aa.metrolagu.ru Open in urlscan Pro
185.150.189.202 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Submission: On May 19 via api (May 19th 2023, 6:42:38 am UTC) from US — Scanned from DE

Summary HTTP 77 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 27 domains to perform 77 HTTP transactions. The main IP is 185.150.189.202, located in United States and belongs to RELIABLESITE, US. The main domain is aa.metrolagu.ru.

This is the only time aa.metrolagu.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	185.150.189.202 185.150.189.202	23470 (RELIABLESITE) (RELIABLESITE)
1	192.243.61.225 192.243.61.225	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1178:1:4... 2a00:1178:1:4b::19	35415 (WEBZILLA) (WEBZILLA)
1	2606:4700:303... 2606:4700:3030::ac43:d31d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	173.233.137.60 173.233.137.60	7979 (SERVERS-COM) (SERVERS-COM)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	139.45.197.234 139.45.197.234	9002 (RETN-AS) (RETN-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
1 2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
3	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
1	2606:4700:303... 2606:4700:3037::6815:bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
1	139.45.197.152 139.45.197.152	9002 (RETN-AS) (RETN-AS)
77	31

13 185.150.189.202 (United States)

ASN23470 (RELIABLESITE, US)

aa.metrolagu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

pl19372992.highrevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::19 (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

scentedindication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:d31d (United States)

ASN13335 (CLOUDFLARENET, US)

inklinkor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)

www.profitabledisplaynetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.234 (United Kingdom)

ASN9002 (RETN-AS, GB)

bedrapiona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

dudialgator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ytmp3.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ytmp3.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4fe (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4i.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

gloaphoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:bf (United States)

ASN13335 (CLOUDFLARENET, US)

tzegilo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

fleraprt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.197.152 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	metrolagu.ru aa.metrolagu.ru	26 KB
12	youtube.com img.youtube.com — Cisco Umbrella Rank: 3085 www.youtube.com — Cisco Umbrella Rank: 80	964 KB
8	ytmp3.mobi 1 redirects ytmp3.mobi — Cisco Umbrella Rank: 296408	119 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 209 fonts.googleapis.com Failed	31 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 static.doubleclick.net — Cisco Umbrella Rank: 245	2 KB
3	gloaphoo.net gloaphoo.net — Cisco Umbrella Rank: 205648	33 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	41 KB
3	profitabledisplaynetwork.com www.profitabledisplaynetwork.com — Cisco Umbrella Rank: 75041
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 868	90 KB
2	histats.com s10.histats.com — Cisco Umbrella Rank: 17397 s4i.histats.com — Cisco Umbrella Rank: 143051	7 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
2	scentedindication.com 1 redirects scentedindication.com	886 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
1	cdnativepush.com static.cdnativepush.com — Cisco Umbrella Rank: 33543	3 KB
1	fleraprt.com fleraprt.com — Cisco Umbrella Rank: 18834	484 B
1	tzegilo.com tzegilo.com — Cisco Umbrella Rank: 19604	7 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	3 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 101	25 KB
1	dudialgator.com dudialgator.com — Cisco Umbrella Rank: 82356	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6080	408 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11120	543 B
1	bedrapiona.com bedrapiona.com — Cisco Umbrella Rank: 54467	2 KB
1	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 11205	5 KB
1	inklinkor.com inklinkor.com — Cisco Umbrella Rank: 94189	25 KB
1	highrevenuegate.com pl19372992.highrevenuegate.com
0	alexametrics.com Failed certify-js.alexametrics.com Failed
77	27

	Domain	Requested by
13	aa.metrolagu.ru	aa.metrolagu.ru
9	www.youtube.com	aa.metrolagu.ru www.youtube.com
8	ytmp3.mobi	1 redirects aa.metrolagu.ru ytmp3.mobi
4	jnn-pa.googleapis.com	www.youtube.com
3	gloaphoo.net	aa.metrolagu.ru gloaphoo.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.profitabledisplaynetwork.com	aa.metrolagu.ru
3	img.youtube.com	aa.metrolagu.ru
2	use.fontawesome.com	ytmp3.mobi use.fontawesome.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	www.google.com	aa.metrolagu.ru www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	scentedindication.com	1 redirects aa.metrolagu.ru
2	www.googletagmanager.com	aa.metrolagu.ru ytmp3.mobi
1	static.cdnativepush.com	gloaphoo.net
1	fleraprt.com	tzegilo.com
1	tzegilo.com	gloaphoo.net
1	s4i.histats.com	aa.metrolagu.ru
1	s10.histats.com	aa.metrolagu.ru
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	dudialgator.com	inklinkor.com
1	www.google.de	aa.metrolagu.ru
1	my.rtmark.net	inklinkor.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	bedrapiona.com	inklinkor.com
1	1.bp.blogspot.com	aa.metrolagu.ru
1	inklinkor.com	aa.metrolagu.ru
1	pl19372992.highrevenuegate.com	aa.metrolagu.ru
0	fonts.googleapis.com Failed	gloaphoo.net
0	certify-js.alexametrics.com Failed	aa.metrolagu.ru
77	33

This site contains links to these domains. Also see Links.

Domain
youtube.com
goo.gl
www.facebook.com
twitter.com
plus.google.com
woovoree.net
intorterraon.com
www.highrevenuegate.com
scratchy-trick.com
www.histats.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
inklinkor.com GTS CA 1P5	`2023-04-29` - `2023-07-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
bedrapiona.com R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
rtmark.net R3	`2023-05-06` - `2023-08-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ytmp3.mobi GTS CA 2P2	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-05-06` - `2023-08-04`	3 months	crt.sh
histats.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
gloaphoo.net R3	`2023-05-07` - `2023-08-05`	3 months	crt.sh
*.tzegilo.com GTS CA 1P5	`2023-04-11` - `2023-07-10`	3 months	crt.sh
fleraprt.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-09` - `2024-01-14`	a year	crt.sh
cdnativepush.com R3	`2023-04-25` - `2023-07-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Frame ID: 4953A9140DEAE9B6E3FB6AF1B70A0C9C
Requests: 42 HTTP requests in this frame

Frame: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
Frame ID: D5DF6FCDBF99F721961D6433027EE031
Requests: 20 HTTP requests in this frame

Frame: https://ytmp3.mobi/button-api/
Frame ID: 479BF3CCE068DCBF0D225E49A68E471A
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: 66C2563DC453CBF6F36279E0CD425FE3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Aare Dr. Sikiru Ayinde Barrister - Precaution (Canadian Fuji) Download Music Mp3 Convert - Music Video Tv Radio Zone

