urlscan.io logo urlscan.io
SecurityTrails logo

flux.li Open in urlscan Pro
170.187.189.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4...
Effective URL: https://flux.li/windows/start.php
Submission: On October 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 48 HTTP transactions. The main IP is 170.187.189.191, located in Frankfurt am Main, Germany and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is flux.li. The Cisco Umbrella rank of the primary domain is 243793.
TLS certificate: Issued by R3 on October 1st 2023. Valid for: 3 months.
This is the only time flux.li was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13 170.187.189.191 63949 (AKAMAI-LI...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 104.16.168.131 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 172.64.106.19 13335 (CLOUDFLAR...)
1 143.204.215.47 16509 (AMAZON-02)
3 188.114.97.3 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 162.159.135.233 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.16.169.131 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
48 17
13    170.187.189.191 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-189-191.akamai-compute.nexuspipe.com
flux.li
fonts.nexus
cf-ent-cache.nexuspipe.com
cdn.fonts.nexus
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
5    104.16.168.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
1    2600:9000:2250:600:c:7a1a:d8c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1err2upj040z.cloudfront.net
5    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
jnn-pa.googleapis.com
2    172.64.106.19 (United States)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
1    143.204.215.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-47.fra53.r.cloudfront.net
nethebravero.com
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
asbutiseemedli.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
7    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    162.159.135.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    104.16.169.131 (None, )

ASN13335 (CLOUDFLARENET, US)
hcaptcha.com
newassets.hcaptcha.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
Apex Domain
Subdomains		 Transfer
10 flux.li
flux.li — Cisco Umbrella Rank: 243793
110 KB
7 youtube.com
www.youtube.com — Cisco Umbrella Rank: 85
984 KB
7 hcaptcha.com
hcaptcha.com — Cisco Umbrella Rank: 7440
newassets.hcaptcha.com — Cisco Umbrella Rank: 10576
499 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 32
3 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
jnn-pa.googleapis.com — Cisco Umbrella Rank: 237
33 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
static.doubleclick.net — Cisco Umbrella Rank: 304
1 KB
3 gstatic.com
fonts.gstatic.com
49 KB
3 asbutiseemedli.com
asbutiseemedli.com
1 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 25650
101 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
6 KB
2 fonts.nexus
fonts.nexus — Cisco Umbrella Rank: 773686
cdn.fonts.nexus — Cisco Umbrella Rank: 880991
51 KB
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 2468
568 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
1 nethebravero.com
nethebravero.com
533 B
1 cloudfront.net
d1err2upj040z.cloudfront.net
54 KB
1 nexuspipe.com
cf-ent-cache.nexuspipe.com
1 KB
48 16
Domain Requested by
10 flux.li 2 redirects flux.li
7 www.youtube.com flux.li
www.youtube.com
6 accounts.google.com 4 redirects flux.li
5 newassets.hcaptcha.com hcaptcha.com
newassets.hcaptcha.com
4 jnn-pa.googleapis.com www.youtube.com
3 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
3 asbutiseemedli.com flux.li
d1err2upj040z.cloudfront.net
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 pogothere.xyz d1err2upj040z.cloudfront.net
2 hcaptcha.com flux.li
newassets.hcaptcha.com
2 cdnjs.cloudflare.com flux.li
1 static.doubleclick.net www.youtube.com
1 cdn.discordapp.com flux.li
1 www.facebook.com flux.li
1 nethebravero.com d1err2upj040z.cloudfront.net
1 fonts.googleapis.com client
1 d1err2upj040z.cloudfront.net flux.li
1 cdn.fonts.nexus fonts.nexus
1 cf-ent-cache.nexuspipe.com flux.li
1 fonts.nexus flux.li
48 20

This site contains no links.

Subject Issuer Validity Valid
flux.li
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
fonts.nexus
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
cf-ent-cache.nexuspipe.com
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
cdn.fonts.nexus
R3		 2023-10-01 -
2023-12-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
nethebravero.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-02		 a year crt.sh
asbutiseemedli.com
GTS CA 1P5		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-17 -
2023-10-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-09-18 -
2023-12-11		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://flux.li/windows/start.php
Frame ID: 3EFFC934A2ECD92DE1709B167C509243
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/kuMPpqJqPHI
Frame ID: EE931511E5651B229357FC954B48859D
Requests: 14 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Frame ID: 85ED06D039EB51545152509ACD15C7F0
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Frame ID: 8537DF02A073A730002087D33977E386
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fluxus | Start

Page URL History Show full URLs

  1. https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711... HTTP 302
    https://flux.li/.nexus/challenge?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe2... HTTP 301
    https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe... Page URL
  2. https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711... Page URL
  3. https://flux.li/windows/start.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • https://hcaptcha.com/([\d]+?)/api.js

