fortunetiger.site Open in urlscan Pro
104.199.204.141 Public Scan

Software

sffe /

Resource Hash

459c5b86042d3b4a705eaa72f629ce8d87d48e97093c2253b90ae0c38842b0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8284
x-xss-protection: 0
last-modified: Tue, 18 Jan 2022 09:29:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:49 GMT

GET
H2 200 pgs_fortunetiger.jpg
cdn.hub88.io/pgsoft/ 66 KB
66 KB 777ms
283ms Image
image/jpeg 13.33.88.51
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.hub88.io/pgsoft/pgs_fortunetiger.jpg
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-51.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ae2bbae53ac5ee64cee7a90153777bd955e83d0135f1f08fbaaf372b4b11560

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 10:21:31 GMT
x-amz-version-id: q0g5N_RARZ5rUy7eHjWncR9T_asGtql5
via: 1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
last-modified: Thu, 14 Apr 2022 12:36:41 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 80120
etag: "46f5dd64dfc376faf855f0e24757bbd4"
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 67329
x-amz-cf-id: qjI0Rmw58ls-xoPsCU8SPzNq-uJjmfcajSAOeFOdW5Fqez7keuC3gg==

GET
H2 200 fortune-tiger.webp
www.livebet.com/images/casino/slots/pg-soft/ 20 KB
20 KB 716ms
419ms Image
image/webp 172.66.40.105
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.livebet.com/images/casino/slots/pg-soft/fortune-tiger.webp
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.66.40.105 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a0a4b7846eb158edb53deb770407bfe3f7a876325021b10d47d7f6e82608fd5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20298
last-modified: Mon, 17 Oct 2022 14:04:13 GMT
server: cloudflare
etag: "634d60dd-4f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2k%2FomFKSvn0L9GhJUwvD7tc493etDjto71xJmr59Cvc04ONOn5HSy1q93EsRp2ku0SLofXJ2ufWPeYc8%2BgCqCQ5lmy1YPYAlqTMs6Lriyn4I7sDrkG3Rta3fZsPT1NfWOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 786bd8f58bada882-SYD
x-schema-type: https
expires: Sun, 07 Jan 2024 01:17:11 GMT

GET
H2 200 Fortune-Tiger-Slot-Demo.jpg
all4slots.com/wp-content/uploads/2022/01/ 87 KB
87 KB 451ms
155ms Image
image/jpeg 104.21.6.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://all4slots.com/wp-content/uploads/2022/01/Fortune-Tiger-Slot-Demo.jpg
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.6.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a80ebc6a96f390fe5a0f645e76ede6e69b819e74f298c8b769c8e245d025cda

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:50 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jan 2022 17:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38067
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fccy01z1MNAS2urB1pRxZ48H%2BM7Iylwd1cx4zBg%2BedlkN3k7iZkDVsvaOfmhzUiZ9RGFwVUVHHLAK2m6gyRxpqgZhFFLyNz%2BBO%2FgDcTCHPKR1VcaGa1bkTUCkaksX5Lr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 786bd8f58a82a8bc-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 88627
expires: Sat, 29 Apr 2023 19:54:26 GMT

GET
H2 200 Fortune-Tiger-1.png.webp
megagame54.com/wp-content/uploads/2022/01/ 102 KB
103 KB 661ms
359ms Image
image/webp 104.21.66.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megagame54.com/wp-content/uploads/2022/01/Fortune-Tiger-1.png.webp
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.66.124 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c08c793e0f4a17e319c9ea558904b397dde49700bf007c6b0cc25e3ce777bd5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:50 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jan 2022 12:53:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCXQd3YQg1s4ZJ0p9G83f93Rp55SJyJ6RojN7vc7unrG0O2H0ONCxwdeaikTWHmnAMxDNn91DrQvOYyY5Qd5yQUr%2FAEMhn5uG6NHj2jPSrNkaHgcw8Y%2FCnFvrfpCl4Gu1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 786bd8f59fa56a54-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104592
expires: Wed, 18 Jan 2023 09:32:32 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 18 KB
18 KB 387ms
383ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSSvt_aGpZz-mCCJggCFL0YkbGaaAARvHUnDQ&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74fdb6368e0cc9524e5e43bb996c9dd8c2408a66914b0b38669761ac5d9dd62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18276
x-xss-protection: 0
last-modified: Wed, 08 Jan 2020 02:54:37 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:49 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 16 KB
17 KB 549ms
546ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRODMJrtezHQIEoJ_AQNsssMGWOmSCZ99soMSRD8NEMYthzllmzHTPn6miQOlEqUwvVo_8&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2af56df4fdf33e81ed9c47d7d549fa0e2d4ecaf92df73eda9f088786087d968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:49 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16866
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 23:59:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:49 GMT

