Fetch
application/json 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2NGIxMGUwMTJhMDZlMzY4NDhjMGQwMmQiLCJpYXQiOjE2ODkzMjUwNTd9._mjpLrXXE6Bz29zFUNnrBDMLI1WcBDvcx6dIS5rRhrA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-ps-first: psuid=704f0838-7585-4093-8714-3e5a53adf65d;ps64b10e012a06e36848c0d02d=true|1702512000000
Accept: application/json
x-ps-url: aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby9wdWJsaWMvMTE4MjQxNjk3MWMyOTc1NDA4ZjNiN2Q5MmMwMjQzODU0N2FjMWIxYS9zaG93P2hvc3RuYW1lPW5vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvP3NvdXJjZT1odHRwczovL25vcmZvbGtmeHRyYWRlci5zeXN0ZW1lLmlvLyNzeXN0ZW1laW8taWZyYW1lLTE3MDI4MjQ0ODQzOTM=
Referer: https://norfolkfxtrader.systeme.io/
x-ps-uid: 5312bc2e-1673-4d00-97e8-366c5c4ad033
x-ps-version: 4.6.3

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkfxtrader.systeme.io
x-ps-host: ip-172-31-33-180
access-control-expose-headers: x-ps-first
vary: Accept-Encoding
access-control-allow-credentials: true
content-length: 2
x-request-id: e5293b55-19cc-4e28-8347-be1e3306dd66

GET
H3 200 886.1d4b0bc9.js Show response
dubb.com/build/ Frame EF4A 6 KB
3 KB 187ms
187ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/886.1d4b0bc9.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb55be32399a179e7839398fbbbffe8afdad2a2d89d30ff95455dc4a92b371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=6070
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:11 GMT
server: cloudflare
etag: W/"657f0143-17b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70ac9983a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3

200

main.js Show response
dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame CDD6
Redirect Chain

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

28ms
28ms

Script
application/javascript

2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849c189f94583403740df42f9463f517d7f4e99a9c0c51c08304219c871ab2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 836ff70b19ef3a6c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 836ff70ae9c63a6c-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 get Show response
client-api.provesrc.com/notifications/ 11 KB
2 KB 148ms
147ms Fetch
application/json 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash: f729e979a674f857370da62833cfec6d4fd2ffe01fc4331d6fa93fb5b9135fba

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2NGIxMGUwMTJhMDZlMzY4NDhjMGQwMmQiLCJpYXQiOjE2ODkzMjUwNTd9._mjpLrXXE6Bz29zFUNnrBDMLI1WcBDvcx6dIS5rRhrA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-ps-first: psuid=704f0838-7585-4093-8714-3e5a53adf65d;ps64b10e012a06e36848c0d02d=true|1702512000000
Accept: application/json
x-ps-url: aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby8=
Referer: https://norfolkfxtrader.systeme.io/
x-ps-uid: 5312bc2e-1673-4d00-97e8-366c5c4ad033
x-ps-version: 4.6.3

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
content-encoding: gzip
etag: W/"2ac7-VnhiHrs6fzl0Fb3yOlf7zW+dAPw"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkfxtrader.systeme.io
x-ps-host: ip-172-31-29-194
access-control-expose-headers: x-ps-first
vary: Accept-Encoding
access-control-allow-credentials: true
x-request-id: 831b864f-fbc8-4990-b91f-a939b1239020

OPTIONS
H2 200 get
client-api.provesrc.com/notifications/ Frame 0
0 120ms
120ms Preflight 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/get
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 17 Dec 2023 14:48:05 GMT
x-ps-host: ip-172-31-60-16
x-request-id: 7cd6a5ba-9f2c-4309-922a-b3d0ee8478ef

GET
H3

200

main.js Show response
dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame C2A7
Redirect Chain

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

28ms
28ms

Script
application/javascript

2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f9d6e458e5cfa4c5c0bc10d898899687a54c34f71f0e7be8f869e3a71b9f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 836ff70b3a233a6c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 836ff70af9d43a6c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 836ff7042b4d9bce Show response
dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CDD6 0
303 B 53ms
53ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/836ff7042b4d9bce

Requested by

Host: dubb.com
URL: https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 836ff70b9b003a6c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 836ff7042b599bce Show response
dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C2A7 0
303 B 46ms
46ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/836ff7042b599bce

Requested by

Host: dubb.com
URL: https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 836ff70c0bc73a6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 6643.3c20a570.js Show response
dubb.com/build/ Frame D858 587 KB
167 KB 212ms
212ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/6643.3c20a570.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5b5f55d0486188340a02027472e81dea80716fef25b07a239bbe88003c9879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=601411
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-92d43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bca3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 3358.060ffc11.js Show response
dubb.com/build/ Frame D858 527 KB
151 KB 1342ms
1342ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/3358.060ffc11.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bd537614b76b10eed617de2bc14b0cb98594c29698c594dfc4e2a8f028edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=539381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-83af5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bcc3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 5055.d8cffac7.css
dubb.com/build/ Frame D858 3 KB
897 B 193ms
193ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.d8cffac7.css

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2929df0c2c9053e0a1c10b6152abd74ecad002b1c6699c5ccd221ba04dedf369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=2635
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 02:52:40 GMT
server: cloudflare
etag: W/"657e6278-a4b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff70c0bce3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 5055.2104dfc4.js Show response
dubb.com/build/ Frame D858 39 KB
11 KB 205ms
205ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.2104dfc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5440c88885e980a51ceb321240404e7ed1b3550e7941a85d711226b3d4f706bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=40550
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-9e66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bd03a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

POST
H3 204 track Show response
dubb.com/api/video/2052520/ Frame D858 0
379 B 379ms
379ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/api/video/2052520/track

Requested by

Host: dubb.com
URL: https://dubb.com/build/1297.abe92168.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-ratelimit-remaining: 28
vary: Origin
cache-control: must-revalidate, no-cache, no-store, private
x-ratelimit-limit: 30
cf-ray: 836ff70c0bd73a6c-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 425ea9692e4d45dd97a1811b167ae898

GET
H3 200 6643.3c20a570.js Show response
dubb.com/build/ Frame EF4A 587 KB
167 KB 459ms
459ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/6643.3c20a570.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5b5f55d0486188340a02027472e81dea80716fef25b07a239bbe88003c9879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=601411
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-92d43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bd83a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 3358.060ffc11.js Show response
dubb.com/build/ Frame EF4A 527 KB
151 KB 453ms
452ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/3358.060ffc11.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bd537614b76b10eed617de2bc14b0cb98594c29698c594dfc4e2a8f028edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=539381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-83af5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bd93a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 5055.d8cffac7.css
dubb.com/build/ Frame EF4A 3 KB
897 B 194ms
194ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.d8cffac7.css