Page Statistics

48
Requests

94 %
HTTPS

56 %
IPv6

16
Domains

20
Subdomains

17
IPs

4
Countries

2459 kB
Transfer

6260 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 HTTP 302
    https://flux.li/.nexus/challenge?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 HTTP 301
    https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 Page URL
  2. https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 Page URL
  3. https://flux.li/windows/start.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 HTTP 302
  • https://flux.li/.nexus/challenge?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67 HTTP 301
  • https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Request Chain 21
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfgt7-NvJaxEqXZVQXbL9BFn1y17Z-dP7VYRJXsoX46EQLCN2BI2cjZLH_SNfrngKriqVXnGQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfQxC09RjDJo9iISyc8nWlLZ3PSG_KEtPmeFyypScnQVr3m17qgfBZP0FNNh3VrGpr_U35DOQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761438761%3A1696871831623023&theme=glif
Request Chain 22
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdxY5MYgnn0LbmQf77f06708z0DbSO2raMAK8vtlUUkPq1hOPpL0-Ln6qPqzKtKtI2uwf_ydg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfR2twlWCqsYaMX4qNEzwRzshH2TcftAs4hEbeGs-nN-rhXxmLCs8KLyjXcUETUhAX6o3AZ4A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806192492%3A1696871831554483&theme=glif
Request Chain 41
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
flux.li/.nexus/challenge/
Redirect Chain
  • https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
  • https://flux.li/.nexus/challenge?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
  • https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
342 KB
106 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
9cc2d9b5ca0f447c87454e3c73527a301eb5eda4b66c0c4e6f577f5b6ca2a1b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 09 Oct 2023 17:17:09 GMT
last-modified
Monday, 09-Oct-2023 17:17:09 GMT
nexus-node
GER
server
Nexuspipe.com | DDoS Mitigation Cluster
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache
content-length
166
content-type
text/html
date
Mon, 09 Oct 2023 17:17:09 GMT
last-modified
Monday, 09-Oct-2023 17:17:09 GMT
location
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
nexus-node
GER
server
Nexuspipe.com | DDoS Mitigation Cluster
css2
fonts.nexus/ 		716 B
687 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.nexus/css2?family=Poppins&display=swap&local=false
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster / NexusPIPE, Fastify
Resource Hash
a51b56b7a9dd18f9371dcd9ae13758336d88144417ceb12ef8eccdbc2546f568

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:09 GMT
content-encoding
gzip
server
Nexuspipe.com | DDoS Mitigation Cluster
nexus-cache
BYPASS
x-powered-by
NexusPIPE, Fastify
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
nexus-node
GER
cache-control
public, max-age=86400
link
<https://cdn.fonts.nexus>; rel=preconnect; crossorigin
x-server-region
Frankfurt, DE
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b135b72fa2094242a6bb5b528a52420209020d8bd182d551d03bd5dacd9ff2c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/webp
Background.svg
cf-ent-cache.nexuspipe.com/static/ 		7 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cf-ent-cache.nexuspipe.com/static/Background.svg
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
331c98cef3112777df85fba3dab26fbd29b89a5897324b97f98ebaeafede7de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:09 GMT
content-encoding
gzip
last-modified
Fri, 15 Sep 2023 13:42:34 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
nexus-cache
HIT
etag
W/"65045f4a-1dee"
vary
Accept-Encoding
nexus-node
GER
content-type
image/svg+xml
Poppins-255d561d62b2019af045055ecea1b342746a57e564b2a0c477e27807d483c0fb7c00a681ddbf06dbb0aa375d5cfa0c7d91e9a3ed1352375ca40d28b756248f5a.woff2
cdn.fonts.nexus/fonts/ 		50 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.fonts.nexus/fonts/Poppins-255d561d62b2019af045055ecea1b342746a57e564b2a0c477e27807d483c0fb7c00a681ddbf06dbb0aa375d5cfa0c7d91e9a3ed1352375ca40d28b756248f5a.woff2
Requested by
Host: fonts.nexus
URL: https://fonts.nexus/css2?family=Poppins&display=swap&local=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
64dde3c4628776eae8ef19a7132532371ddc2eb02e6e293325b14820cb8813e8