Detected technologies

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

61 %
HTTPS

68 %
IPv6

27
Domains

33
Subdomains

31
IPs

6
Countries

1527 kB
Transfer

4339 kB
Size

17
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://youtube.com/Aare%20Dr%20Sikiru%20Ayinde%20Balogun
Title: Aare Dr Sikiru Ayinde Balogun

Search URL Search Domain Scan URL

URL: https://goo.gl/E2c4so
Title: go to this link

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?source=fahrulysf&text=Aare%20Dr.%20Sikiru%20Ayinde%20Barrister%20-%20Precaution%20(Canadian%20Fuji)&url=http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Search URL Search Domain Scan URL

URL: https://woovoree.net/4/5394184

Search URL Search Domain Scan URL

URL: https://intorterraon.com/4/3292443
Title: DOWNLOAD AD

Search URL Search Domain Scan URL

URL: https://www.highrevenuegate.com/dfd2htuqf?key=19d81f33740539fa2b60b45c5162abcd
Title: SERVER 1

Search URL Search Domain Scan URL

URL: https://scratchy-trick.com/b/3.Vm0gPe3/puvXblmJVXJyZdDs0R0/NDz/AxyTNWTnYKxlLVTOQ-3/M/DCIR1wN/jUIq
Title: Fast Download

Search URL Search Domain Scan URL

URL: http://www.histats.com/
Title: try {Histats.startgif(1,4425006,4,10049,""); Histats.track_hits();} catch(err){};

Search URL Search Domain Scan URL

URL: https://www.histats.com/viewstats/?SID=4425006&f=2

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://img.youtube.com/vi/x89nwo7c51Q/1.jpg HTTP 307
https://img.youtube.com/vi/x89nwo7c51Q/1.jpg

Request Chain 11

http://img.youtube.com/vi/x89nwo7c51Q/2.jpg HTTP 307
https://img.youtube.com/vi/x89nwo7c51Q/2.jpg

Request Chain 12

http://img.youtube.com/vi/x89nwo7c51Q/3.jpg HTTP 307
https://img.youtube.com/vi/x89nwo7c51Q/3.jpg

Request Chain 18

http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT HTTP 301
https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

Request Chain 20

http://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1 HTTP 307
https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 46

http://ytmp3.mobi/button-api/ HTTP 301
https://ytmp3.mobi/button-api/

77 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request getmp3 Show response
aa.metrolagu.ru/ 14 KB
5 KB 774ms
569ms Document
text/html 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 270d63c9276400832fa17bda73a119350f5b334b321c151ac690e40e7d75c73d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4945
Content-Type: text/html; charset=UTF-8
Date: Fri, 19 May 2023 06:42:30 GMT
Server: nginx
Vary: Accept-Encoding

GET
H/1.1 403
Forbidden 5fd92558fc736293b69ec9f4fcd37b71.js
pl19372992.highrevenuegate.com/5f/d9/25/ 0
0 2410ms
96ms Script
application/javascript 192.243.61.225
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pl19372992.highrevenuegate.com/5f/d9/25/5fd92558fc736293b69ec9f4fcd37b71.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:32 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK style.css
aa.metrolagu.ru/ 10 KB
3 KB 87ms
87ms Stylesheet
text/css 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to

Full URL: http://aa.metrolagu.ru/style.css
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4727a219fbf801136a0be838059b42088ea5223283cd881fc20396e59e7dddcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 08:40:16 GMT
Server: nginx
ETag: W/"632587f0-2724"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 117 KB
46 KB 46ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123365797-1

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b08f9983077fd4856659259476da1514b6cf9d1a3e122658f70167ffe99f3cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46554
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 06:42:30 GMT

GET
H/1.1 200
OK logo_small.png
aa.metrolagu.ru/ 1 KB
1 KB 87ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/logo_small.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: c860b591de8205341eb4c4ab65b938b1841932532756ad83f3f6b1f824ca752e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:40:06 GMT
Server: nginx
ETag: "627935d6-425"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1061
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK home.png
aa.metrolagu.ru/ 2 KB
2 KB 88ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/home.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 58b4d0c710b37c68f3af0579a9ad4ba30c0557ee85c55f47df9641963441097c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:39:40 GMT
Server: nginx
ETag: "627935bc-6ca"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1738
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK music-2-48.png
aa.metrolagu.ru/fd-content/ 1 KB
1 KB 87ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/fd-content/music-2-48.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8915ac224e07f09201f559da6f7e2b52b9c12cd33cfe84dbeee6c11438737272

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:34:08 GMT
Server: nginx
ETag: "62793470-427"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1063
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK videoico.png
aa.metrolagu.ru/img/ 288 B
593 B 87ms
86ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/img/videoico.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 31ccab4b11916fc768fe4dc99684c011e6b74282b16330b58c2738c5c9b516b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:35:22 GMT
Server: nginx
ETag: "627934ba-120"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 288
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK tv.png
aa.metrolagu.ru/img/ 2 KB
2 KB 87ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/img/tv.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: d13ca313fe3f3567eda3376d45362ebae8e6ed205b2e7f760476828cd3e82be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:35:18 GMT
Server: nginx
ETag: "627934b6-8a5"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2213
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK radio.png
aa.metrolagu.ru/img/ 567 B
872 B 87ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/img/radio.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fd1a24e5a43289b615899885ae10dde5dadd37dd15bcf232a9d4ad0409e62d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:35:12 GMT
Server: nginx
ETag: "627934b0-237"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 567
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jadwal.png
aa.metrolagu.ru/img/ 347 B
652 B 87ms
86ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/img/jadwal.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5efc4411ec40802cf7650ec6294f8b7d54f94acf17ccd0c768b47061f7057b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:30 GMT
Last-Modified: Mon, 09 May 2022 15:35:02 GMT
Server: nginx
ETag: "627934a6-15b"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

1.jpg
img.youtube.com/vi/x89nwo7c51Q/
Redirect Chain

http://img.youtube.com/vi/x89nwo7c51Q/1.jpg
https://img.youtube.com/vi/x89nwo7c51Q/1.jpg

3 KB
3 KB

96ms
46ms

Image
image/jpeg

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/x89nwo7c51Q/1.jpg

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25f08ebfd9d838af050e9950f26f82d51f4c17b300c69dba75a5bef8d49b50a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2923
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 08:42:31 GMT

Redirect headers

Location: https://img.youtube.com/vi/x89nwo7c51Q/1.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