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 20 KB
20 KB 276ms
273ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQlvZ6LcSR5bBSJnITVHwYXijRb4Urg77lYqDb3lGXbEpamk1Uy2zHUbZ34o8kmPsoxd4s&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

639807a14642f72f34709f9ef90af50e6aff5cb04c279dc6dae2ac1473aa7a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 02:25:26 GMT
x-content-type-options: nosniff
age: 22283
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20744
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 02:41:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 02:25:26 GMT

GET
H2 200 Malaysia-Jackpot-Slot-Game-caishen-gold.jpg
www.empire777.info/wp-content/uploads/2017/10/ 0
0 1036ms
663ms Image
text/html 104.21.84.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empire777.info/wp-content/uploads/2017/10/Malaysia-Jackpot-Slot-Game-caishen-gold.jpg
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.84.201 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 images
encrypted-tbn0.gstatic.com/ 16 KB
16 KB 326ms
325ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQiUwwfPaPcD-m9BNr3K9oVEtYwwT-rOgEx4w&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

server-13-35-8-58.sin5.r.cloudfront.net

Software

sffe /

Resource Hash

8857fc1a99325893e9eee21e24936a7fcc7da89e904a32998cfe77ba2a8484bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:51 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16271
x-xss-protection: 0
last-modified: Thu, 18 Jun 2020 10:07:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:51 GMT

GET
H2 200 Fortune-Tiger.jpg
static.casino.guru/pict/324807/ 332 KB
332 KB 808ms
289ms Image
image/jpeg 13.35.8.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.casino.guru/pict/324807/Fortune-Tiger.jpg?timestamp=1663923035000&width=838&imageDataId=378970

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.8.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.22.0 /

Resource Hash

586cf13e192253fedb9b7f1a3b46869f09165bc8b4e3678eef7303401f2cde40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 19:01:05 GMT
strict-transport-security: max-age=31536000;includeSubDomains
content-encoding: gzip
via: 1.1 fb176da9df72832dd488674f28c0a880.cloudfront.net (CloudFront)
server: nginx/1.22.0
x-amz-cf-pop: SIN5-C1
age: 567346
etag: "0ee3e0a0511cda24e1160606e4e6b447c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=31556926
content-length: 338962
x-amz-cf-id: ipu4gNfUJziMKkUquHgCNsPSgAjMcQljBkh0fH0TOy3aOAFOh1oPuA==
service-worker-allowed: /news

GET
H3 200 images
encrypted-tbn0.gstatic.com/ 13 KB
13 KB 352ms
352ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ9KjDaohw3q-myrYxYHNXHYRIYSIFpK4EDewk9VzaqTF6SC-mZ3jjasFZ_CxNvcR3Le9w&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6d43ef4fba6027b562e934ae2906a6f6a3005ab971ecc78b76de2a3b7826949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:51 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13167
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 19:20:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:51 GMT

GET
H3 200 images
encrypted-tbn0.gstatic.com/ 14 KB
14 KB 426ms
425ms Image
image/jpeg 74.125.68.139
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSbS9j5IO5AnTBuAt7rdKqyHIsB_vsCcj4OeFa7_DPZHU8tmxG3INPiF1SHDzLmeb7bqhw&usqp=CAU