Request headers

Referer
https://fonts.nexus/
Origin
https://flux.li
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:09 GMT
last-modified
Sat, 04 Mar 2023 22:47:17 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
nexus-cache
HIT
etag
"6403ca75-c948"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
nexus-node
GER
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
51528
expires
Tue, 08 Oct 2024 10:24:32 GMT
ip
flux.li/.nexus/ 		15 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/ip
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
1a52c17bbbc63cc71daf11aa14d1661212c72c2404f2783672a3a58ddd8cd89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/plain
date
Mon, 09 Oct 2023 17:17:09 GMT
cache-control
no-store, no-cache
last-modified
Monday, 09-Oct-2023 17:17:09 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
content-length
15
nexus-node
GER
interact
flux.li/.nexus/ 		584 B
771 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/interact
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster / Express
Resource Hash
d4a7b0495f6444db3ebb991bdeb59495bb05524d720e5762482dc8cd4c1d296d

Request headers

Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
content-encoding
gzip
last-modified
Monday, 09-Oct-2023 17:17:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
x-powered-by
Express
etag
W/"248-luAHLkQTH5lzwsxppRMlG8T1C4Y"
vary
Accept-Encoding
nexus-node
GER
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache
ip
flux.li/.nexus/ 		15 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/ip
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
1a52c17bbbc63cc71daf11aa14d1661212c72c2404f2783672a3a58ddd8cd89d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/plain
date
Mon, 09 Oct 2023 17:17:10 GMT
cache-control
no-store, no-cache
last-modified
Monday, 09-Oct-2023 17:17:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
content-length
15
nexus-node
GER
f1945f343fc293263406c764df0f781b9541f8b55d67dd29920605c68c4fc8a2
flux.li/.nexus/interact/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/interact/f1945f343fc293263406c764df0f781b9541f8b55d67dd29920605c68c4fc8a2
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster / Express
Resource Hash

Request headers

Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Payload
3f66372b2831302d2b2a667e7570727668662d37062b30667e222528372168662e372234667e6675272722217771222726267d267622767471257d202025757674227722717675666866372127362130667e66117602372003122f1c757c001535300f07231e32777c0814312a122c351c0b2a1217110f06747d1c73121c21282d132a1322312f0f000d293322300b0a713303223c0101136f323327752b0e32200a0201252f37353e3e342c0d7d28232c357228273c00297d720634142717347d12770771250e03096b6b6f3e2a77077317142a2b1105120f0c713e2c36201d002b2b06016b063d7d2b091d3c2e2c01741223052c07722c023e271436003e72253434112e1521731632082e267d112c02132e102d057d2e013502250d1d740c0f0f172836332c027270132f35111430740f75731116250906036f10737209712a2614732f0b110c330b030c1d701c16350b75712c34762003742e7d072c713708200c350d162036352e2807011237302e360a287d100c03203117032b3d010817082a0e28363633776f121c322926371577263729733d0a30710208070f6f32210e72343e010e712d300510351d2c73352f752370270d0c752e37132912257d35102502012c17020d09132d0d0377090d123c360c0e3511330a0801290d2c072834331c3e032b2e0f1c173771771201726f770302142116322d022203122b367c760e07030c0e110d352315312e063230713017211527162515327025730520300c0b7d7077141627370d32317c221d77130903121506022c091523753771770d3122161175057712102a7c7d6b2808747c112672140f75231714070f0d0e08033d0b0b2e20071e37123e0971143e1e6f2327101274757d742a33230d37796639
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
last-modified
Monday, 09-Oct-2023 17:17:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
x-powered-by
Express
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
nexus-node
GER
content-type
text/plain; charset=utf-8
cache-control
no-store, no-cache
content-length
2
request_connector
flux.li/.nexus/ 		3 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flux.li/.nexus/request_connector
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash

Request headers

Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Token
f1945f343fc293263406c764df0f781b9541f8b55d67dd29920605c68c4fc8a2

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
content-encoding
gzip
last-modified
Monday, 09-Oct-2023 17:17:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
vary
Accept-Encoding
nexus-node
GER
content-type
text/plain
cache-control
no-store, no-cache
start.php
flux.li/windows/ 		81 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Requested by
Host: flux.li
URL: https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
73d7ad907f41330815c18bc9ec25b8f1d5cd4756aa958cce493285fa2d7c453c

Request headers

Referer
https://flux.li/.nexus/challenge/?&reason=0&destination=%2Fwindows%2Fstart.php%3F7b20bcc1dfe26db966bb84f159da392f%3Dfalse%26hwid%3D2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
93
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:17:10 GMT
nexus-cache
BYPASS
nexus-node
GER
refresh
0; URL=https://flux.li/windows/start.php
server
Nexuspipe.com | DDoS Mitigation Cluster
vary
Accept-Encoding
x-mark
1
Primary Request start.php
flux.li/windows/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.187.189.191 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
170-187-189-191.akamai-compute.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
9cb3a95c3fff860914afa9c37227c96844b694be42101bbabe85bd4677480d00