2.jpg
img.youtube.com/vi/x89nwo7c51Q/
Redirect Chain

http://img.youtube.com/vi/x89nwo7c51Q/2.jpg
https://img.youtube.com/vi/x89nwo7c51Q/2.jpg

3 KB
3 KB

36ms
35ms

Image
image/jpeg

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/x89nwo7c51Q/2.jpg

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

430b7fd5e5204d4c962abe3bf5fafb510db542177e6a2bd9c89736f14b49a363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2979
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 08:42:31 GMT

Redirect headers

Location: https://img.youtube.com/vi/x89nwo7c51Q/2.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

3.jpg
img.youtube.com/vi/x89nwo7c51Q/
Redirect Chain

http://img.youtube.com/vi/x89nwo7c51Q/3.jpg
https://img.youtube.com/vi/x89nwo7c51Q/3.jpg

4 KB
4 KB

37ms
37ms

Image
image/jpeg

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/x89nwo7c51Q/3.jpg

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03c5e5db935e973c262851ba6cba237aed16d75bc83b31359ba63cd79fca93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3629
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 08:42:31 GMT

Redirect headers

Location: https://img.youtube.com/vi/x89nwo7c51Q/3.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK icon_facebook_share_01.png
aa.metrolagu.ru/fd-image/icon/ 2 KB
3 KB 87ms
87ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/fd-image/icon/icon_facebook_share_01.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 12f7a6712cf28de02e7ea58fe9bafeed67756a26aad8c9df4ba210e1deaee46c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:31 GMT
Last-Modified: Mon, 09 May 2022 15:34:18 GMT
Server: nginx
ETag: "6279347a-952"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2386
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK icon_twitter_tweet_01.png
aa.metrolagu.ru/fd-image/icon/ 2 KB
3 KB 95ms
90ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/fd-image/icon/icon_twitter_tweet_01.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: b7a6988f98d2ab553fdfa89ee7b437eb994c37caa28ea7e1b4e54a7b3d0d8a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:31 GMT
Last-Modified: Mon, 09 May 2022 15:34:20 GMT
Server: nginx
ETag: "6279347c-90e"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2318
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK icon_gplus_share_01.png
aa.metrolagu.ru/fd-image/icon/ 3 KB
3 KB 91ms
88ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/fd-image/icon/icon_gplus_share_01.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: cee8e9443d711cd3a6019b10ed544e452836e20daf6d66d07ab75776aa07583b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:31 GMT
Last-Modified: Mon, 09 May 2022 15:34:20 GMT
Server: nginx
ETag: "6279347c-ba4"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2980
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK dwnld.png
aa.metrolagu.ru/ 487 B
792 B 87ms
86ms Image
image/png 185.150.189.202
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aa.metrolagu.ru/dwnld.png
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 185.150.189.202 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c606c5418538be02d2e9e49df9a851517afbb349bd5b964afc5a005951a4f37

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:31 GMT
Last-Modified: Mon, 09 May 2022 15:39:20 GMT
Server: nginx
ETag: "627935a8-1e7"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2

200

yVMDzxQYtINKDbYVyFNATXIMzpNyQT Show response
scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/
Redirect Chain

http://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

2 B
497 B

71ms
36ms

Script
application/javascript

2a00:1178:1:4b::19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Server

2a00:1178:1:4b::19 , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: http://aa.metrolagu.ru
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 2
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Fri, 19 May 2023 06:42:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://scentedindication.com/bSX.VLs/drGrlG0UYxWlcC/Zeimy9Pu/Z/U_lUkkPpTFQO2_M/jEU/yVMDzxQYtINKDbYVyFNATXIMzpNyQT
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tag.min.js Show response
inklinkor.com/ 71 KB
25 KB 63ms
17ms Script
text/javascript 2606:4700:3030::ac43:d31d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://inklinkor.com/tag.min.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d31d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3babe7c6360c3a6f97c1f0490d228fb22d6cde9530499508ffe42780d921a4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4780
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-trace-id: 6960b178425ddd8d1db103a4916194a2
pragma: no-cache
last-modified: Tue, 16 May 2023 09:00:01 GMT
server: cloudflare
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpkh8Uj%2BVs518rpQqhc0zXMDx%2BuYfuL6fGQ7IDvnPtRNMegSsGpXIbalIeZMmdw0RCI%2BeTo4fYcZU07crIlItUobss%2BDyPDR6AVG1ZfkMoWzdZxm8xoTsAbFnKr999JmmUkUt%2FkqLWldfQfi"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray: 7c9a5c4a2fc6bb8f-FRA
expires: Sat, 20 May 2023 05:22:52 GMT

GET
H2

200

x89nwo7c51Q Show response
www.youtube.com/embed/ Frame D5DF
Redirect Chain

http://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

73 KB
31 KB

99ms
75ms

Document
text/html

2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2356ec50c146d1c36b7e84163ed6fda2f0ca6a790d853d9dfb25b1f1e69f164e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aa.metrolagu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 19 May 2023 06:42:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
Non-Authoritative-Reason: HSTS

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/ 0
0 203ms
98ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 19 May 2023 06:42:32 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pattern.png
1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/ 5 KB
5 KB 31ms
19ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://1.bp.blogspot.com/-vRO3Ys-KSHg/VcOhIASrnlI/AAAAAAAACh8/tI1ilmDJUmY/s1600/pattern.png

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f2a2544bfb1bcb837b9514a5d73e23e7ac1f0c8e9004914d7d34c884dbbbb0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:32 GMT
X-Content-Type-Options: nosniff
Server: fife
Age: 0
ETag: "va20"
Vary: Origin
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="pattern.png"
Timing-Allow-Origin: *
Content-Length: 5125
X-XSS-Protection: 0
Expires: Sat, 20 May 2023 06:42:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123365797-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 413
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=540739127&t=pageview&_s=1&dl=http%3A%2F%2Faa.metrolagu.ru%2Fgetmp3%3Fv%3Dx89nwo7c51Q&ul=en-us&de=UTF-8&dt=Aare%20Dr.%20Sikiru%20Ayinde%20Barrister%20-%20Precaution%20(Canadian%20Fuji)%20Download%20Music%20Mp3%20Convert%20-%20Music%20Video%20Tv%20Radio%20Zone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1266059333&gjid=1677936414&cid=2051646246.1684478553&tid=UA-123365797-1&_gid=1105417495.1684478553&_r=1&gtm=457e35h0&jsscut=1&z=939348831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aa.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
bedrapiona.com/5/5398850/ 3 KB
2 KB 70ms
19ms XHR
application/json 139.45.197.234
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bedrapiona.com/5/5398850/?oo=1&js_build=iclick-v1.541.0
Requested by: Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.234 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 99994f52378d35c2bb95823ec4bda8a1bb13b69077804472c8ff04cafdf8ddb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-trace-id: 01970c89debed5c944e536619488230a
pragma: no-cache, no-cache
date: Fri, 19 May 2023 06:42:32 GMT
content-encoding: gzip
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: http://aa.metrolagu.ru
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://xobr219pa.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 77ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-123365797-1&cid=2051646246.1684478553&jid=1266059333&gjid=1677936414&_gid=1105417495.1684478553&_u=YEBAAUAAAAAAACAAI~&z=207192902