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.68.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50886ac903453c59d12b18789edce317022553a57e34af3381176e4bd8e3101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:51 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14312
x-xss-protection: 0
last-modified: Tue, 22 Jan 2019 19:49:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 09 Jan 2024 08:36:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 861ms
311ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Exo%202:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a24a4797d6c1df341ba3a23f9241b9ed7b63986e974377c2ccac17080e8018b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 26 KB
1 KB 848ms
298ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
769 B 831ms
282ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%20Condensed:300,300i,700&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97f2aae05698136e460333f1919da58d0a92df73d9cdc5dc40041b5bfef5acb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
658 B 826ms
276ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Sans:400,400i,700,700i&subset=cyrillic,cyrillic-ext,latin,latin-ext

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67d8f00d442f5c27bc4a9cd4d9a9414a7fc888124c49b78bee26719ecf92ce52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 825ms
275ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Sans%20Caption:400,700&subset=cyrillic,cyrillic-ext,latin,latin-ext

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf7fbabb501af2b5df6151a5faa4c744c0fcf1cb477d06fa96cce445720070d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
580 B 836ms
286ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT%20Sans%20Narrow:400,700&subset=cyrillic,cyrillic-ext,latin,latin-ext

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc7a915581da5711f9a3f3a2cf7d56cd12e0f470242c4948e00ec89f831b965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 24 KB
1 KB 846ms
297ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ce91e27c75f26017876adeda75acc652f5d48f9875d6db451b2ab3547c3ba64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
949 B 836ms
287ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed:300,300i,400,400i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9d2bd2d90cbbedd8ea3df2e4245824c56ed26823c9abe4b1062af79f853b6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
912 B 1100ms
551ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Slab:100,200,300,400,500,600,700,800,900&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e9b68262c00414c7d72cace8b7a8d8e1965f3210e7d333a4da27aae04c409a01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
559 B 1094ms
545ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair%20Display:400,700&subset=latin

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73d2d9664745fbb23bc1ec6e64d7c74a173c9a08f4f7be614b3a9f5c434b14a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
701 B 1116ms
567ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source%20Sans%20Pro:400,600&subset=latin

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
900 B 1116ms
568ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,300i,400,400i,500,500i,700,700i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2648cf7416459a62882bdb959e1f81bb5af5fa82b0efcb78a2b9b3397fee3182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
496 B 1128ms
580ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Trirong:400&subset=latin

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2fca885e240d6c7c77e9f6c99ca54c57b2dce0b6dec54eaffbc66eb475af99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 28 KB
1 KB 1105ms
557ms Stylesheet
text/css 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4cbff064f2433da9faabb19d323686578f36896857d3f01f0f8fbcdea7873a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 09 Jan 2023 08:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 09 Jan 2023 08:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 uploaded.css
fortunetiger.site/css/fonts/custom/ 0
166 B 275ms
274ms Stylesheet
text/css 104.199.204.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunetiger.site/css/fonts/custom/uploaded.css
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/css/common.css?ts=1673252568
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.204.141 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 141.204.199.104.bc.googleusercontent.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/css/common.css?ts=1673252568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:48 GMT
last-modified: Mon, 09 Jan 2023 08:22:48 GMT
server: Apache
etag: "0-5f1d078fbc158"
content-type: text/css
cache-control: max-age=691200
accept-ranges: bytes
content-length: 0
expires: Tue, 17 Jan 2023 08:36:48 GMT

GET
H2 200 84ab2490271afceebbfe7618e920d7f8.jpg
fortunetiger.site/gallery_gen/ 90 KB
90 KB 276ms
275ms Image
image/jpeg 104.199.204.141
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fortunetiger.site/gallery_gen/84ab2490271afceebbfe7618e920d7f8.jpg
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/css/1.css?ts=1673252568
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.204.141 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 141.204.199.104.bc.googleusercontent.com
Software: Apache /
Resource Hash: 870a7a4a9148eb56557a6d75b6c85d8fe9ad7606abebeee70d6b15994f6d8791