Request headers

Referer
https://flux.li/windows/start.php?7b20bcc1dfe26db966bb84f159da392f=false&hwid=2b9ce01ccdc711ecb5a6806e6f6e6963a4872ad2dd325cabc47545d3159dea67
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
1928
content-type
text/html; charset=UTF-8
date
Mon, 09 Oct 2023 17:17:10 GMT
nexus-cache
BYPASS
nexus-node
GER
server
Nexuspipe.com | DDoS Mitigation Cluster
vary
Accept-Encoding
x-mark
1
aos.css
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.css
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
931737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1438
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-65c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jiaqU7WSDdLV%2BaLmIiMaeyz8CCtakXvL5%2FGazNVx4s%2F7QwINxj%2FEdTBwXIhI66z%2F5uZmgUsdIE0nfSUzm8prolP6hT4SMec%2BBOGKTqV9%2BkxCZjUNfCwxdR4uM4xMLFrY7gvu9lTLX8JaF8TWMFQS3VOi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8138468f8a751905-FRA
expires
Sat, 28 Sep 2024 17:17:10 GMT
aos.js
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.js
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2071763
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4109
last-modified
Mon, 04 May 2020 16:05:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d5d-3962"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sSYrSbetZJ7gn%2BxRvmNoMfJeAtTIF04fs%2BEz5zqrI3tweMvTyxlSnRVv91gKkGq96YTQm4cU3flw70HT%2Bzv68GFfa1lAesNEQuHKXB9C0KWf3jDKAQ8f1dH9WrLPo7sK9Cg8ratQxI%2FZda%2FvfZOShGH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8138468f8a781905-FRA
expires
Sat, 28 Sep 2024 17:17:10 GMT
api.js
hcaptcha.com/1/ 		323 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/1/api.js
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02367b7a4b8e6b48392d97d672d2e86b6a317cf463df6d9f3ce4cee9db398e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
3pIXpMinKMlk6Bsz8xK6U73glOfu1iGO
age
0
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 09:56:55 GMT
server
cloudflare
etag
W/"c921b10630257c59c685419b68dd1f79"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
8138468f9c528fdc-FRA
x-amz-cf-id
ioVSsdhoWS6bhcmtZ8sOIpsH4KWfbxgJRaIa817iyHjsvGxm3Hvqjg==
/
d1err2upj040z.cloudfront.net/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1err2upj040z.cloudfront.net/?urred=973468
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:600:c:7a1a:d8c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0de5b433ce17c244098a387a2eb1f9eb1f6255329cd1f520da7f031d3db023ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:17:11 GMT
content-encoding
gzip
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
54667
x-amz-cf-id
fbeSvV1F9eMXM_GtUcvdGt_2-JnbKY20UsdCMwFqYIwEVdcd7IMjVg==
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 09 Oct 2023 17:17:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 09 Oct 2023 15:43:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 09 Oct 2023 17:17:11 GMT
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d1err2upj040z.cloudfront.net
URL: https://d1err2upj040z.cloudfront.net/?urred=973468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4708
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 15:58:43 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://flux.li
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htjEcndljiStJGqBv4iK1368n94EbuFaOPg73c91cvTDQzZPVC5EL6%2FNPSkSu8jzfVsUWmFCeJIx1vDs%2FvIbIW0hgsiS%2FcVOMUoD6%2BCaaR4h%2BMWUQBy0b%2FQuniSncw2I"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8138469238ea9122-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d1err2upj040z.cloudfront.net
URL: https://d1err2upj040z.cloudfront.net/?urred=973468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97b3ca50bc4969d854916349fef03047a23f105d9375c4eece0359c16337bf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI88lMmqq0%2F1orDh8%2BGzvz0eThkCg9Ovbn7Uqed81O5gBHv2WC4wg3BkM8LnszRU5xObnBWNDYg98qpQBSY8zks2fdRm6mbMP%2B2UEiyyyflBXIMt8duUWWlXadGHIlUZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://flux.li
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8138469238f09122-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
nethebravero.com/ 		0
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nethebravero.com/utx?cb=SWHYg1VNaRIH&top=flux.li&tid=973468
Requested by
Host: d1err2upj040z.cloudfront.net
URL: https://d1err2upj040z.cloudfront.net/?urred=973468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-47.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:17:11 GMT
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://flux.li
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
bOnDPJd9nfR48EzvWBYEg1iXoXYZTuTIrZMV-cHCoI6Ln23eFDlb0g==
U11lHCwaAH5dbldae1tpVl9yXm9b
asbutiseemedli.com/bmxDbFhBUyAfZT0pKxg9A1V7CmkeJhskNFc0c1UBDSQzNgwoD2UYMQpReltrWlp7SigHCH5dfh0YIhgtHVFySjEACixRfhhRckJrWkJwWHZeSjZRaUgYMw0/ 		0
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asbutiseemedli.com/bmxDbFhBUyAfZT0pKxg9A1V7CmkeJhskNFc0c1UBDSQzNgwoD2UYMQpReltrWlp7SigHCH5dfh0YIhgtHVFySjEACixRfhhRckJrWkJwWHZeSjZRaUgYMw0/U11lHCwaAH5dbldae1tpVl9yXm9b
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KE2dgieCD3lsNtiHtT34DG8FPUncWIJexS%2B4oVK6bWKoNXcRe%2BLuRb%2BAfW%2Fdne%2BbQCmit4FuA9nn8AY9CHXvXYgbNUKV8ErAFY8p23hunzsDfgo2AZX7Iq%2F5AOpLbZ7atEswe5k%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
813846923ae035e8-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfgt7-NvJaxEqXZVQXbL9BFn1y17Z-dP7VYRJXsoX46EQLCN2BI2cjZLH_...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfQxC09RjDJo9iISyc8nWlLZ3PSG_KEtPmeFyypScnQVr3m17qgfBZP0FNNh3VrGpr_U35DOQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfQxC09RjDJo9iISyc8nWlLZ3PSG_KEtPmeFyypScnQVr3m17qgfBZP0FNNh3VrGpr_U35DOQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761438761%3A1696871831623023&theme=glif
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H3
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-C9Cm42NQi9mbV1Qu8ilBmw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfQxC09RjDJo9iISyc8nWlLZ3PSG_KEtPmeFyypScnQVr3m17qgfBZP0FNNh3VrGpr_U35DOQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761438761%3A1696871831623023&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdxY5MYgnn0LbmQf77f06708z0DbSO2raMAK8vtlUUkPq1hOPpL0-L...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfR2twlWCqsYaMX4qNEzwRzshH2TcftAs4hEbeGs-nN-rhXxmLCs8KLyjXcUETUhAX6o3AZ4A&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfR2twlWCqsYaMX4qNEzwRzshH2TcftAs4hEbeGs-nN-rhXxmLCs8KLyjXcUETUhAX6o3AZ4A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806192492%3A1696871831554483&theme=glif
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H3
Server
2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Redirect headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-6JLhD145p3-CVR-3JdaVyg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfR2twlWCqsYaMX4qNEzwRzshH2TcftAs4hEbeGs-nN-rhXxmLCs8KLyjXcUETUhAX6o3AZ4A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806192492%3A1696871831554483&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
popunder.gif
asbutiseemedli.com/ 		35 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asbutiseemedli.com/popunder.gif
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
public
date
Mon, 09 Oct 2023 17:17:11 GMT
cf-cache-status
HIT
last-modified
Sun, 08 Oct 2023 20:02:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
76483
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBayaH%2FxVJP2JRmaxZ%2FDU6o79ZGgR2FL0FaA%2B5SjepZ2q2R%2FcP724Od42XyGTshcP4ipRVtTjLBhiaAvDOLMqy%2BIyr8OPK4RtqW2HAD9keqMIWen4bLBFxWqFi8MC1dEqdwcgjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
813846924ae335e8-FRA
alt-svc
h3=":443"; ma=86400
kuMPpqJqPHI
www.youtube.com/embed/ Frame EE93 		82 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/kuMPpqJqPHI
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
950e5457796c78be78986532b893426dbdca4070de42e1e99d64c26b805647e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://flux.li/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:17:11 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
daniel-leone-g30P1zcOzXo-unsplash.png
cdn.discordapp.com/attachments/848525273451200532/878394085709328425/ 		566 KB
568 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/848525273451200532/878394085709328425/daniel-leone-g30P1zcOzXo-unsplash.png
Requested by
Host: flux.li
URL: https://flux.li/windows/start.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.135.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2b8bd8e2236ee8442b346a3c2660575f16ddda02cd5ef53efd83df576af005