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2929df0c2c9053e0a1c10b6152abd74ecad002b1c6699c5ccd221ba04dedf369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=2635
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 02:52:40 GMT
server: cloudflare
etag: W/"657e6278-a4b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff70c0bda3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

GET
H3 200 5055.2104dfc4.js Show response
dubb.com/build/ Frame EF4A 39 KB
11 KB 207ms
207ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.2104dfc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5440c88885e980a51ceb321240404e7ed1b3550e7941a85d711226b3d4f706bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:05 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=40550
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-9e66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70c0bdc3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:05 GMT

POST
H3 204 track Show response
dubb.com/api/video/2004682/ Frame EF4A 0
379 B 348ms
348ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/api/video/2004682/track

Requested by

Host: dubb.com
URL: https://dubb.com/build/1297.abe92168.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-ratelimit-remaining: 29
vary: Origin
cache-control: must-revalidate, no-cache, no-store, private
x-ratelimit-limit: 30
cf-ray: 836ff70c0bdd3a6c-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 4a01a30d6ee54076a889b55f3666ab35

OPTIONS
H2 200 analytics
client-api.provesrc.com/notifications/ Frame 0
0 126ms
125ms Preflight 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/analytics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
Access-Control-Request-Method: POST
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type,x-ps-first,x-ps-uid,x-ps-url,x-ps-version
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
access-control-expose-headers: x-ps-first
access-control-max-age: 7200
date: Sun, 17 Dec 2023 14:48:05 GMT
x-ps-host: ip-172-31-29-194
x-request-id: ef4692b0-dc3f-4d3a-83fa-85863ae6956f

POST
H2 200 analytics Show response
client-api.provesrc.com/notifications/ 24 B
399 B 125ms
123ms Fetch
application/json 54.211.100.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://client-api.provesrc.com/notifications/analytics
Requested by: Host: cdn.provesrc.com
URL: https://cdn.provesrc.com/provesrc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.211.100.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-100-135.compute-1.amazonaws.com
Software: /
Resource Hash: 8a36c989fe0efaa93eb0f4062fa976a326264fbc971214d8e5e8a08a92066a4a

Request headers

accept-language: de-DE,de;q=0.9
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhY2NvdW50SWQiOiI2NGIxMGUwMTJhMDZlMzY4NDhjMGQwMmQiLCJpYXQiOjE2ODkzMjUwNTd9._mjpLrXXE6Bz29zFUNnrBDMLI1WcBDvcx6dIS5rRhrA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json
x-ps-first: psuid=704f0838-7585-4093-8714-3e5a53adf65d;ps64b10e012a06e36848c0d02d=true|1702512000000
Accept: application/json
x-ps-url: aHR0cHM6Ly9ub3Jmb2xrZnh0cmFkZXIuc3lzdGVtZS5pby8=
Referer: https://norfolkfxtrader.systeme.io/
x-ps-uid: 5312bc2e-1673-4d00-97e8-366c5c4ad033
x-ps-version: 4.6.3

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
etag: W/"18-yFpqYVDJmM5e4YghNEYBgNuXov8"
access-control-max-age: 7200
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkfxtrader.systeme.io
x-ps-host: ip-172-31-60-16
access-control-expose-headers: x-ps-first
vary: Accept-Encoding
access-control-allow-credentials: true
content-length: 24
x-request-id: 4ce429bf-5149-43c2-b158-42d5ce53cebb

GET
H2 200 2d657cd0a63bd54f6e74598cf9855a36-kenya,nairobi.png
cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/maps/ 5 KB
6 KB 236ms
165ms Image
image/png 2606:4700::6812:cc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/maps/2d657cd0a63bd54f6e74598cf9855a36-kenya,nairobi.png

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5983eb2a5db278c29d1c50588bc80dea2dc6287dfd4b858b42299ae9a16a6e45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx000000000000071cb325d-00656a242a-4d35fff7-nyc3b
x-envoy-upstream-healthchecked-cluster
content-length: 5217
last-modified: Mon, 07 Oct 2019 15:28:24 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1552920245/ctime:1552905892/gid:20/gname:staff/md5:3eedd6853df511975df188a1d0c550b8/mode:33188/mtime:1552826680/uid:501/uname:natanavra
etag: "3eedd6853df511975df188a1d0c550b8"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 1a52b133-0d52-486d-850d-805c251ed12c
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 836ff70d1c9b9b80-FRA

GET
H2 200 ke.svg
cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/flags/ 1 KB
1 KB 219ms
148ms Image
image/svg+xml 2606:4700::6812:cc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-provesrc.nyc3.cdn.digitaloceanspaces.com/flags/ke.svg

Requested by

Host: norfolkfxtrader.systeme.io
URL: https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:cc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6390bd1dead222763be7c93e10ce8d48ce550d2083d00b907504d01f3be8da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 26 Jan 2020 07:41:30 GMT
server: cloudflare
x-amz-request-id: tx000000000000071cfa2fa-00656a28a1-4cff3ece-nyc3b
etag: W/"dd8a91b8196000643e3383d81c659ecb"
x-envoy-upstream-healthchecked-cluster
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/svg+xml
x-do-cdn-uuid: 1a52b133-0d52-486d-850d-805c251ed12c
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 836ff70d1c989b80-FRA

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 69ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 15:57:03 GMT
x-content-type-options: nosniff
age: 427862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 15:57:03 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 88ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:36:20 GMT
x-content-type-options: nosniff
age: 515505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 15:36:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1376 52 KB
21 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 13:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3591
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 17 Dec 2023 15:48:14 GMT

GET
H2 206 chicken-viralhog.mp4
media.tenor.com/IUQTJWJ7OAYAAAPo/ Frame 1376 690 KB
691 KB 144ms
68ms Media
video/mp4 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://media.tenor.com/IUQTJWJ7OAYAAAPo/chicken-viralhog.mp4

Requested by

Host: tenor.com
URL: https://tenor.com/embed/22723466?canonicalurl=https://norfolkfxtrader.systeme.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5db110297b17de4f4237e73621fe92e2caf340ee0851797744c639f43e5074f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tenor.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
Content-Range: bytes 0-706839/706840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 706840
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 08:42:17 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Mon, 18 Dec 2023 14:48:06 GMT

GET
H2 200 Inter-SemiBold.woff2
tenor.com/assets/fonts/ Frame 1376 104 KB
105 KB 199ms
199ms Font
font/woff2 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tenor.com/assets/fonts/Inter-SemiBold.woff2?v=3.15