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://aa.metrolagu.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/90a441fd/ Frame D5DF 405 KB
48 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 672
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48637
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 06:31:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D5DF 15 KB
16 KB 40ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:24:03 GMT
x-content-type-options: nosniff
age: 461909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:24:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D5DF 15 KB
15 KB 42ms
10ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 13 May 2023 22:41:31 GMT
x-content-type-options: nosniff
age: 460861
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 22:41:31 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/90a441fd/www-embed-player.vflset/ Frame D5DF 306 KB
92 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:32:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93933
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 06:32:08 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame D5DF 2 MB
740 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 20:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 757266
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 20:56:12 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/ Frame D5DF 9 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 05:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2604
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 18 May 2024 05:30:06 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
543 B 64ms
13ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=ebbc186a9cec460298404870e2f18d17

Requested by

Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

eea8c80e181ced0d8340ad329dc89bf1e70e6206fb0fd88ace6fab6f310ed011

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:32 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aa.metrolagu.ru
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
34ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-123365797-1&cid=2051646246.1684478553&jid=1266059333&_u=YEBAAUAAAAAAACAAI~&z=21207762

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 67ms
31ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-123365797-1&cid=2051646246.1684478553&jid=1266059333&_u=YEBAAUAAAAAAACAAI~&z=21207762

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/ 0
0 108ms
108ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 19 May 2023 06:42:32 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
dudialgator.com/ 2 KB
2 KB 44ms
17ms Fetch
application/json 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://dudialgator.com/?rb=t4bZrHHa8xP3xEr4JLBqZ7I7DfWs6NQdLMbxgwj-bcP1YOUG00xAKmpgMY5lLrpWDHC_sYfFEwB4N6g7PeCoBM8V3iLTag_LrSVxYlW9FL1IC9JjPAguWzRykYSz5Q86viQyiXIiKicicGFoPZOd3_VXHJUPlW4ktc6Axs41Ma-i-5JN4JU3oExLBy_s60Lwa-zUwd1A0QfcwxKKrZoa9Jg3_1ljVrxkPzgb0JW3oPR9058n5LXU8MJeWi1TRf5M6jRunmVq-fXMjg6NmX649A%3D%3D&request_ab2=0&zoneid=5398850&js_build=iclick-v1.541.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=http%3A%2F%2Faa.metrolagu.ru%2Fgetmp3%3Fv%3Dx89nwo7c51Q&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.541.0&bs=3f7f6bf1-d680-44f7-b6a0-6ececdde63ab&userId=ebbc186a9cec460298404870e2f18d17&m=link

Requested by

Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js

Protocol

HTTP/1.1

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

aaebac4c7d198bd7853c288ab8acbc9276ee1d54ce5e1d396bfe4d7334bd6ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:32 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: a82c377aebfc97e34063735530643668
Pragma: no-cache
Server: nginx
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: http://aa.metrolagu.ru
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D5DF
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

16ms
16ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c359610777edda3409544caf7cacaecbfcc999ec4ab09bd8531b76b547dff73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 19 May 2023 06:42:32 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D5DF 29 B
495 B 47ms
14ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:39:24 GMT
x-content-type-options: nosniff
age: 188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 May 2023 06:54:24 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 44ms
15ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 19 May 2023 06:42:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D5DF 68 KB
31 KB 25ms
24ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ade2512d64855c6eb277d48b1b85e56b104c8ff68072b8ee0dfe241316ad36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31725
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame D5DF 116 KB
33 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 15 May 2023 22:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 287577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33608
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 May 2024 22:49:36 GMT

GET
H2 200 fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js Show response
www.google.com/js/th/ Frame D5DF 37 KB
15 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/fcStgh4smOfAMc9IDeSBs19kD1Z1p72kXSRQ46_CmJQ.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 14 May 2023 01:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 452537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14683
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 May 2024 01:00:16 GMT

GET
H2 200 sddefault.jpg
i.ytimg.com/vi/x89nwo7c51Q/ Frame D5DF 25 KB
25 KB 50ms
25ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/x89nwo7c51Q/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-BIAC4AOKAgwIABABGH8gPigTMA8=&rs=AOn4CLCJQUca1Ioi6cxS4XG15u7ODjxa8Q

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5727e947a6956063f9072c601dfd97735608fd445e5687ea5383dc4a2c927e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25254
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 19 May 2023 08:42:33 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/ Frame D5DF 29 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 22:52:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
x-xss-protection: 0
last-modified: Mon, 15 May 2023 00:16:27 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 May 2024 22:52:16 GMT