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/css/1.css?ts=1673252568
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:49 GMT
last-modified: Mon, 09 Jan 2023 08:09:54 GMT
server: Apache
etag: "167d2-5f1d04ad8208e"
content-type: image/jpeg
cache-control: max-age=691200
accept-ranges: bytes
content-length: 92114
expires: Tue, 17 Jan 2023 08:36:49 GMT

GET
H2 200 7r3GqXNgp8wxdOdOn4so2A.woff2
fonts.gstatic.com/s/trirong/v11/ 20 KB
20 KB 1139ms
590ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/trirong/v11/7r3GqXNgp8wxdOdOn4so2A.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Trirong:400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e02a3e4d57642f908ae8a3376cf052f73fdd8a5245abf43650d3f6abcb816f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 21:13:17 GMT
x-content-type-options: nosniff
age: 41013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20416
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:26:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:13:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 821ms
272ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:18:08 GMT
x-content-type-options: nosniff
age: 429522
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jan 2024 09:18:08 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 1239ms
691ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&subset=cyrillic,cyrillic-ext,latin,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 05:06:27 GMT
x-content-type-options: nosniff
age: 185423
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 05:06:27 GMT

GET
H2 200 7r3GqXNgp8wxdOdOn58o2JZg.woff2
fonts.gstatic.com/s/trirong/v11/ 16 KB
16 KB 1394ms
854ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/trirong/v11/7r3GqXNgp8wxdOdOn58o2JZg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Trirong:400&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3b1f9892aca798d2e90c765753e40474f1d6accfab04a4bd9b1efe0e610d034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 13:01:41 GMT
x-content-type-options: nosniff
age: 243309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15956
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:26:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 13:01:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 874ms
341ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:38:18 GMT
x-content-type-options: nosniff
age: 352712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 06:38:18 GMT

GET
H2 200 fontawesome-webfont.woff2
fortunetiger.site/css/fonts/ 75 KB
76 KB 811ms
810ms Font
font/woff2 104.199.204.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunetiger.site/css/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: fortunetiger.site
URL: https://fortunetiger.site/css/font-awesome/font-awesome.min.css?v=4.7.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.204.141 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 141.204.199.104.bc.googleusercontent.com
Software: Apache /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://fortunetiger.site/css/font-awesome/font-awesome.min.css?v=4.7.0
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:49 GMT
last-modified: Mon, 09 Jan 2023 08:09:54 GMT
server: Apache
etag: "12d68-5f1d04ad6f7a7"
content-type: font/woff2
cache-control: max-age=0
accept-ranges: bytes
content-length: 77160
expires: Mon, 09 Jan 2023 08:36:49 GMT

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
35 KB 1431ms
908ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair%20Display:400,700&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fortunetiger.site
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 23:56:45 GMT
x-content-type-options: nosniff
age: 31205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 08 Jan 2024 23:56:45 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 833ms
283ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api?_=1673253408650

Requested by

Host: fortunetiger.site
URL: https://fortunetiger.site/js/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 09 Jan 2023 08:36:52 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ 184 KB
62 KB 575ms
273ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?_=1673253408650

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://fortunetiger.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:33:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62997
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:33:32 GMT

GET
H3 200 / Show response
www.youtube.com/embed/ Frame 6A25 40 KB
11 KB 305ms
304ms Document
text/html 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3eded5a7263753e974c8cc7cbdb37ac1750ded8c95e3585b99c490ba440b612d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunetiger.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 09 Jan 2023 08:36:53 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame 6A25 360 KB
49 KB 275ms
274ms Stylesheet
text/css 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 10:35:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 08 Jan 2024 10:35:59 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame 6A25 339 KB
107 KB 516ms
515ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 03:57:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 03:57:12 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/ Frame 6A25 2 MB
596 KB 638ms
638ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5189de783f25e7a910fdfed24cae2d64227ae61d8f4edc797299644bac875367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 05:12:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 98656
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 610118
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 08 Jan 2024 05:12:37 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame 6A25 9 KB
3 KB 624ms
624ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183711
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 05:35:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A25 15 KB
15 KB 575ms
273ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 13:52:45 GMT
x-content-type-options: nosniff
age: 153849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 07 Jan 2024 13:52:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6A25 15 KB
15 KB 595ms
294ms Font
font/woff2 142.250.4.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 06 Jan 2023 23:12:16 GMT
x-content-type-options: nosniff
age: 206678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Jan 2024 23:12:16 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6A25
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