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2902
alt-svc
h3=":443"; ma=86400
content-length
580008
last-modified
Fri, 20 Aug 2021 21:44:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78t6LZD%2B%2FmsmwUsoAF4hDiTBj%2FHTJNZzd20GRqWTW0dDzEG214PipgSiJhoXRHuqTtDBDWIk96pMB1i0fWawRE7F62QWnEspg88sEJ%2BTI%2Bmd77yq2AFP2MQA1ibkRd71sPBuhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
813846924a2239ce-FRA
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
expires
Tue, 08 Oct 2024 17:17:11 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://flux.li
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:18:21 GMT
x-content-type-options
nosniff
age
341930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:18:21 GMT
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/42177c5/static/ Frame 85ED 		2 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29076bafd46813a42c299189c613e843fb39a4c583c31cd7c67a01317d9e69b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flux.li/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
346
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
81384691be9e8fdc-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:17:11 GMT
last-modified
Mon, 09 Oct 2023 09:56:55 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
-XeGXHiQJTGIWIkycERIxit7w6yaaiOsmCZKPVbF7649cvLIhOIugA==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
fMlC30DRJaC5GZ_fHZge8E0SRHB8Hx_J
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/42177c5/static/ Frame 8537 		2 KB
965 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Requested by
Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29076bafd46813a42c299189c613e843fb39a4c583c31cd7c67a01317d9e69b8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://flux.li/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
346
alt-svc
h3=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
81384691be9f8fdc-FRA
content-encoding
br
content-type
text/html
cross-origin-embedder-policy
credentialless
cross-origin-resource-policy
cross-origin
date
Mon, 09 Oct 2023 17:17:11 GMT
last-modified
Mon, 09 Oct 2023 09:56:55 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-id
-XeGXHiQJTGIWIkycERIxit7w6yaaiOsmCZKPVbF7649cvLIhOIugA==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
fMlC30DRJaC5GZ_fHZge8E0SRHB8Hx_J
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/42177c5/ Frame 8537 		323 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/42177c5/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02367b7a4b8e6b48392d97d672d2e86b6a317cf463df6d9f3ce4cee9db398e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
3pIXpMinKMlk6Bsz8xK6U73glOfu1iGO
age
346
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 09:56:55 GMT
server
cloudflare
etag
W/"c921b10630257c59c685419b68dd1f79"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
813846925f728fdc-FRA
x-amz-cf-id
ioVSsdhoWS6bhcmtZ8sOIpsH4KWfbxgJRaIa817iyHjsvGxm3Hvqjg==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/42177c5/ Frame 85ED 		323 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/42177c5/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.168.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02367b7a4b8e6b48392d97d672d2e86b6a317cf463df6d9f3ce4cee9db398e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
3pIXpMinKMlk6Bsz8xK6U73glOfu1iGO
age
346
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 09 Oct 2023 09:56:55 GMT
server
cloudflare
etag
W/"c921b10630257c59c685419b68dd1f79"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
813846925f748fdc-FRA
x-amz-cf-id
ioVSsdhoWS6bhcmtZ8sOIpsH4KWfbxgJRaIa817iyHjsvGxm3Hvqjg==
truncated
/ Frame 8537 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
www-player.css
www.youtube.com/s/player/4a66ccde/ Frame EE93 		378 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4a66ccde/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 15:35:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
6098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48950
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 01:54:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Oct 2024 15:35:33 GMT
checksiteconfig
hcaptcha.com/ Frame 85ED 		759 B
972 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=42177c5&host=flux.li&sitekey=e446e03a-2706-4af6-b5f9-ea5c145cf769&sc=1&swa=1&spst=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/42177c5/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fda2475f79c866ea50085deed3d2c8715ceeb77d091b4ab6f63cf60253ca9010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
81384692fe2a1cad-FRA
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass
2
alt-svc
h3=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EE93 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options
nosniff
age
210602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 06:47:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EE93 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options
nosniff
age
330636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 21:26:35 GMT
embed.js
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame EE93 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 08:58:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
461915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17035
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 01:54:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Oct 2024 08:58:36 GMT
www-embed-player.js
www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/ Frame EE93 		316 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 16:31:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
2769