GET
H2

200

/ Show response
ytmp3.mobi/button-api/ Frame 479B
Redirect Chain

http://ytmp3.mobi/button-api/
https://ytmp3.mobi/button-api/

2 KB
1 KB

148ms
121ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/button-api/

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e93834d6189d910a157f2c65b1d80d7c8b44f27d1c635133fb289b9a10c42f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aa.metrolagu.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7c9a5c4d184e9100-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 19 May 2023 06:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7jh9OPz5YjOX%2FyJyWuF8%2FLvyOTRfRWgU10bIJk%2B08A1BJxGd5%2BSO7cyfPjVQvW%2FWcHgei3a9eqoN504BYvF%2F8tbGNLuxhEpKjIhOnIL8yflw0Qq2RfaK%2BvOqJW0YPMsMsMf87Twp62D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT from Backend
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7c9a5c4cdf532bdd-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 19 May 2023 06:42:33 GMT
Expires: Fri, 19 May 2023 07:42:33 GMT
Location: https://ytmp3.mobi/button-api/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yjeRvcezBqQ8miaG9zQciUBE6LGU6ioY1p2S1tCkXkBd%2FeiL%2BsBxxA7Yq3B%2B7KpobSgoemQ8V%2BRbFbqViEGOWXi1HKyIFtmZR12axyDuBKt4hC3s2oQWSRTUBz6dis2SOnguldbGHWVn"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 403
Forbidden invoke.js
www.profitabledisplaynetwork.com/ffcb7f6854aa467ff8196a5110b1fe08/ 0
0 98ms
97ms Script
application/javascript 173.233.137.60
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: http://www.profitabledisplaynetwork.com/ffcb7f6854aa467ff8196a5110b1fe08/invoke.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 173.233.137.60 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 19 May 2023 06:42:33 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame D5DF 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AGIKgqNDs49gWGkV0wKN0QSnb3K81Qj2xaPHoXsj1i2l=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame D5DF 3 KB
3 KB 38ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AGIKgqNDs49gWGkV0wKN0QSnb3K81Qj2xaPHoXsj1i2l=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4d7145e7bc8886f5665b289dca67322ef5ce84a058b7d25678bba13795f853af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 03:15:05 GMT
x-content-type-options: nosniff
age: 12448
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2586
x-xss-protection: 0
server: fife
etag: "v5"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 May 2023 03:15:05 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 19 May 2023 06:42:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D5DF 90 B
134 B 22ms
21ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4da4fbd07982c1b7ed939cab3bc5fb1e3bee522f39153aa6a22f13ceaf68526a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D5DF 4 KB
2 KB 50ms
24ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 19 May 2023 06:42:33 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D5DF 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?OupRqQ
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK js15_gif.js Show response
s10.histats.com/ 11 KB
5 KB 57ms
20ms Script
text/javascript 2606:4700:10::6816:4fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_gif.js
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Server: 2606:4700:10::6816:4fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a839b2f2ad6018fa651b97d44da7fa3f1b9f8b006965ae6fda6d38fe7d24778

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 19 May 2023 06:42:33 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Thu, 16 Apr 2020 10:44:17 GMT
Server: cloudflare
Age: 4879
ETag: "1458891563"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7c9a5c4dee562c4d-FRA
Content-Length: 4422

GET
H2 200 button_api.css
ytmp3.mobi/css/ Frame 479B 761 B
705 B 17ms
16ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/css/button_api.css?1654948198

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/button-api/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3b8c8740462fa5e9bde71eaa607d2a9486c301dca9cd8f71764d77c384ed759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/button-api/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2463190
content-encoding: br
x-cache: HIT from Backend
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 15:06:33 GMT
server: cloudflare
etag: W/"5f26d679-2f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl8vbJ9G%2BwuDwwUy8xvH6rwD5X3wk7ocx3oNIN8daZ0BOWIarLyTx0mrOqUYjR2ZXOOEM%2FG%2BAg%2BLIBRoMyZsqEdOry8b7zTq8R%2Fhu22kP1ffSJRE%2BF4ygBiIL2sGulpmtC4s78t1nKmW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7c9a5c4de8f99100-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ Frame 479B 52 KB
12 KB 49ms
26ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: ytmp3.mobi
URL: https://ytmp3.mobi/button-api/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://ytmp3.mobi/
Origin: https://ytmp3.mobi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5DJHTYY6Z2ZN7C0C
age: 1505177
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: h/0RCsmgkuiVZcwVDO0zQAQ52epd/5KW1a9Py6WPbdwXr+LmWhX8XY/pxIgE/uZR8Qrrp7mEsr0=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66lQAPeP0R1b2sVDmR7bM8qCgm0uTK6DiuvkDZX68xNWsw2C6S58QlXZK9%2FcDdcKh7ZAzFXbVyf7UnIciqpbrfVUzMN16d4mzgEK9xjYluKcDHb5uPYvS6EPs6ZJuMEfH3jm3SKpZaNlX1A6CwTWqZCY"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7c9a5c4e0c3e9152-FRA

GET
H2 200 jquery-3.4.1.min.js Show response
ytmp3.mobi/js/ Frame 479B 86 KB
31 KB 18ms
18ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/js/jquery-3.4.1.min.js

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/button-api/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/button-api/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2467496
content-encoding: br
x-cache: HIT from Backend
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 15:07:12 GMT
server: cloudflare
etag: W/"5f26d6a0-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y62eDSMyneF5Kf8qHBu3tFA2rwsHYrqGWKMF6s7fzSiBYhgXuQgcxhUqJRPol0yJvia8ZJdGHmSLkb24dzxPf15M%2FX3LmuRTRm%2FHC8Rh3TYKyQT4ziSHahU2oN7nLpJf92bMHpJZnx8J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7c9a5c4de8fb9100-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 button_api.js Show response
ytmp3.mobi/js/ Frame 479B 5 KB
2 KB 21ms
20ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/js/button_api.js?a=CErVrAi1LfRyoSDlrlSEIrySvt0&_=1654948198

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/button-api/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a0d438122e9de0bf1798b272fb54c1c34cf6630ca7a23d9f247f67c44e4342

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/button-api/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2467708
content-encoding: br
x-cache: HIT from Backend
x-xss-protection: 1; mode=block
last-modified: Sat, 11 Jun 2022 11:49:48 GMT
server: cloudflare
etag: W/"62a4815c-1205"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P4BB07IHInKnGhefS6NYIfMK7nAXZHgNxzQzDrbIfOz1BmfhTwWeztu6q5oD3Tt0lGuBeA0Hi7HBAbi89AgT%2Fn%2Fy6%2BcXJr2QEYxqvitSAq86Ny1YdiTHgrKNEV%2BBgL4I2TpbANsaum8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 7c9a5c4de8ff9100-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 479B 117 KB
46 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107189433-1

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/button-api/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40093f88b1518d41912fbc17027d3ca0dc78ff0037c5800df5ef01e03564fec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46554
x-xss-protection: 0
last-modified: Fri, 19 May 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 May 2023 06:42:33 GMT

GET
H/1.1 200
OK 4425006.gif
s4i.histats.com/stats/i/ 2 KB
2 KB 319ms
98ms Image
image/png 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4i.histats.com/stats/i/4425006.gif?4425006&@f16&@g1&@h1&@i1&@j1684478553283&@k0&@l1&@mAare%20Dr.%20Sikiru%20Ayinde%20Barrister%20-%20Precaution%20(Canadian%20Fuji)%20Download%20Music%20Mp3%20Convert%20-%20Music%20Video%20Tv%20Radio%20Zone&@n0&@o1000&@q0&@r0&@s10049&@ten-US&@u1600&@b1:-23120091&@b3:1684478553&@b4:js15_gif.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Faa.metrolagu.ru%2Fgetmp3%3Fv%3Dx89nwo7c51Q&@w
Requested by: Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: a439072383d99eb32e3c7f6d3005428d0bde7d121ca84e85b60b8b0d4e1f9eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Fri, 19 May 2023 06:42:33 GMT
Connection: close
ETag: 148893036
Content-Length: 1726
Content-Type: image/png