577ms
275ms

XHR
application/json

142.250.4.157

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Server

142.250.4.157 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

289e2ac4f12204a9bf65071aaf85a6867138504e343deb8d8b648853ceb20638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 09 Jan 2023 08:36:56 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6A25 29 B
588 B 1852ms
273ms Script
text/javascript 142.251.12.148

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.148 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:22:07 GMT
x-content-type-options: nosniff
age: 889
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 09 Jan 2023 08:37:07 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 1824ms
275ms Preflight
text/html 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 Jan 2023 08:36:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A25 66 KB
31 KB 580ms
279ms XHR
application/json+protobuf 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2fb5cdf227e820db5200dd947e578fb17f032a2d05467d39cff4583d8724009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Jan 2023 08:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31018
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/ Frame 6A25 119 KB
36 KB 274ms
274ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f1cab959da593682efa69c814c193b5df69c0822ca8cefdff029868d5620ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 16:53:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37187
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 07 Jan 2024 16:53:03 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/ Frame 6A25 26 KB
8 KB 274ms
274ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac636b766f6b9565ae41053120700c5afc6383dc0b55dc81ec5fdf8b079ecf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 01:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25208
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8330
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 09 Jan 2024 01:36:47 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 6A25 65 KB
22 KB 345ms
344ms XHR
application/json 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

056c10392f97752c44adaa5b7cbbdfc1b3fd5f74dd42b102f65ebb06da6d4f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgtiZHRma2lOVHJERSilpO-dBg%3D%3D

Response headers

date: Mon, 09 Jan 2023 08:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22388
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6A25 4 KB
3 KB 827ms
276ms Script
text/javascript 142.251.12.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 08:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 09 Jan 2023 08:36:57 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 6A25 0
19 B 275ms
274ms XHR
text/html 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=uS0AwhGi5_r6hzGw&el=embedded&ns=yt&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24292955%2C24403045%2C24406621%2C24409252%2C24415864%2C24439360%2C24441239&cl=499069944&seq=1&docid=EdBYVZRUtZY&ei=J9K7Y5CFHdrX3LUPuKCzkA8&event=streamingstats&plid=AAXx0KtzX4S8rOvw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fenablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ffortunetiger.site%26widgetid%3D1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.374:B,0.374:B&cmt=0.009:0.000,0.374:0.000&afs=0.374:251::i&vfs=0.374:243:243::r&view=0.374:711:400&bwe=0.374:130000&bat=0.374:1:1&vis=0.374:0&bh=0.374:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiZHRma2lOVHJERSilpO-dBg%3D%3D
X-YouTube-Ad-Signals: dt=1673253415207&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C711%2C400&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 08:36:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-ntqe6n7k.googlevideo.com/ Frame 6A25 1 KB
2 KB 1250ms
142ms Fetch
text/plain 173.194.28.106