Requested by

Host: tenor.com
URL: https://tenor.com/assets/fonts/inter.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://.tenor.co https://.tenor.com https://.googleapis.com https://api-v1.tenor.com https://.google-analytics.com https://.doubleclick.net https://pixel.mtrcs.samba.tv https://.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://.google-analytics.com https://.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://.google.com 'nonce-ODlmODg1NWQtMTJiMS00ZGE3LWEwZWItNzMzNmRmNjcwNDc5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://.tenor.co https://.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://.google-analytics.com https://.doubleclick.net https://.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://.google.com https://.googleapis.com; object-src 'none'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tenor.com/
Origin: https://tenor.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: base-uri 'self'; default-src 'self'; connect-src 'self' blob: https://tenor.com https://*.tenor.co https://*.tenor.com https://*.googleapis.com https://api-v1.tenor.com https://*.google-analytics.com https://*.doubleclick.net https://pixel.mtrcs.samba.tv https://*.google.com; script-src 'self' data: blob: https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://*.google-analytics.com https://*.facebook.net https://www.google.com/recaptcha/api.js https://www.gstatic.com/recaptcha/ https://pixel.mtrcs.samba.tv https://*.google.com 'nonce-ODlmODg1NWQtMTJiMS00ZGE3LWEwZWItNzMzNmRmNjcwNDc5' 'unsafe-eval'; style-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com https://news.google.com 'unsafe-inline'; font-src 'self' https://tenor.co https://tenor.com https://*.tenor.co https://*.tenor.com; img-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/ https://tenor.googleapis.com/ https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.com https://pixel.mtrcs.samba.tv http: https:; media-src 'self' blob: data: https://media.tenor.co https://media.tenor.com https://media1.tenor.co https://media1.tenor.com https://c.tenor.com/; frame-src 'self' https://www.google.com/recaptcha/ https://www.facebook.com/tr/ https://*.google.com https://*.googleapis.com; object-src 'none'
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
date: Sun, 17 Dec 2023 14:48:06 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 60350
x-cache: HIT, MISS
content-length: 105992
x-xss-protection: 1; mode=block
x-served-by: cache-bur-kbur8200054-BUR, cache-cph2320029-CPH
referrer-policy: origin
last-modified: Thu, 09 Nov 2023 07:27:39 GMT
x-timer: S1702824486.894692,VS0,VE152
etag: W/"19e08-18bb2fabdf8"
x-download-options: noopen
x-frame-options: DENY
vary: x-edge-forwarded-proto, x-edge-forwarded-host, x-forwarded-host, Origin
content-type: font/woff2
access-control-allow-origin: https://tenor.com
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 8528, 0

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ Frame 1376 2 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tenor.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:37:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 665
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 17 Dec 2023 15:37:00 GMT

GET
H3 200 886.1d4b0bc9.js Show response
dubb.com/build/ Frame 0AD9 6 KB
3 KB 34ms
34ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/886.1d4b0bc9.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb55be32399a179e7839398fbbbffe8afdad2a2d89d30ff95455dc4a92b371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=6070
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:11 GMT
server: cloudflare
etag: W/"657f0143-17b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70d8dab3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3

200

main.js Show response
dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 67C9
Redirect Chain

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

39ms
39ms

Script
application/javascript

2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4963919fb32a2e1f13cff603417af5ed3e5f2d13f546faed74d7d44fcd6651b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 836ff70dee373a6c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 836ff70dbdfb3a6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 886.1d4b0bc9.js Show response
dubb.com/build/ Frame 4411 6 KB
3 KB 31ms
31ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/886.1d4b0bc9.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb55be32399a179e7839398fbbbffe8afdad2a2d89d30ff95455dc4a92b371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=6070
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:11 GMT
server: cloudflare
etag: W/"657f0143-17b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70dde2e3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3

200

main.js Show response
dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame 362A
Redirect Chain

https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
3 KB

29ms
29ms

Script
application/javascript

2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68798d2a241b74c023ae11ed1c4886794d9f5686f2187774ba76c1336f094f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 836ff70e0e9c3a6c-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 836ff70dee363a6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 6643.3c20a570.js Show response
dubb.com/build/ Frame 0AD9 587 KB
167 KB 48ms
48ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/6643.3c20a570.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5b5f55d0486188340a02027472e81dea80716fef25b07a239bbe88003c9879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=601411
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-92d43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70dee393a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 3358.060ffc11.js Show response
dubb.com/build/ Frame 0AD9 527 KB
151 KB 360ms
360ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/3358.060ffc11.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bd537614b76b10eed617de2bc14b0cb98594c29698c594dfc4e2a8f028edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=539381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-83af5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70dee3a3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 5055.d8cffac7.css
dubb.com/build/ Frame 0AD9 3 KB
900 B 34ms
34ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.d8cffac7.css

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2929df0c2c9053e0a1c10b6152abd74ecad002b1c6699c5ccd221ba04dedf369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=2635
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 02:52:40 GMT
server: cloudflare
etag: W/"657e6278-a4b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff70dee3b3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 5055.2104dfc4.js Show response
dubb.com/build/ Frame 0AD9 39 KB
11 KB 36ms
36ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.2104dfc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5440c88885e980a51ceb321240404e7ed1b3550e7941a85d711226b3d4f706bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=40550
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-9e66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70dee3f3a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

POST
H3 204 track Show response
dubb.com/api/video/2052489/ Frame 0AD9 0
379 B 369ms
369ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/api/video/2052489/track

Requested by

Host: dubb.com
URL: https://dubb.com/build/1297.abe92168.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-ratelimit-remaining: 27
vary: Origin
cache-control: must-revalidate, no-cache, no-store, private
x-ratelimit-limit: 30
cf-ray: 836ff70dee413a6c-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 88096a3812064be4a653cd56f3bf1137

GET
H3 200 6643.3c20a570.js Show response
dubb.com/build/ Frame 4411 587 KB
167 KB 47ms
47ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/6643.3c20a570.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5b5f55d0486188340a02027472e81dea80716fef25b07a239bbe88003c9879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=601411
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-92d43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70e0e913a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 3358.060ffc11.js Show response
dubb.com/build/ Frame 4411 527 KB
151 KB 526ms
526ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/3358.060ffc11.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bd537614b76b10eed617de2bc14b0cb98594c29698c594dfc4e2a8f028edc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cf-polished: origSize=539381
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:09:57 GMT
server: cloudflare
etag: W/"657f0135-83af5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70e0e943a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 5055.d8cffac7.css
dubb.com/build/ Frame 4411 3 KB
900 B 33ms
33ms Stylesheet
text/css 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.d8cffac7.css

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2929df0c2c9053e0a1c10b6152abd74ecad002b1c6699c5ccd221ba04dedf369

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=2635
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 02:52:40 GMT
server: cloudflare
etag: W/"657e6278-a4b"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 836ff70e0e953a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H3 200 5055.2104dfc4.js Show response
dubb.com/build/ Frame 4411 39 KB
11 KB 36ms
36ms Script
application/javascript 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/5055.2104dfc4.js