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96853
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 01:54:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 08 Oct 2024 16:31:02 GMT
base.js
www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/ Frame EE93 		2 MB
787 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 08:57:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461955
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
805318
x-xss-protection
0
last-modified
Wed, 04 Oct 2023 01:54:50 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 03 Oct 2024 08:57:56 GMT
hsw.js
newassets.hcaptcha.com/c/7a7fc3d/ Frame 85ED 		542 KB
221 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/c/7a7fc3d/hsw.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/42177c5/hcaptcha.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5b61a0f51e14cf9c360329736f08563446ee3946d03db8a1307516d4778838d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newassets.hcaptcha.com/captcha/v1/42177c5/static/hcaptcha.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-content-type-options
nosniff
x-amz-version-id
GrY6itVPYVnvjrogJQ1yOXAjKYbv.j8P
age
104350
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Sep 2023 15:04:07 GMT
server
cloudflare
etag
W/"b16c715f27a9a8d8768373c4de6f00ce"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
813846937f011cad-FRA
x-amz-cf-id
6gIA0AY5VDTy3tvXVwiok220xetDHE6DSqYFN4kg8PmjzeyG8xSyZQ==
IhMiewgWLRNzCiBxc0UiEXxsBnhBd20XOxwlaABtBjU0RT4GfGYBe0RnPF8tGnxlAXtEZyMMeltyYR94QW9lFz5Ic2QIeUZ2Zgl8QnlnBnNMcHNFOxQmaABtBTUhXXZEd2wHc0JwbQJ6QnVg
asbutiseemedli.com/MUt1QVUedBYyaGImO3AbAh1QcxdnDjwEB18/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://asbutiseemedli.com/MUt1QVUedBYyaGImO3AbAh1QcxdnDjwEB18/IhMiewgWLRNzCiBxc0UiEXxsBnhBd20XOxwlaABtBjU0RT4GfGYBe0RnPF8tGnxlAXtEZyMMeltyYR94QW9lFz5Ic2QIeUZ2Zgl8QnlnBnNMcHNFOxQmaABtBTUhXXZEd2wHc0JwbQJ6QnVg
Requested by
Host: d1err2upj040z.cloudfront.net
URL: https://d1err2upj040z.cloudfront.net/?urred=973468
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://flux.li/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GoeblTniieGGXw7WPqNob4O%2BUaPNPXMW7q3J6wZrRw832FlQ%2FXA8QWUSXUDwWCkDV413oO7WEV62R96gEUY4F6nkZ6McJW%2BElp8jdHeNZgDHfqZgaeiV4jvM%2BChFQjiUFeKSOOM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
813846947e7435e8-FRA
alt-svc
h3=":443"; ma=86400
id
googleads.g.doubleclick.net/pagead/ Frame EE93
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/kuMPpqJqPHI
Protocol
H2
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb873f9476ff6e0fe43e20b3c56ce47f44d3fae6d25382f561a81d8ec4c511e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 09 Oct 2023 17:17:11 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame EE93 		29 B
494 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 09 Oct 2023 17:15:32 GMT
x-content-type-options
nosniff
age
100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 Oct 2023 17:30:32 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:17:12 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EE93 		69 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e1b5c0e0b8815d8f2ca14111910e6454eb69a9aa219a72f37ce5b393a975b84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 09 Oct 2023 17:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32392
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame EE93 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=NN4PnLQvFRhJDJeB&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C207525%2C23071%2C84737%2C19571%2C15658%2C1089%2C3779%2C2492%2C250%2C2950%2C26436294%2C3518%2C536%2C1253%2C75%2C602%2C4907%2C8173%2C1469%2C224%2C1333%2C2040%2C564%2C4368&cl=570533885&seq=1&event=streamingstats&docid=kuMPpqJqPHI&qclc=ChBOTjRQbkxRdkZSaEpESmVCEAE&embargoed=0&cbr=Chrome&cbrver=117.0.5938.149&c=WEB_EMBEDDED_PLAYER&cver=1.20231003.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
X-YouTube-Client-Version
1.20231003.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt6Nl9UU0Nfa0p1RSiX65CpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1696871831884&flash=0&frm=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C460%2C315&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Mon, 09 Oct 2023 17:17:12 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame EE93 		296 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/png
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 09 Oct 2023 17:17:12 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EE93 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a8b78e73d05781a7a452c8b9014bbeafa6acddb856c03da1f10edd15874fd7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 09 Oct 2023 17:17:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
log_event
www.youtube.com/youtubei/v1/ Frame EE93 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/4a66ccde/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Goog-Request-Time
1696871834135
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/kuMPpqJqPHI
X-YouTube-Client-Version
1.20231003.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt6Nl9UU0Nfa0p1RSiX65CpBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals
dt=1696871831635&flash=0&frm=2&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C460%2C315&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 09 Oct 2023 17:17:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
expires
Mon, 09 Oct 2023 17:17:14 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| AOS object| Raven object| hcaptcha string| their_hwid function| completed_captcha number| LAST_CORRECT_EVENT_TIME object| utr_973468 number| userTrackingInterval number| _2781936899 object| grecaptcha number| iinf