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ntqe6n7k.googlevideo.com/videoplayback?expire=1673275015&ei=J9K7Y5CFHdrX3LUPuKCzkA8&ip=116.90.74.215&id=o-AH38ovguy0vkuFbaVenSM9eAhdD2Khtv9hkULirv2YLn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=xO&mm=31%2C29&mn=sn-ntqe6n7k%2Csn-ntq7yner&ms=au%2Crdu&mv=m&mvi=5&pl=24&initcwndbps=1947500&spc=zIddbGAPtLSf1Ki6oP_al4TV8tZPAFQ&vprv=1&mime=video%2Fwebm&ns=6V8hoYPZToeLGEs82J-FmCYK&gir=yes&clen=3309563&dur=113.666&lmt=1664935231184481&mt=1673252966&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5bN8PHIZ6j3jwQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgAw2wEHIytDikvzCpqParTxNiQJk-NUAymqw1EA3pjMwCIQDNPg4sypyJihDFrr_MTkwOUHhttyXjxhrzZtBKKpojZg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdkhiA1xivoL-dv3cOYoYZ6g5qbx_OD6FJhA1kkCZEPsCIQDYCxY0NJZJwqjDRttzrqnqj1QdrzNfMfuLtN68fTSjWA%3D%3D&alr=yes&cpn=uS0AwhGi5_r6hzGw&cver=1.20230102.00.00&range=0-77513&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.28.106 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

362d1a25fcbb60d75d71b3c680364216c23e0ed52a2ec8f34eb21afe1e0aea20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 08:36:56 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1098
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 09 Jan 2023 08:36:56 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-ntqe6n7k.googlevideo.com/ Frame 6A25 1013 B
2 KB 1250ms
143ms Fetch
text/plain 173.194.28.106

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-ntqe6n7k.googlevideo.com/videoplayback?expire=1673275015&ei=J9K7Y5CFHdrX3LUPuKCzkA8&ip=116.90.74.215&id=o-AH38ovguy0vkuFbaVenSM9eAhdD2Khtv9hkULirv2YLn&itag=251&source=youtube&requiressl=yes&mh=xO&mm=31%2C29&mn=sn-ntqe6n7k%2Csn-ntq7yner&ms=au%2Crdu&mv=m&mvi=5&pl=24&initcwndbps=1947500&spc=zIddbGAPtLSf1Ki6oP_al4TV8tZPAFQ&vprv=1&mime=audio%2Fwebm&ns=6V8hoYPZToeLGEs82J-FmCYK&gir=yes&clen=1898889&dur=113.701&lmt=1664935242142275&mt=1673252966&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5bN8PHIZ6j3jwQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgVne5xbYR4hUetkQggdZM8iP5Y5j0TatFHxvtRVB-AhkCIB4uIhQ9-pjA-bXcYdJXCvnmIpTM0JBeeB6RJ1DU2W-G&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgdkhiA1xivoL-dv3cOYoYZ6g5qbx_OD6FJhA1kkCZEPsCIQDYCxY0NJZJwqjDRttzrqnqj1QdrzNfMfuLtN68fTSjWA%3D%3D&alr=yes&cpn=uS0AwhGi5_r6hzGw&cver=1.20230102.00.00&range=0-66002&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

173.194.28.106 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

519a2b6c4243c15d5623811bb872b6b690b1b676b631076c5409e8f1d9f3e204

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 09 Jan 2023 08:36:56 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1013
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 09 Jan 2023 08:36:56 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/ Frame 6A25 68 KB
25 KB 275ms
274ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984d786aa7d8acaf9006c50e873b89e4e15102f8528cce342e63865ed7127543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:39:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25811
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:39:39 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/ Frame 6A25 32 KB
9 KB 278ms
278ms Script
text/javascript 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d032c4c8d2cd74b65f3ed06b0530af5e3596239f6b90cdf01cb30301470bb1ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 475770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8913
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:27:28 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 6A25 33 KB
6 KB 535ms
527ms XHR
application/json 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

0185ad2da1bb5524d74c21772282c4d5bb56a707be748df2108b003d39a2a435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgtiZHRma2lOVHJERSilpO-dBg%3D%3D

Response headers

date: Mon, 09 Jan 2023 08:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6027
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-npoeener.googlevideo.com/ Frame 6A25 76 KB
76 KB 613ms
326ms Fetch
video/webm 74.125.96.10