Requested by

Host: dubb.com
URL: https://dubb.com/build/runtime.e6709896.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5440c88885e980a51ceb321240404e7ed1b3550e7941a85d711226b3d4f706bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1
cf-polished: origSize=40550
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 14:10:19 GMT
server: cloudflare
etag: W/"657f014b-9e66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 836ff70e0e973a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

POST
H3 204 track Show response
dubb.com/api/video/2013669/ Frame 4411 0
379 B 323ms
323ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/api/video/2013669/track

Requested by

Host: dubb.com
URL: https://dubb.com/build/1297.abe92168.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: undefined
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-ratelimit-remaining: 26
vary: Origin
cache-control: must-revalidate, no-cache, no-store, private
x-ratelimit-limit: 30
cf-ray: 836ff70e0e993a6c-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 9d18080aae9440bbbc21e5385e2566f1

POST
H3 200 836ff7042b559bce Show response
dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 67C9 0
303 B 40ms
39ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/836ff7042b559bce

Requested by

Host: dubb.com
URL: https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 836ff70e7f313a6c-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 836ff7042b519bce Show response
dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 362A 0
303 B 40ms
40ms XHR
text/plain 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/cdn-cgi/challenge-platform/h/g/jsd/r/836ff7042b519bce

Requested by

Host: dubb.com
URL: https://dubb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 836ff70f28323a6c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame EF4A 993 B
2 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dubb.com
URL: https://dubb.com/build/3358.060ffc11.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 14:48:06 GMT

GET 720p_kRzF.mp4
fra1.do.dubbcdn.com/videos/2023-10-28/fdf962cd29a10ffde07b0059b399d7cd/ Frame EF4A 0
0

GET
H2 206 720p_kRzF.mp4
fra1.do.dubbcdn.com/videos/2023-10-28/fdf962cd29a10ffde07b0059b399d7cd/ Frame EF4A 295 KB
0 129ms
37ms Media
video/mp4 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1.do.dubbcdn.com/videos/2023-10-28/fdf962cd29a10ffde07b0059b399d7cd/720p_kRzF.mp4

Requested by

Host: dubb.com
URL: https://dubb.com/v/euVn49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://dubb.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128a6b7-00656a3528-3b70040e-fra1a
age: 1308
x-envoy-upstream-healthchecked-cluster
Content-Range: bytes 0-7334233/7334234
content-disposition: attachment
Content-Length: 7334234
last-modified: Sat, 28 Oct 2023 18:23:55 GMT
server: cloudflare
etag: "2db51e69c0af43fb0d47a735ca7867c4"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: video/mp4
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 836ff7100b8a5c50-FRA

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ Frame EF4A 216 KB
67 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 14:04:11 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 0AD9 993 B
518 B 44ms
44ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dubb.com
URL: https://dubb.com/build/3358.060ffc11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 14:48:06 GMT

GET
H2 200 rcAi12ydTIdn4LjUpirTtDghSdpNCUSsYiP9z8oB.png
fra1.do.dubbcdn.com/videos/55744/ Frame 0AD9 111 KB
111 KB 36ms
36ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1.do.dubbcdn.com/videos/55744/rcAi12ydTIdn4LjUpirTtDghSdpNCUSsYiP9z8oB.png

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0a5de9638d32b2fd4f987705c848883d087471dcb33af175ba46a73e8e3d6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128b2ee-00656a3528-3b70053d-fra1a
age: 2626
x-envoy-upstream-healthchecked-cluster
content-length: 113363
last-modified: Sun, 26 Nov 2023 21:50:47 GMT
server: cloudflare
etag: "b5172bf1e481bb8acccd7339e36f3f74"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 836ff7105bdb5c50-FRA

GET
DATA 200
OK truncated
/ Frame 0AD9 110 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7298400d10ecc1a9f8802c04010c8af42b958a6494cebf552536e3f306dc8ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 nuevo.af7ecf88.ttf
dubb.com/build/fonts/ Frame 0AD9 10 KB
10 KB 196ms
196ms Font
application/octet-stream 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/fonts/nuevo.af7ecf88.ttf

Requested by

Host: dubb.com
URL: https://dubb.com/build/2009.06972211.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0244ed997c09c2f547c6bd7cb9cdcd52e3eaafa3cd5c9e828792be57665a8797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/build/2009.06972211.css
Origin: https://dubb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Sun, 17 Dec 2023 03:59:20 GMT
server: cloudflare
etag: "657e7218-2808"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 836ff71059973a6c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10248
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET 720p_aH7g.mp4
fra1.do.dubbcdn.com/videos/2023-11-26/eb3d0b452c0d8c68dec6ea4e446c8612/ Frame 0AD9 0
0

GET
H2 206 720p_aH7g.mp4
fra1.do.dubbcdn.com/videos/2023-11-26/eb3d0b452c0d8c68dec6ea4e446c8612/ Frame 0AD9 351 KB
0 36ms
36ms Media
video/mp4 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1.do.dubbcdn.com/videos/2023-11-26/eb3d0b452c0d8c68dec6ea4e446c8612/720p_aH7g.mp4

Requested by

Host: dubb.com
URL: https://dubb.com/v/w5OG49/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://dubb.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128ae2e-00656a3528-3b78b790-fra1a
age: 2626
x-envoy-upstream-healthchecked-cluster
Content-Range: bytes 0-7340435/7340436
content-disposition: attachment
Content-Length: 7340436
last-modified: Sun, 26 Nov 2023 21:49:54 GMT
server: cloudflare
etag: "e9f69bc696b378ffce7a9effb8ba2a39"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: video/mp4
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 836ff7105be45c50-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ Frame 0AD9 216 KB
67 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 14:04:11 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 4411 993 B
518 B 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dubb.com
URL: https://dubb.com/build/3358.060ffc11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 14:48:06 GMT

GET 720p_lgeM.mp4
fra1.do.dubbcdn.com/videos/2023-11-02/c041d613b2f14be9684c2b3d16049ab8/ Frame 4411 0
0

GET
H2 200 NqF3anwIkNFWYoE75sWhoufjAaj4wbsKglmRYjWV.jpg
fra1.do.dubbcdn.com/videos/55744/ Frame 4411 347 KB
347 KB 29ms
29ms Image
image/jpeg 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1.do.dubbcdn.com/videos/55744/NqF3anwIkNFWYoE75sWhoufjAaj4wbsKglmRYjWV.jpg

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5387747fd21dbdf4a5a2cb1477b5bbba0229e7a984cb09c683b003ade7b1fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128b2be-00656a3528-3b76e6d0-fra1a
age: 2627
x-envoy-upstream-healthchecked-cluster
content-length: 355165
cf-bgj: h2pri
last-modified: Thu, 02 Nov 2023 20:06:41 GMT
server: cloudflare
etag: "2c067aa8040cd3f3b1c21e5c42588c78"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/jpeg
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
cache-control: max-age=3600
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 836ff711ad155c50-FRA