6 Cookies

Domain/Path Name / Value
flux.li/windows Name: Anti-Bypass
Value: BypassersKHTTP_VERSIONdadccc5552d01ffe8cc83264fa157ca57937911af70750e57269b5d99395d261
flux.li/ Name: .pipe
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoibmFjbCIsImtleSI6IlZDMHN6UTdIUEJsV1NGaEw2M25Xc1luVHpnQkxLampSdjZNbjNEdVBVTkk9IiwiZSI6MTY5Njg3NTQzMCwiY29ubmVjdG9yIjotMSwiaXNzdWVkIjoxNjk2ODcxODMwLjQxMX0.IfOIFqeDASJ39cOYYB7C0bg7_U6oYYqS1Nf8_ZnBbYk
.discordapp.com/ Name: __cf_bm
Value: 1hVEmLAPpggHxohX0H2BdhUIg7UCPtKoANMKgOc9tZg-1696871831-0-Ab+EtPQKhUNjA7b97fe14lCtfU3BDZYzSE15GL3vF/KDiYEiWUveLAOBF05+eM6xi2u3ofkaW2yzDbhJBWBb/68=
.youtube.com/ Name: YSC
Value: ZWmMNtFAFz0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: z6_TSC_kJuE
pogothere.xyz/ Name: csu
Value: 2192373877827891@1@1696871831