GET
H2 200 5398930 Show response
gloaphoo.net/401/ 82 KB
32 KB 72ms
29ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloaphoo.net/401/5398930

Requested by

Host: aa.metrolagu.ru
URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ed5a9e69f4d18dacd067d66ec974f906e9eb172abfe61dac3d087b72d93f5520

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-trace-id: 111b68411b5d23f36a4a5182ac102822
pragma: no-cache
date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ Frame 479B 77 KB
78 KB 16ms
15ms Font
font/woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://ytmp3.mobi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MSEPKQKY8SAF05WT
age: 439092
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: 4s8rkg0pY5blPr+JWIA6YvULHOgfUkjg6RygpjB8O38CHk9hZTFerHFiIEl5wfcVyRvtD8rt8tI=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBQZWFExBkEmFXpdP%2FlsL2kttr%2FDzbkl45KpSyvqCm5%2FlHwjteo6LG1DNpTM1YwDroFGaPD9PSyekQqwW6CRz0TTFYZF4MV9Oaq%2BbJFp2vc6E%2BOFOdt1BKD8Yz3BUg5lq%2Fg4DgS4mkHtL6AQWXejbStY"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7c9a5c4e5c859152-FRA

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 479B 51 KB
20 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107189433-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 19 May 2023 06:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 414
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Fri, 19 May 2023 08:35:39 GMT

GET
H2 200 p.php Show response
ytmp3.mobi/ Frame 479B 49 B
351 B 84ms
84ms XHR
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ytmp3.mobi/p.php?callback=jQuery34103328148499477501_1684478553327&c=1&_=1684478553328
Requested by: Host: ytmp3.mobi
URL: https://ytmp3.mobi/js/jquery-3.4.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c639bdfdbadec8ae738864b516524ded2d93d4be5d3534a2d4c6fd1d62a38a70

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://ytmp3.mobi/button-api/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtlKgsP30AM2%2FovDr%2FsCxPH2iUneKE0RmqC%2BQKZ2AzaN9fo4dPCLEUCZTdOxq814lBzWmCjrGLkEMpUm78Ps3EG9Kpv3Waf3PqV8%2Bzpie7XGSPdvb93PhAzH2pOwM0G5wF4QX%2FIVbqi2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7c9a5c4e89999100-FRA

GET
H2 200 font-awesome.min.css
ytmp3.mobi/css/font-awesome-4.7.0/css/ Frame 479B 30 KB
7 KB 19ms
19ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/css/font-awesome-4.7.0/css/font-awesome.min.css

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/js/jquery-3.4.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytmp3.mobi/button-api/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466905
content-encoding: br
x-cache: HIT from Backend
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 15:08:39 GMT
server: cloudflare
etag: W/"5f26d6f7-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuhnHM7KNwAPrsOFlBB5Vc2njgG0lY%2BYcRxgSQ47TzcqWcdolL6sN6AdihnNUqI0QPLLe4H7R3mc4NTfGBw%2BpzbuLWfLhxxy9xFzy%2BJ18QKOEZ5wJT%2BeYCIw%2FhegwXeCcXAQr1HpfuU%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 7c9a5c4e89959100-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stattag.js Show response
tzegilo.com/ 17 KB
7 KB 67ms
26ms Script
application/javascript 2606:4700:3037::6815:bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tzegilo.com/stattag.js
Requested by: Host: gloaphoo.net
URL: https://gloaphoo.net/401/5398930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba5a4122da220f44e8301c1f601b449ddbfcfbd3afa0b00bbfbe264fbf62d06c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 09:50:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4622
etag: W/"6405b74c-4417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTUqu%2Fhz%2B2ghPx00%2FJGkbEmeQ0Yyl%2FLWRgeN3fZWsSkuMnFPLIsWqBiIczjoqV2uktyr9H4FH1XUb7vqA1oZJIgn6U5J6ooABEis0GklhrHGHNx4ePaad2JelgtnrRED4UGK%2FPBgNLbJ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7c9a5c4f1d6d9be8-FRA
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fontawesome-webfont.woff2
ytmp3.mobi/css/font-awesome-4.7.0/fonts/ Frame 479B 75 KB
76 KB 17ms
16ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ytmp3.mobi/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: ytmp3.mobi
URL: https://ytmp3.mobi/css/font-awesome-4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ytmp3.mobi/css/font-awesome-4.7.0/css/font-awesome.min.css
Origin: https://ytmp3.mobi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6163
x-cache: HIT from Backend
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Sun, 02 Aug 2020 15:08:59 GMT
server: cloudflare
etag: "12d68-5abe666d00548"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTUqbdjoAbFfQLX91YV%2BO4mv1MzGsZarqYn2OLWkvv9bAOA7GVFfEhwe8N%2FhkSITpwYMi1IoiZEFj%2FZ2X%2FpiyKgayXTKAOTNiuh3mXDEnoxNCw7tfPqcOA39rsxss35I9fBQa3IQCEKk"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7c9a5c4ed9e39100-FRA

POST
H/1.1 200
OK add Show response
fleraprt.com/log/ 12 B
484 B 65ms
14ms XHR
application/json 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
Requested by: Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.19.10 /
Resource Hash: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 19 May 2023 06:42:44 GMT
Server: nginx/1.19.10
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://aa.metrolagu.ru
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length: 12

GET
H2 200 5398930 Show response
gloaphoo.net/500/ 2 KB
2 KB 21ms
21ms XHR
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gloaphoo.net/500/5398930?excludes=&oaid=ebbc186a9cec460298404870e2f18d17&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=http%3A%2F%2Faa.metrolagu.ru%2Fgetmp3%3Fv%3Dx89nwo7c51Q&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: gloaphoo.net
URL: https://gloaphoo.net/401/5398930

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

8b13539f37b6d3b9c5645e50942f5644045ba202fa9c885e8ecde1391e749035

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://aa.metrolagu.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 3208d47c65677e4ceafef3c48e9d6cd9
pragma: no-cache
date: Fri, 19 May 2023 06:42:33 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://aa.metrolagu.ru
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 11 Jan 1994 10:00:00 GMT