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoeener.googlevideo.com/videoplayback?expire=1673275015&ei=J9K7Y5CFHdrX3LUPuKCzkA8&ip=116.90.74.215&id=o-AH38ovguy0vkuFbaVenSM9eAhdD2Khtv9hkULirv2YLn&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=zIddbGAPtLSf1Ki6oP_al4TV8tZPAFQ&vprv=1&mime=video%2Fwebm&ns=6V8hoYPZToeLGEs82J-FmCYK&gir=yes&clen=3309563&dur=113.666&lmt=1664935231184481&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5bN8PHIZ6j3jwQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgAw2wEHIytDikvzCpqParTxNiQJk-NUAymqw1EA3pjMwCIQDNPg4sypyJihDFrr_MTkwOUHhttyXjxhrzZtBKKpojZg%3D%3D&alr=yes&cpn=uS0AwhGi5_r6hzGw&cver=1.20230102.00.00&redirect_counter=1&cm2rm=sn-ntqss76&cms_redirect=yes&cmsv=e&mh=xO&mm=34&mn=sn-npoeener&ms=ltu&mt=1673253175&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCBMZuyMh4J5u0E0ALRTKUKdoOzvOZ5Yd32_4HI3gkJAiEAqfl3fm5J6Fc0lxbRZLmMcUK3iGN8GxPCh0tK9BkJchQ%3D&range=0-77513&rn=3&rbuf=0&altitags=242%2C278

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.96.10 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

29f75735e5ddde7c869575e74ffa29c56ae209902ac2329b07af7ae082a83017

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 09 Jan 2023 08:36:57 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77514
last-modified: Wed, 05 Oct 2022 02:00:31 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 09 Jan 2023 08:36:57 GMT

POST
H3 200 videoplayback Show response
rr5---sn-npoeener.googlevideo.com/ Frame 6A25 64 KB
64 KB 541ms
256ms Fetch
audio/webm 74.125.96.10

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-npoeener.googlevideo.com/videoplayback?expire=1673275015&ei=J9K7Y5CFHdrX3LUPuKCzkA8&ip=116.90.74.215&id=o-AH38ovguy0vkuFbaVenSM9eAhdD2Khtv9hkULirv2YLn&itag=251&source=youtube&requiressl=yes&spc=zIddbGAPtLSf1Ki6oP_al4TV8tZPAFQ&vprv=1&mime=audio%2Fwebm&ns=6V8hoYPZToeLGEs82J-FmCYK&gir=yes&clen=1898889&dur=113.701&lmt=1664935242142275&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5bN8PHIZ6j3jwQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgVne5xbYR4hUetkQggdZM8iP5Y5j0TatFHxvtRVB-AhkCIB4uIhQ9-pjA-bXcYdJXCvnmIpTM0JBeeB6RJ1DU2W-G&alr=yes&cpn=uS0AwhGi5_r6hzGw&cver=1.20230102.00.00&redirect_counter=1&cm2rm=sn-ntqss76&cms_redirect=yes&cmsv=e&mh=xO&mm=34&mn=sn-npoeener&ms=ltu&mt=1673253175&mv=m&mvi=5&pl=24&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgf5KyCRi_tGXmJV-xEASalzDi9lDMX09D4FWfydAWQTICIQDmg5OA0JmylQNirGXmclg7NBW7KuO2TGZ7NwtQJlghvQ%3D%3D&range=0-66002&rn=4&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.96.10 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

96c591c73fe8962bd977ea5d3cd49854c1db65bf11f68e0dc15b5bc98e8c335b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 09 Jan 2023 08:36:57 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66003
last-modified: Wed, 05 Oct 2022 02:00:42 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21298
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 09 Jan 2023 08:36:57 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6A25 28 B
50 B 279ms
278ms XHR
application/json 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Request-Time: 1673253417256
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiZHRma2lOVHJERSilpO-dBg%3D%3D
X-YouTube-Ad-Signals: dt=1673253414735&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C711%2C400&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 09 Jan 2023 08:36:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6A25 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu9rQjFk8NPn9Tg-ans7HdDU2osTbSNONW2nME0R1A=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6A25 3 KB
3 KB 825ms
275ms Image
image/jpeg 142.250.4.132