GET
DATA 200
OK truncated
/ Frame 4411 110 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7298400d10ecc1a9f8802c04010c8af42b958a6494cebf552536e3f306dc8ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 nuevo.af7ecf88.ttf
dubb.com/build/fonts/ Frame 4411 10 KB
10 KB 32ms
32ms Font
application/octet-stream 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/fonts/nuevo.af7ecf88.ttf

Requested by

Host: dubb.com
URL: https://dubb.com/build/2009.06972211.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0244ed997c09c2f547c6bd7cb9cdcd52e3eaafa3cd5c9e828792be57665a8797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/build/2009.06972211.css
Origin: https://dubb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 0
alt-svc: h3=":443"; ma=86400
content-length: 10248
last-modified: Sun, 17 Dec 2023 03:59:20 GMT
server: cloudflare
etag: "657e7218-2808"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 836ff711ab213a6c-FRA
expires: Sun, 17 Dec 2023 18:48:06 GMT

GET
H2 206 720p_lgeM.mp4
fra1.do.dubbcdn.com/videos/2023-11-02/c041d613b2f14be9684c2b3d16049ab8/ Frame 4411 275 KB
0 39ms
39ms Media
video/mp4 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1.do.dubbcdn.com/videos/2023-11-02/c041d613b2f14be9684c2b3d16049ab8/720p_lgeM.mp4

Requested by

Host: dubb.com
URL: https://dubb.com/v/bEbLfq/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://dubb.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 14:48:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128ae2d-00656a3528-3b78b790-fra1a
age: 2627
x-envoy-upstream-healthchecked-cluster
Content-Range: bytes 0-6965306/6965307
content-disposition: attachment
Content-Length: 6965307
last-modified: Thu, 02 Nov 2023 20:04:03 GMT
server: cloudflare
etag: "e9cd071ab88a4988b0d30eaffc9f9c70"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: video/mp4
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 836ff711ad1f5c50-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ Frame 4411 216 KB
67 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2635
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 14:04:11 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame D858 993 B
518 B 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: dubb.com
URL: https://dubb.com/build/3358.060ffc11.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 14:48:07 GMT

GET
H2 200 0vy7gc7O2yxsTjSjlhIH5EfeiidT5ZvAno4zrjZx.png
fra1.do.dubbcdn.com/videos/55744/ Frame D858 137 KB
137 KB 42ms
42ms Image
image/png 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1.do.dubbcdn.com/videos/55744/0vy7gc7O2yxsTjSjlhIH5EfeiidT5ZvAno4zrjZx.png

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a8239a24b037ac24ebb731c3a0a1f0c8d70c3ef1931fa65b9c7bddcb68cd6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128b2a5-00656a3527-3b76e6d0-fra1a
age: 1309
x-envoy-upstream-healthchecked-cluster
content-length: 140113
last-modified: Sun, 26 Nov 2023 22:08:11 GMT
server: cloudflare
etag: "58b67ab08de368735c8e0cf0ce22f8f9"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: image/png
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
accept-ranges: bytes
cf-ray: 836ff714a8445c50-FRA

GET
DATA 200
OK truncated
/ Frame D858 110 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7298400d10ecc1a9f8802c04010c8af42b958a6494cebf552536e3f306dc8ed5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 nuevo.af7ecf88.ttf
dubb.com/build/fonts/ Frame D858 10 KB
10 KB 31ms
31ms Font
application/octet-stream 2606:4700::6812:1ad0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dubb.com/build/fonts/nuevo.af7ecf88.ttf

Requested by

Host: dubb.com
URL: https://dubb.com/build/2009.06972211.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1ad0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0244ed997c09c2f547c6bd7cb9cdcd52e3eaafa3cd5c9e828792be57665a8797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dubb.com/build/2009.06972211.css
Origin: https://dubb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 10248
last-modified: Sun, 17 Dec 2023 03:59:20 GMT
server: cloudflare
etag: "657e7218-2808"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 836ff714af293a6c-FRA
expires: Sun, 17 Dec 2023 18:48:07 GMT

GET 720p_1iRc.mp4
fra1.do.dubbcdn.com/videos/2023-11-26/b6908d76030e3bcf922f465ffeebd425/ Frame D858 0
0

GET
H2 206 720p_1iRc.mp4
fra1.do.dubbcdn.com/videos/2023-11-26/b6908d76030e3bcf922f465ffeebd425/ Frame D858 495 KB
0 30ms
29ms Media
video/mp4 2606:4700::6812:dc0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1.do.dubbcdn.com/videos/2023-11-26/b6908d76030e3bcf922f465ffeebd425/720p_1iRc.mp4

Requested by

Host: dubb.com
URL: https://dubb.com/v/i7IXGi/embed?width=auto&height=auto&autoplay=0&no_cta=1&no_controls=0&muted=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dc0 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://dubb.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: tx00000000000002128905f-00656a3528-3b7003e1-fra1a
age: 1309
x-envoy-upstream-healthchecked-cluster
Content-Range: bytes 0-8375918/8375919
content-disposition: attachment
Content-Length: 8375919
last-modified: Sun, 26 Nov 2023 22:11:18 GMT
server: cloudflare
etag: "0d1533853810e6753dcd22ea50eee1b7"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: video/mp4
x-do-cdn-uuid: 2f697a25-1929-4072-ad23-29271da72ad2
x-rgw-object-type: Normal
cache-control: max-age=3600
cf-ray: 836ff714b84c5c50-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ Frame D858 216 KB
67 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dubb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2636
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 14:04:11 GMT

GET
H2 200 3SzB5pAO.json Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/ 44 B
597 B 70ms
28ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/3SzB5pAO.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1b71952b46c9c86cbf19248666cf757e24c8f535d83944c1cb60d5e3c268d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 478861
etag: W/"2c-60c45533055e1"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWdOeNX5RAOdFltzI4KGY8caLqxpp5mWRiLl2VglvbYVfust59c4Or9JNIuk3SQJcBs14ys59Bz7duBTJ%2BGVHorhRDAk3P5isfJuyMZ%2Bjg8dzatJaFSa3LtSwKkY5IONP%2FaTkFCAgZbiAq4Sacvb"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff7155eef906a-FRA

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 121 B
182 B 162ms
160ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bbe2c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 81 KB
29 KB 267ms
266ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bc32c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 212 KB
62 KB 374ms
373ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"86b32a04921a039ace69980bacd1b639"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bc42c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 219 KB
43 KB 371ms
370ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4ae1632a9d343e74a4fd1ad8970d80924c1dbb776e034931114567954740181

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"d06b05e2dd40119a006690b9909653c3"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bc62c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 2 KB
1 KB 148ms
147ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