OPTIONS
H2 200 5398930
gloaphoo.net/500/ Frame 0
0 45ms
15ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://aa.metrolagu.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://aa.metrolagu.ru
access-control-max-age: 600
allow: GET, OPTIONS
content-length: 0
date: Fri, 19 May 2023 06:42:33 GMT
server: nginx
strict-transport-security: max-age=1
timing-allow-origin: *
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 2 KB
3 KB 63ms
19ms Image
image/png 139.45.197.152
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.152 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://aa.metrolagu.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 06:42:33 GMT
last-modified: Thu, 01 Jul 2021 09:13:54 GMT
server: nginx
etag: "60dd8752-86d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length: 2157

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D5DF 28 B
54 B 22ms
22ms XHR
application/json 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/90a441fd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-Goog-Request-Time: 1684478555225
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/x89nwo7c51Q?modestbranding=1
X-YouTube-Client-Version: 1.20230514.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtOQVQ1bWR1RDBBayjYtJyjBg%3D%3D
X-YouTube-Ad-Signals: dt=1684478552797&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1507%2C150&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 19 May 2023 06:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 19 May 2023 06:42:35 GMT

GET aV-c1I5lFp_KyScaemaBHpYff6PA3cXHSK4b51O95s_PabpXYBZ3r2QCK-aPOua5ExQoXHrLnqW_VO9nA4Pb-Ep5eHMZ--V104uhNKm1KVAV1p1fBjWP3WOf7f4D1jlEJrulvw5PeKcPNAL9P0eXEEev9QpGI2hb9dht6wgyRlOT03EAIozdQ0d-Q5HrTAxa5ruS7...
gloaphoo.net/impression/ 0
0

GET css2
fonts.googleapis.com/ Frame 66C2 0
0

GET 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ 0
0

GET 01602088365889.png
static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/ Frame 66C2 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: gloaphoo.net
URL: https://gloaphoo.net/impression/aV-c1I5lFp_KyScaemaBHpYff6PA3cXHSK4b51O95s_PabpXYBZ3r2QCK-aPOua5ExQoXHrLnqW_VO9nA4Pb-Ep5eHMZ--V104uhNKm1KVAV1p1fBjWP3WOf7f4D1jlEJrulvw5PeKcPNAL9P0eXEEev9QpGI2hb9dht6wgyRlOT03EAIozdQ0d-Q5HrTAxa5ruS7fag93nNHv71_LTc--OFJ87SSM36kGSw3-OCssIWdFSMKptzP4Lz3UeNOh_sAlzgvgYa7SJhvWYdH0HQ1ELlBBaf36aVnU6xzNq6l07C0rLSAbWvbWUjypNLqpDReTaC4DF2Fzankm2o-b1uLqUt5NsTscDngXU1bSc_kXqDfZ7VzlqrF-9X7FkGWzIrvBZfsk5UgK-u3BkEKnz33wuWYd6bLJe5uxY7NdiCDgnnEJGW3z8gyBFrZ3KVDyQqsOa2f8i8TIOb2XipZWB3NkhECPKb45hkWHTPNeMprWPkv9D2GWC5ZvYzgI0uU9mcmLWmu43Zoytvv6gasEhqNhEatZhRBpGgarOk1CpKbLa1pSE8YPfrcvtca6eEkDKRxpcKqJzJR6AgEnvYqCvuGKH0zsPucWBa_v9duPHbDZlH0ctNZlzSFL2rg5ptIbBVOiz0HM36Kuhn9hMVvyDoszcVNZQjTJ9SpphPScD448qk7hYOViTYFXkgPrdNtH0jwa0PzvS7YxhBeFt9?_z=5398930&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=http%3A%2F%2Faa.metrolagu.ru%2Fgetmp3%3Fv%3Dx89nwo7c51Q&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

Domain: static.cdnativepush.com
URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png

Domain: static.cdnativepush.com
URL: https://static.cdnativepush.com/contents/s/1b/e9/ef/c45191508dd0ffe9619d8e8d61/01602088365889.png

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.metrolagu.ru/	1970-01-20 21:30:38	Name: _ga Value: GA1.2.2051646246.1684478553
.metrolagu.ru/	1970-01-20 11:56:04	Name: _gid Value: GA1.2.1105417495.1684478553
.metrolagu.ru/	1970-01-20 11:54:38	Name: _gat_gtag_UA_123365797_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: M9qyPyw__lE
.youtube.com/	1970-01-20 16:13:50	Name: VISITOR_INFO1_LIVE Value: NAT5mduD0Ak
bedrapiona.com/	1970-01-20 20:40:14	Name: OAID Value: ebbc186a9cec460298404870e2f18d17
bedrapiona.com/	1970-01-20 20:40:14	Name: oaidts Value: 1684478552
my.rtmark.net/	1970-01-20 20:40:14	Name: ID Value: ebbc186a9cec460298404870e2f18d17
aa.metrolagu.ru/	1970-01-20 11:54:38	Name: prefetchAd_5398850 Value: true
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstCfa4425006 Value: 1684478553283
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstCla4425006 Value: 1684478553283
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstCmu4425006 Value: 1684478553283
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstPn4425006 Value: 1
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstPt4425006 Value: 1
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstCnv4425006 Value: 1
aa.metrolagu.ru/	1970-01-20 20:40:14	Name: HstCns4425006 Value: 1
gloaphoo.net/	1970-01-20 20:40:14	Name: OAID Value: ebbc186a9cec460298404870e2f18d17

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://pl19372992.highrevenuegate.com/5f/d9/25/5fd92558fc736293b69ec9f4fcd37b71.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 117) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 117) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
network	error	URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 130) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 130) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.profitabledisplaynetwork.com/960e0e86dee16f1c7f3e1067e074611b/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 156) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/ffcb7f6854aa467ff8196a5110b1fe08/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 156) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.profitabledisplaynetwork.com/ffcb7f6854aa467ff8196a5110b1fe08/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://www.profitabledisplaynetwork.com/ffcb7f6854aa467ff8196a5110b1fe08/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 177) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15_gif.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://aa.metrolagu.ru/getmp3?v=x89nwo7c51Q(Line 177) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s10.histats.com/js15_gif.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tzegilo.com/stattag.js Message: getGamepad will now require Secure Context. Please update your application accordingly. For more information see https://github.com/w3c/gamepad/pull/120