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu9rQjFk8NPn9Tg-ans7HdDU2osTbSNONW2nME0R1A=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.132 -, , ASN (),

Reverse DNS

Software

fife /

Resource Hash

38493690ea91bd80e92ce0d274bee7b8e3923c10fde79ec87fc845ef20f1f23b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 09 Jan 2023 05:26:30 GMT
x-content-type-options: nosniff
age: 11428
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2863
x-xss-protection: 0
server: fife
etag: "vfa"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 05 Jan 2023 10:25:28 GMT

GET
DATA 200
OK truncated
/ Frame 6A25 319 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e15532983f0e76d961ddc14f26416f39cbe4cf7e8b0a4e0c962876fff03d4a2c

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/89/ Frame 6A25 48 KB
14 KB 575ms
274ms Script
text/javascript 142.251.12.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/89/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

eabf87315be46a093741ed7d6a367b58627e45fbcf22505e3fa092f4dc7a4d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 08 Jan 2023 09:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14262
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:19:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 09 Jan 2023 09:58:45 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6A25 94 B
138 B 279ms
278ms XHR
application/json+protobuf 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c51fe11a7e307bda619a7d43fc4fc73a6f1ac3c611e0179a85a19fa18fe35d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 09 Jan 2023 08:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 275ms
274ms Preflight
text/html 172.217.194.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 09 Jan 2023 08:36:58 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-ntqe6n7k.googlevideo.com/ Frame 6A25 1 KB
1 KB 287ms
142ms Fetch
text/plain 173.194.28.106

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.28.106 -, , ASN (),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

70f89229998ea9aaa25222340fe477761e8b2b4436137d8d70511f0d6d32d4f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 09 Jan 2023 08:36:58 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1108
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21297
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 09 Jan 2023 08:36:58 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 6A25 0
18 B 276ms
276ms XHR
text/html 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=uS0AwhGi5_r6hzGw&ver=2&cmt=0.012&fmt=243&fs=0&rt=2.783&euri=https%3A%2F%2Ffortunetiger.site%2F&lact=2569&cl=499069944&mos=1&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&splay=1&hl=en_US&cr=NZ&len=113.701&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24292955%2C24403045%2C24406621%2C24409252%2C24415864%2C24439360%2C24441239&rtn=6&afmt=251&size=711%3A400&inview=0&muted=1&docid=EdBYVZRUtZY&ei=J9K7Y5CFHdrX3LUPuKCzkA8&plid=AAXx0KtzX4S8rOvw&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F%3Fenablejsapi%3D1%26origin%3Dhttps%253A%252F%252Ffortunetiger.site%26widgetid%3D1&of=s47Xr5vSNvc7-o38qC22dw&vm=CAEQABgEOjJBTzY4R1pGVW9wWVE4TnVqX0ZnZGlkWE8zZjdhSXBsbE1KbmkwU21RNHZaV2V4WWtjZ2JYQVBta0tES2pHVkZlXzJJeEVLdFRYWF9ybjVYMmdFQ3QwN3hIMTRRaVNZY09MeVUwNzlCcXRhT2J6NmQzUDU5a19PM1JURlVEOThIX1BERGtJcmdZaFBBNGgB

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/?enablejsapi=1&origin=https%3A%2F%2Ffortunetiger.site&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtiZHRma2lOVHJERSilpO-dBg%3D%3D
X-YouTube-Ad-Signals: dt=1673253415207&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C711%2C400&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Mon, 09 Jan 2023 08:36:58 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 6A25 0
18 B 274ms
274ms XHR
text/html 172.217.194.91
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=EdBYVZRUtZY&cpn=uS0AwhGi5_r6hzGw&ei=J9K7Y5CFHdrX3LUPuKCzkA8&ptk=youtube_none&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.91 , United States, ASN15169 (GOOGLE, US),

Reverse DNS