464505e1e4e85a3532b751d65ab7801f12b485bf70c83b85a5e66cec7dcf29cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"a386c6880175b560a62a16438b9fb69e"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bc92c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/js/ 151 B
310 B 145ms
144ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5fc38b13920fc91564cbb834/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkfxtrader.systeme.io/
Origin: https://norfolkfxtrader.systeme.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Wed, 13 Dec 2023 16:37:47 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff7151bca2c79-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 Q9umZb7S.json Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/config/ 32 KB
6 KB 31ms
31ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/config/Q9umZb7S.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0129f8d65dc229c01e6619bf36a41edb4f2f2442e0104f28e649c01e969f5387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8000-60c4553307521"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9E3UfPhwp8Pl7gAOQlWKqFwq78KihWGJzBJvZGvxy5VzLEbouPK7TSQdpBLiFc%2FxyzWoR34Gc9Jyy2uSdoguAclO%2BKWwzOpNJ09Q2yQDpaMhNWWPud7HfeZetOyqFB51jMNqeYZgP2SR47JqXcw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff7158f1c906a-FRA

GET
H2 200 Ds3yuGYk.json Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/translations/ 2 KB
1 KB 34ms
34ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/translations/Ds3yuGYk.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d94a3d7c413f28f9cb58bac202e11176255867b887e02a91af13fd3e91c3dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"81d-60c4553307521"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWUpLWj7HS0ZwG5C5N2mKEnPjnX5lsyl8PJ15NC4kMi4CZom5OvYFVRoKoJfZGH6n8LA5uGIOOJfldNTMvZYypRykaDdP6ciM%2BCUdPSfZMo6zlZlTnuJ8l1J3NDLCK5exzc8RNfmAium2Ky8a8eS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff715bf56906a-FRA

GET
H2 200 qR5LAxZN.json Show response
cdn-cookieyes.com/client_data/b5033c905a70b64923908748/audit-table/ 8 KB
2 KB 34ms
34ms Fetch
application/json 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/audit-table/qR5LAxZN.json
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 538903dbcbb54523e13994ce5a08666c74b30b42038a9ceeac88f1716d94ec47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 00:42:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1fb0-60c4553306581"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvqsdioBN7iQHnNGbbCqHBX0Cu1PT%2FY59kXh%2F8fbvVSoLTC1xPtKIjPNIBh3SKsLAVk8QUGjqAKFs2FP1a3NrTROixZ39ij2qs083O0nZlEWugjCxT7mkRvZQjF4MPuRjwtnCyRokCXgM3MZ3sID"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray: 836ff715ff94906a-FRA

GET
H2 200 revisit.svg
cdn-cookieyes.com/assets/images/ 2 KB
1 KB 28ms
28ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 258648
etag: W/"923-5da3a668dacc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKopXwOsRPiTlTWcf%2F%2BNh1CNguUo2zdMx0pqDZrIIoeg7L298Dkap0hJJ95E4uxSlIGfyNYHVUTsatUA68Aq7zoW4ak6tlHYNi0a23hZrizMww%2FOiCFWLwYRA6XHiwUk00WpHJgltpo5UyEpgNuD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 836ff7163df5bb83-FRA

GET
H2 200 close.svg
cdn-cookieyes.com/assets/images/ 1 KB
1 KB 27ms
27ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:40:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 385613
etag: W/"541-5da3a66c769d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNQHjTOr8qoSQDqxQQikjR5aapUkao4nv9Gg7YNdSKEkt%2FAV3Ycf9Wm%2BiHYRosMMHO7BVherGlcWQ16VAcPpWMGKIR9sbYJMShYti4pM%2FPDYbD7e2RUyzmFcmRRzV3cBT83Ypr7yhAiAiKJ%2FLH0z"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 836ff7163df8bb83-FRA

GET
H2 200 poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 4 KB
2 KB 29ms
28ms Image
image/svg+xml 2606:4700:20::ac43:44d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:44d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 04:41:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 35442
etag: W/"eb2-5da3a68c50d09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=09YXWAMktOAb%2FnkcU2rOZv%2FqQElH5xkL4u7PquFehIeNb%2F%2FLiHCtpBskgXFZD0FUJxKWuSZgx7i7NNqEPS%2FgU8w3%2Bs1FQNMtYvKezGGA9%2BKa48H0PxiQP9MKeBIuCRJAAVdPCIQJdwpB8JDiFpKw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=604800, proxy-revalidate
cf-ray: 836ff7163dfabb83-FRA

POST
H2 200 log
log.cookieyes.com/api/v1/ 2 B
152 B 44ms
44ms Ping
text/plain 52.49.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://log.cookieyes.com/api/v1/log
Requested by: Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/b5033c905a70b64923908748/script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.214.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-214-81.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://norfolkfxtrader.systeme.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryJc0sDaUIWsuAVJWV

Response headers

access-control-allow-origin: *
date: Sun, 17 Dec 2023 14:48:07 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 3 KB
1 KB 533ms
514ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5fc38b13920fc91564cbb834&widgetId=default&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

555eef48472e7f8bd160c5508672305b5bb56e8b340392be17a93718f95b0c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:08 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-vz8l
server: cloudflare
etag: W/"2-38-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 836ff717def22c79-FRA
access-control-allow-headers: content-type,x-tawk-token

POST start
va.tawk.to/v1/session/ 0
0

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 829ms
816ms Preflight 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://norfolkfxtrader.systeme.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://norfolkfxtrader.systeme.io
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 836ff717def02c79-FRA
date: Sun, 17 Dec 2023 14:48:08 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-m45l

GET
H3 200 en.js Show response
embed.tawk.to/_s/v4/app/6579dd43930/languages/ 17 KB
4 KB 67ms
43ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/6579dd43930/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6579dd43930/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://norfolkfxtrader.systeme.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 14:48:08 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 303248
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 16:37:48 GMT
server: cloudflare
etag: W/"7f37a030886ec7fce1d065ec482789ee"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 836ff71b399b71b5-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fra1.do.dubbcdn.com
URL: https://fra1.do.dubbcdn.com/videos/2023-10-28/fdf962cd29a10ffde07b0059b399d7cd/720p_kRzF.mp4

Domain: fra1.do.dubbcdn.com
URL: https://fra1.do.dubbcdn.com/videos/2023-11-26/eb3d0b452c0d8c68dec6ea4e446c8612/720p_aH7g.mp4

Domain: fra1.do.dubbcdn.com
URL: https://fra1.do.dubbcdn.com/videos/2023-11-02/c041d613b2f14be9684c2b3d16049ab8/720p_lgeM.mp4

Domain: fra1.do.dubbcdn.com
URL: https://fra1.do.dubbcdn.com/videos/2023-11-26/b6908d76030e3bcf922f465ffeebd425/720p_1iRc.mp4