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
aa.metrolagu.ru
bedrapiona.com
certify-js.alexametrics.com
dudialgator.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
gloaphoo.net
googleads.g.doubleclick.net
i.ytimg.com
img.youtube.com
inklinkor.com
jnn-pa.googleapis.com
my.rtmark.net
pl19372992.highrevenuegate.com
s10.histats.com
s4i.histats.com
scentedindication.com
static.cdnativepush.com
static.doubleclick.net
stats.g.doubleclick.net
tzegilo.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.profitabledisplaynetwork.com
www.youtube.com
yt3.ggpht.com
ytmp3.mobi
certify-js.alexametrics.com
fonts.googleapis.com
gloaphoo.net
static.cdnativepush.com
139.45.195.254
139.45.195.8
139.45.197.152
139.45.197.234
139.45.197.237
139.45.197.239
149.56.240.127
173.233.137.60
185.150.189.202
192.243.61.225
2606:4700:10::6816:4fe
2606:4700:3030::ac43:d31d
2606:4700:3037::6815:bf
2606:4700:e2::ac40:850f
2a00:1178:1:4b::19
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::2006
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2016
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9b
2a06:98c1:3120::3
2a06:98c1:3121::3
002cead02c391d10051d6534d57766dec9d645e09a6b59f34926b6080c9adb83
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0c359610777edda3409544caf7cacaecbfcc999ec4ab09bd8531b76b547dff73
0f2a2544bfb1bcb837b9514a5d73e23e7ac1f0c8e9004914d7d34c884dbbbb0b
0fcee9385106427a0947b47dcdc6638d1a25b63f2d3c7d132c348e66dccb4b0d
12f7a6712cf28de02e7ea58fe9bafeed67756a26aad8c9df4ba210e1deaee46c
1a67d91294fefed7bff63e213bee679dcf1cf7a06113378ff9057d95d650ec54
1fd1a24e5a43289b615899885ae10dde5dadd37dd15bcf232a9d4ad0409e62d1
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
2356ec50c146d1c36b7e84163ed6fda2f0ca6a790d853d9dfb25b1f1e69f164e
25f08ebfd9d838af050e9950f26f82d51f4c17b300c69dba75a5bef8d49b50a8
270d63c9276400832fa17bda73a119350f5b334b321c151ac690e40e7d75c73d
2ade2512d64855c6eb277d48b1b85e56b104c8ff68072b8ee0dfe241316ad36a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
31ccab4b11916fc768fe4dc99684c011e6b74282b16330b58c2738c5c9b516b0
3babe7c6360c3a6f97c1f0490d228fb22d6cde9530499508ffe42780d921a4e6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40093f88b1518d41912fbc17027d3ca0dc78ff0037c5800df5ef01e03564fec9
40488823bd3cf755729a7b5fc0f195e6ea5fb0556a6cc79d22b431e9d2328e91
4271487e1c6e4fe65588fe855f58dbd4005b5d1c60620487e28f009a20d69b72
430b7fd5e5204d4c962abe3bf5fafb510db542177e6a2bd9c89736f14b49a363
4727a219fbf801136a0be838059b42088ea5223283cd881fc20396e59e7dddcf
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4d7145e7bc8886f5665b289dca67322ef5ce84a058b7d25678bba13795f853af
4da4fbd07982c1b7ed939cab3bc5fb1e3bee522f39153aa6a22f13ceaf68526a
5727e947a6956063f9072c601dfd97735608fd445e5687ea5383dc4a2c927e50
58b4d0c710b37c68f3af0579a9ad4ba30c0557ee85c55f47df9641963441097c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5efc4411ec40802cf7650ec6294f8b7d54f94acf17ccd0c768b47061f7057b12
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6c606c5418538be02d2e9e49df9a851517afbb349bd5b964afc5a005951a4f37
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dc4ad821e2c98e7c031cf480de481b35f640f5675a7bda45d2450e3afc29894
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8915ac224e07f09201f559da6f7e2b52b9c12cd33cfe84dbeee6c11438737272
8b13539f37b6d3b9c5645e50942f5644045ba202fa9c885e8ecde1391e749035
99994f52378d35c2bb95823ec4bda8a1bb13b69077804472c8ff04cafdf8ddb7
9a839b2f2ad6018fa651b97d44da7fa3f1b9f8b006965ae6fda6d38fe7d24778
a439072383d99eb32e3c7f6d3005428d0bde7d121ca84e85b60b8b0d4e1f9eb1
aaebac4c7d198bd7853c288ab8acbc9276ee1d54ce5e1d396bfe4d7334bd6ab6
b08f9983077fd4856659259476da1514b6cf9d1a3e122658f70167ffe99f3cee
b0cd7af0b912b1a17ecfb9284d55058a59e621500acb94e2d4a5bbfd5eb6d022
b3b8c8740462fa5e9bde71eaa607d2a9486c301dca9cd8f71764d77c384ed759
b7a6988f98d2ab553fdfa89ee7b437eb994c37caa28ea7e1b4e54a7b3d0d8a6c
ba5a4122da220f44e8301c1f601b449ddbfcfbd3afa0b00bbfbe264fbf62d06c
c03c5e5db935e973c262851ba6cba237aed16d75bc83b31359ba63cd79fca93e
c0a0d438122e9de0bf1798b272fb54c1c34cf6630ca7a23d9f247f67c44e4342
c639bdfdbadec8ae738864b516524ded2d93d4be5d3534a2d4c6fd1d62a38a70
c860b591de8205341eb4c4ab65b938b1841932532756ad83f3f6b1f824ca752e
cee8e9443d711cd3a6019b10ed544e452836e20daf6d66d07ab75776aa07583b
d13ca313fe3f3567eda3376d45362ebae8e6ed205b2e7f760476828cd3e82be1
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e93834d6189d910a157f2c65b1d80d7c8b44f27d1c635133fb289b9a10c42f7f
ed5a9e69f4d18dacd067d66ec974f906e9eb172abfe61dac3d087b72d93f5520
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eea8c80e181ced0d8340ad329dc89bf1e70e6206fb0fd88ace6fab6f310ed011
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

aa.metrolagu.ru Open in urlscan Pro 185.150.189.202 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

61 %HTTPS

68 %IPv6

27 Domains

33 Subdomains

31 IPs

6 Countries

1527 kBTransfer

4339 kBSize

17 Cookies

11 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

aa.metrolagu.ru Open in urlscan Pro
185.150.189.202 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

61 %
HTTPS

68 %
IPv6

27
Domains

33
Subdomains

31
IPs

6
Countries

1527 kB
Transfer

4339 kB
Size

17
Cookies

77 HTTP transactions
1 data transactions