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfR2twlWCqsYaMX4qNEzwRzshH2TcftAs4hEbeGs-nN-rhXxmLCs8KLyjXcUETUhAX6o3AZ4A&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S806192492%3A1696871831554483&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhfQxC09RjDJo9iISyc8nWlLZ3PSG_KEtPmeFyypScnQVr3m17qgfBZP0FNNh3VrGpr_U35DOQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761438761%3A1696871831623023&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
asbutiseemedli.com
cdn.discordapp.com
cdn.fonts.nexus
cdnjs.cloudflare.com
cf-ent-cache.nexuspipe.com
d1err2upj040z.cloudfront.net
flux.li
fonts.googleapis.com
fonts.gstatic.com
fonts.nexus
googleads.g.doubleclick.net
hcaptcha.com
jnn-pa.googleapis.com
nethebravero.com
newassets.hcaptcha.com
pogothere.xyz
static.doubleclick.net
www.facebook.com
www.youtube.com
104.16.168.131
104.16.169.131
143.204.215.47
162.159.135.233
170.187.189.191
172.64.106.19
188.114.97.3
2600:9000:2250:600:c:7a1a:d8c0:21
2606:4700::6811:190e
2a00:1450:4001:806::200a
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::200d
2a03:2880:f177:185:face:b00c:0:25de
02367b7a4b8e6b48392d97d672d2e86b6a317cf463df6d9f3ce4cee9db398e4b
08b13a5961fffca30fc0a549563aa898c554f5f9d3e6c381c398547f6b02b644
0b2b8bd8e2236ee8442b346a3c2660575f16ddda02cd5ef53efd83df576af005
0de5b433ce17c244098a387a2eb1f9eb1f6255329cd1f520da7f031d3db023ba
1a52c17bbbc63cc71daf11aa14d1661212c72c2404f2783672a3a58ddd8cd89d
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1f1f4f1ba51ead3481418ac13fc4a1e511a2db55afc68869bcbe3384a1e59071
29076bafd46813a42c299189c613e843fb39a4c583c31cd7c67a01317d9e69b8
331c98cef3112777df85fba3dab26fbd29b89a5897324b97f98ebaeafede7de1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
48fe791bbe3e345fa2d9495266964a1580e390ed5d4792ecad49c714925a4600
4ddf6973fa3421cc10d8946187a761c0317632b66442c3d20c736024fba1029f
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
64dde3c4628776eae8ef19a7132532371ddc2eb02e6e293325b14820cb8813e8
73d7ad907f41330815c18bc9ec25b8f1d5cd4756aa958cce493285fa2d7c453c
7a8b78e73d05781a7a452c8b9014bbeafa6acddb856c03da1f10edd15874fd7a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e83bcf0315f708e646d547688191140b0fbf240f230225e7e4cc136d8133fe3
950e5457796c78be78986532b893426dbdca4070de42e1e99d64c26b805647e1
9cb3a95c3fff860914afa9c37227c96844b694be42101bbabe85bd4677480d00
9cc2d9b5ca0f447c87454e3c73527a301eb5eda4b66c0c4e6f577f5b6ca2a1b5
9e1b5c0e0b8815d8f2ca14111910e6454eb69a9aa219a72f37ce5b393a975b84
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
a51b56b7a9dd18f9371dcd9ae13758336d88144417ceb12ef8eccdbc2546f568
b135b72fa2094242a6bb5b528a52420209020d8bd182d551d03bd5dacd9ff2c8
c666eed618c53177e2e8233f33fd4d1f3ff8afc61ea339a15ffa2d1d6461538a
cb873f9476ff6e0fe43e20b3c56ce47f44d3fae6d25382f561a81d8ec4c511e1
d4a7b0495f6444db3ebb991bdeb59495bb05524d720e5762482dc8cd4c1d296d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d97b3ca50bc4969d854916349fef03047a23f105d9375c4eece0359c16337bf0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5b61a0f51e14cf9c360329736f08563446ee3946d03db8a1307516d4778838d
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fda2475f79c866ea50085deed3d2c8715ceeb77d091b4ab6f63cf60253ca9010