Domain: va.tawk.to
URL: https://va.tawk.to/v1/session/start

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a	1970-01-21 02:36:24	Name: psuid Value: 2345fad0-4490-4951-9720-b86cc58bc9cb
.systeme.io/public/1182416971c2975408f3b7d92c02438547ac1b1a	1970-01-20 17:39:50	Name: ps64b10e012a06e36848c0d02d Value: true\|1702512000000
norfolkfxtrader.systeme.io/	1970-01-21 02:36:24	Name: v Value: 01HHW3Z7KVRPR2A37EE2B3X0JE
.provesrc.com/	1970-01-20 17:01:50	Name: ps64b10e012a06e36848c0d02d Value: true%7C1702512000000
.provesrc.com/	1970-01-20 17:00:40	Name: psuid Value: s%3A704f0838-7585-4093-8714-3e5a53adf65d.lRqK4ym9a%2BIfMz93Eci7HpCvZ0VjOHZpPdaYeiN%2BMN8
.systeme.io/	1970-01-21 02:36:24	Name: psuid Value: 704f0838-7585-4093-8714-3e5a53adf65d
.systeme.io/	1970-01-20 17:39:50	Name: ps64b10e012a06e36848c0d02d Value: true\|1702512000000
.dubb.com/	1970-01-21 01:46:00	Name: cf_clearance Value: XuFz0s2kRn3B0MJBDuNqRx287bNNN_0Sj872qBDP8a0-1702824486-0-1-60e910c3.1903b511.c9975c0e-0.2.1702824486
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lnR0bjzu_IU
.youtube.com/	1970-01-20 21:19:36	Name: VISITOR_INFO1_LIVE Value: 40AwxXL2XMU
.fra1.do.dubbcdn.com/	1970-01-20 17:00:26	Name: __cf_bm Value: 9hjKfRzuC6bagypOf5qAoxfCTS1aAU_ADlU.6p4_JRs-1702824486-1-AWJKpcqr1cNi4LIraAMZLKhU4cAlkMoiciTAp2pcG0dLonBuqajoAknsm74FSXiz/zr2QS0QhkbM6nLZlgnBAqM=
.norfolkfxtrader.systeme.io/	1970-01-21 01:46:00	Name: cookieyes-consent Value: consentid:VTZBNjlZRVFxU2l5Qm1DYzVjb1l1ZXFHQXZQR1JkUGM,consent:no,action:,necessary:yes,functional:no,analytics:no,performance:no,advertisement:no,other:no
norfolkfxtrader.systeme.io/	1969-12-31 23:59:59	Name: twk_idm_key Value: 31VusCY5KCUl3JrFVDcBQ
norfolkfxtrader.systeme.io/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 1702824488335

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-cookieyes.com
cdn-provesrc.nyc3.cdn.digitaloceanspaces.com
cdn.provesrc.com
client-api.provesrc.com
d1yei2z3i6k35z.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
dubb.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
fra1.do.dubbcdn.com
log.cookieyes.com
media.tenor.com
norfolkfxtrader.systeme.io
tenor.com
va.tawk.to
www.google-analytics.com
www.polyfill.io
www.youtube.com
fra1.do.dubbcdn.com
va.tawk.to
151.101.130.217
18.154.63.112
18.154.63.2
2600:9000:206f:8200:f:e793:dc40:21
2600:9000:224a:1c00:1c:d937:ae40:93a1
2600:9000:224a:4e00:10:6a77:5f80:93a1
2600:9000:2315:8400:f:a462:c1c0:93a1
2606:4700:10::6816:1983
2606:4700:20::ac43:44d6
2606:4700::6812:1ad0
2606:4700::6812:cc0
2606:4700::6812:dc0
2a00:1450:4001:813::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200a
2a04:4e42:600::282
52.49.214.81
54.211.100.135
0129f8d65dc229c01e6619bf36a41edb4f2f2442e0104f28e649c01e969f5387
0244ed997c09c2f547c6bd7cb9cdcd52e3eaafa3cd5c9e828792be57665a8797
054e70d37d252a23a9c8c698419a8042822a7a8d376a7656f8b85a23d25d41c0
0882cbbe5e48753cac29319e26386251edf3433ca22e22e12a2188f28b3c2e60
09bacc7d4a9a9a2770f7d67515299b87cfd4a49ee0767ca6c718a7be5cf3d2ea
0cdb88266b3b9f04742a748c29ad35d217deb5e36a1d7a6dae0ab7959e8d5068
1145e905d1d3c3625be2a792a3f179aa1d7cd065513f52574c27dadfffc056e6
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
13df9823251a2c5814d0d2e004a3b59fbf5759d5383cd5396a98433046405547
21af5b32438bce3f95385b41f652218ea4ed3a58bd75c3d96cc27b03ae456644
27bd537614b76b10eed617de2bc14b0cb98594c29698c594dfc4e2a8f028edc1
2929df0c2c9053e0a1c10b6152abd74ecad002b1c6699c5ccd221ba04dedf369
2d94a3d7c413f28f9cb58bac202e11176255867b887e02a91af13fd3e91c3dce
2ff69917a9f60bba88b196bbbb6ef8170abe6645d538bb11ab2caec219626e65
30f9d6e458e5cfa4c5c0bc10d898899687a54c34f71f0e7be8f869e3a71b9f81
315df5b36799ca109f360dba934bf77faa54f28dfa9b11483ee1581be5054569
3169d0d81c78be483c96cb0032d363c2fcebdf287a6a3e5695801a566c3a6608
33ce5d61142785c00e6033cf704828c54912fa02ad87347c3b25238894525c53
403c4af1a9c92f23af0aae7283ee5d49f48298759867281c9fb6c75e9a8d5b11
406f6483997aabca124a29e793e21a0da6010ef125fa82c1a88ab0e557818b3b
41f3a570c4a1ec3469b8eb6f266c76476fa0b443b8e213721db33af24359cbcd
43bd5bda92afcebf2479700677d487a26469f555045561a26be2abed2978648c
44b901ae4f9f602468737803d35e082729982963dedf76fac1811e366080a4b7
464505e1e4e85a3532b751d65ab7801f12b485bf70c83b85a5e66cec7dcf29cf
46eceae98b29e942e458f79841af75d7f7227c0cd0acbb7fb581bddcff701a9a
4963919fb32a2e1f13cff603417af5ed3e5f2d13f546faed74d7d44fcd6651b9
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50ab71cdc974214800ea28edda3fbe456e08d9731371913f22c6b278323b7aba
517bccd7ca8613a6985fa501585dcb02cdd6c2948c435a984c8f86ed0b97b67f
538903dbcbb54523e13994ce5a08666c74b30b42038a9ceeac88f1716d94ec47
5440c88885e980a51ceb321240404e7ed1b3550e7941a85d711226b3d4f706bd
555eef48472e7f8bd160c5508672305b5bb56e8b340392be17a93718f95b0c92
56239df581596d9f59e4234d40d8063510a298dbaebb537b6e4500920b54b30e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
578e46756d1fabfbb28df47c753e5ee9ef6cff015eaeef089a3b4468f9a306ce
5983eb2a5db278c29d1c50588bc80dea2dc6287dfd4b858b42299ae9a16a6e45
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5b2f518b16af2ea31caddc3a440ec626ea710ba6f59485d227e7963fa8c2449d
5ccb55be32399a179e7839398fbbbffe8afdad2a2d89d30ff95455dc4a92b371
5db110297b17de4f4237e73621fe92e2caf340ee0851797744c639f43e5074f1
5f3178e5a50864d9b51ce30ddf527eba6703a967008563b9fe5f3de0c70cb651
5fa7c21c9e14754e4ef22939e5bfa098a1883a7027ed19f3b120915abd827d9a
63dd176baf2da2ee72d59cdb21dd1b38bdb76fd4f7c57e0fa3763eda05e9488f
673ad21591c37ad87b78128a2480f669ed7d7e2a9d01dab4ac7f8e834b6c75d3
68798d2a241b74c023ae11ed1c4886794d9f5686f2187774ba76c1336f094f95
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6cc30b5b5507193483788eb989a7fdf683ba36ade007766349da59c3b12422fb
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7298400d10ecc1a9f8802c04010c8af42b958a6494cebf552536e3f306dc8ed5
73ba62a6e6a8335135fc997dc56bd2c9dc602ce6c1a1f42a696f37439a7e6299
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414
7f1c7e828c681dba92a8b92f384756053eaab2455dc37e9de44aedb8d438f0f2
7f5c6776653ed628a8eb5e2e3cb74d4acbd59e783173dde380fe51f3f0c76d23
81f43732b985a695c87c846b10e296535ca26f6bddcb8b391104a7b5b82b202d
849c189f94583403740df42f9463f517d7f4e99a9c0c51c08304219c871ab2f1
86102e61f90279d23401d6125db1b6c569afe5f0dc0246cc3433ee69b98fc5c2
863a94d91fcab982c88987cca45b5379bb62801f2d22a08c6708dba0812d4393
885869d6a894e36e2db6be5cdf5acab8bb8394c0cdc4bf611fec9287a447b729
8a36c989fe0efaa93eb0f4062fa976a326264fbc971214d8e5e8a08a92066a4a
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92983036d28add08f7e687ae241b592ce11c18a58f24530956f8665c2bf7303e
92ce515eed3b949bdb0c372f032c27f5c7dda57ac3ba7703e267da5bf468539b
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95bf5fdafa4cbcc54a628bd0357a68fdc2d3a86bf183ea417f68b027e928af0b
98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d
9a8239a24b037ac24ebb731c3a0a1f0c8d70c3ef1931fa65b9c7bddcb68cd6eb
9b7b76a91ef9d36db9aef8edf68ba7c2e716677848c640190a1052efc1d48d37
9d90c23b813ac21cd3d6d5225a075e7626a22d6d2cb1a222617709701eb60f40
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a0a5de9638d32b2fd4f987705c848883d087471dcb33af175ba46a73e8e3d6dd
a306e00d9125b50e736c0937ee3744cf276772250eb093219ba1fcdea18b3f21
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
a9181efb23e405a5ae51f5eb9ed17564496ab30195bfa13ecb923460d8a92300
ab5b5f55d0486188340a02027472e81dea80716fef25b07a239bbe88003c9879
b151edf8642f4b2cb2f075212c69e8eaa7daa683d7d489a8ffdf48ce378e7d69
b67b7be3456a14ddc6a8ac181c17abc3da6a47d574f802359dc1269879a037ef
b7533b3bd06dfcbb2519bae125e94fa1f0bf19861017cc9aa3d79410bb8160f2
bb6c0589696b220c9c9d60bdd5c867551d697db32cb016186c634da6d0bafe35
bca99e112730eb8e9d3294f5a64955225117ba63efb814974f0f77f0316aa77c
bdc69a163f123b160fd08c0f169947f2536866485e78a1cc579fe7ecfd3a449b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4ae1632a9d343e74a4fd1ad8970d80924c1dbb776e034931114567954740181
c5387747fd21dbdf4a5a2cb1477b5bbba0229e7a984cb09c683b003ade7b1fb1
c6390bd1dead222763be7c93e10ce8d48ce550d2083d00b907504d01f3be8da8
ccff69f0625df762f73b0cdab6d48704ca2278de552e523f5f0e587d9a6ea6d9
ce3500b3d99b4d85154c3acd0d1f6a8ecfaf1bcdfa844874625421311a8fb050
dbffd163cb4556c11f3f913e08d2de5ab02d60970fbe26f00a04324947b4af90
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1389188ed1c342598c15b2602f1e75d52f6638e2d6f3b2702f5cd32b92d400c
e17a1d816e13c0826e0ed7febfabc3277f45571234bde0bf9120829a7169edc9
e1b71952b46c9c86cbf19248666cf757e24c8f535d83944c1cb60d5e3c268d49
e2a93b628f412f678ef10173190fd3998e8afe07b2631692a10382fa4bc4dd2a
e2ec7d776605a182e4efaad6bc7983c21f9019f520a65155764bf984c1d26d01
e334510cac128f2156754e56f17477eb620596b7f22b1f729b90595cef31bb22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75c4abc2f21b3f0f3dff14627808b356f7f1e590760bdf81dfa2504b84c9608
eaf266c920ef8297bf135324d4c6232d117d1eb849a082850b8d0520c1966c2e
ecb7a6be88986ba421fdf833eb602537bf1047966fbdc3d004debd6751e94674
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
edaa6026676341043f7eeddc791253358afa0056bb8897ad9b03785c22b7cbf5
ee8bb541d697a3cb6bfc81348618f6ed8b4fbe3dd84fd11cf1354e950c925af9
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
f729e979a674f857370da62833cfec6d4fd2ffe01fc4331d6fa93fb5b9135fba
fafdc006b816a5d9a75316354a165ff79f66b23635e5128efe8586f7c04c52c8
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

norfolkfxtrader.systeme.io Open in urlscan Pro 18.154.63.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

95 %HTTPS

75 %IPv6

15 Domains

20 Subdomains

20 IPs

3 Countries

8767 kBTransfer

24293 kBSize

14 Cookies

21 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

norfolkfxtrader.systeme.io Open in urlscan Pro
18.154.63.2 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

95 %
HTTPS

75 %
IPv6

15
Domains

20
Subdomains

20
IPs

3
Countries

8767 kB
Transfer

24293 kB
Size

14
Cookies

187 HTTP transactions
3 data transactions