urlscan.io logo urlscan.io
SecurityTrails logo

screenov.eu Open in urlscan Pro
185.81.129.90  Public Scan

Go To Rescan Add Verdict Report
URL: https://screenov.eu/img_full/img.html
Submission: On February 11 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 23 domains to perform 73 HTTP transactions. The main IP is 185.81.129.90, located in Latvia and belongs to NANO-AS, LV. The main domain is screenov.eu.
TLS certificate: Issued by R3 on January 15th 2022. Valid for: 3 months.
This is the only time screenov.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    185.81.129.90 (Latvia)

ASN43513 (NANO-AS, LV)
PTR: domaha.tv
screenov.eu
23    95.211.222.167 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
taz.mfcewkrob.com
bbckdl.mfcewkrob.com
2    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
6    45.133.44.25 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
a937a51544.85e954452d.com
js.wpadmngr.com
9873bb2aa8.85e954452d.com
js.cabnnr.com
1    88.198.204.166 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-204-166.clients.your-server.de
notification.tubecup.net
2    168.119.25.22 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de
nereserv.com
ntvpinp.com
1    2a01:4f8:e0:19cb::1 (Germany)

ASN24940 (HETZNER-AS, DE)
ntvpforever.com
1    88.198.209.15 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-209-15.clients.your-server.de
static.bookmsg.com
2    2a01:4f8:c0:33d8::1 (Germany)

ASN24940 (HETZNER-AS, DE)
rtbbnr.com
1    2a02:128:7:4722::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
tcimp.zog.link
1    2a02:128:7:5241::2 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
tb.baimgfroggd.site
3    2606:4700:3032::6815:131d (United States)

ASN13335 (CLOUDFLARENET, US)
stream.bantgoau.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
1    2a02:128:7:4777::1 (None, )

ASN- ()
vs.bantgoau.com
2    2a00:1450:4001:80f::2004 (None, )

ASN- ()
www.google.com
13    2a00:1450:4001:80e::200e (None, )

ASN- ()
www.youtube.com
1    2a00:1450:4001:810::2003 (None, )

ASN- ()
fonts.gstatic.com
2    2a00:1450:4001:828::2002 (None, )

ASN- ()
googleads.g.doubleclick.net
1    2a00:1450:4001:812::2006 (None, )

ASN- ()
static.doubleclick.net
1    2a00:1450:4001:831::2001 (None, )

ASN- ()
yt3.ggpht.com
1    2a00:1450:4001:811::2003 (None, )

ASN- ()
www.gstatic.com
2    2a00:1450:4001:1d::9 (None, )

ASN- ()
rr4---sn-4g5lznle.googlevideo.com
1    2a00:1450:4001:803::2016 (None, )

ASN- ()
i.ytimg.com
Apex Domain
Subdomains		 Transfer
23 mfcewkrob.com
taz.mfcewkrob.com — Cisco Umbrella Rank: 931648
bbckdl.mfcewkrob.com — Cisco Umbrella Rank: 766427
510 KB
13 youtube.com
www.youtube.com
791 KB
8 screenov.eu
screenov.eu
154 KB
4 bantgoau.com
stream.bantgoau.com — Cisco Umbrella Rank: 53809
vs.bantgoau.com
676 KB
4 85e954452d.com
a937a51544.85e954452d.com
9873bb2aa8.85e954452d.com
63 KB
3 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
1 KB
2 googlevideo.com
rr4---sn-4g5lznle.googlevideo.com
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
18 KB
2 google.com
www.google.com
14 KB
2 rtbbnr.com
rtbbnr.com — Cisco Umbrella Rank: 35918
2 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 8633
1 KB
1 ytimg.com
i.ytimg.com
24 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 46
39 KB
1 baimgfroggd.site
tb.baimgfroggd.site — Cisco Umbrella Rank: 43300
688 B
1 zog.link
tcimp.zog.link — Cisco Umbrella Rank: 46844
320 B
1 bookmsg.com
static.bookmsg.com — Cisco Umbrella Rank: 63825
482 B
1 ntvpforever.com
ntvpforever.com — Cisco Umbrella Rank: 50878
272 B
1 ntvpinp.com
ntvpinp.com — Cisco Umbrella Rank: 49681
3 KB
1 nereserv.com
nereserv.com — Cisco Umbrella Rank: 49981
193 B
1 cabnnr.com
js.cabnnr.com — Cisco Umbrella Rank: 41899
10 KB
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 10192
190 B
1 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 29894
238 B
73 23
Domain Requested by
21 bbckdl.mfcewkrob.com screenov.eu
bbckdl.mfcewkrob.com
13 www.youtube.com www.google.com
www.youtube.com
8 screenov.eu screenov.eu
3 stream.bantgoau.com js.cabnnr.com
stream.bantgoau.com
3 a937a51544.85e954452d.com screenov.eu
a937a51544.85e954452d.com
2 rr4---sn-4g5lznle.googlevideo.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 www.google.com stream.bantgoau.com
www.youtube.com
2 rtbbnr.com 2 redirects
2 counter.yadro.ru 1 redirects screenov.eu
2 taz.mfcewkrob.com screenov.eu
taz.mfcewkrob.com
1 i.ytimg.com
1 www.gstatic.com www.youtube.com
www.gstatic.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 vs.bantgoau.com stream.bantgoau.com
1 lh3.googleusercontent.com stream.bantgoau.com
1 tb.baimgfroggd.site 1 redirects
1 tcimp.zog.link 1 redirects
1 static.bookmsg.com
1 ntvpforever.com 1 redirects
1 ntvpinp.com a937a51544.85e954452d.com
1 nereserv.com a937a51544.85e954452d.com
1 js.cabnnr.com a937a51544.85e954452d.com
1 9873bb2aa8.85e954452d.com a937a51544.85e954452d.com
1 notification.tubecup.net a937a51544.85e954452d.com
1 js.wpadmngr.com a937a51544.85e954452d.com
73 28
Subject Issuer Validity Valid
screenov.eu
R3		 2022-01-15 -
2022-04-15		 3 months crt.sh
taz.mfcewkrob.com
R3		 2022-01-14 -
2022-04-14		 3 months crt.sh
bbckdl.mfcewkrob.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
a937a51544.85e954452d.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
js.wpadmngr.com
R3		 2022-01-16 -
2022-04-16		 3 months crt.sh
notification.tubecup.net
R3		 2022-01-28 -
2022-04-28		 3 months crt.sh
9873bb2aa8.85e954452d.com
R3		 2022-01-19 -
2022-04-19		 3 months crt.sh
js.cabnnr.com
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-16 -
2022-12-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
vs.bantgoau.com
R3		 2021-12-16 -
2022-03-16		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-02-01 -
2022-04-12		 2 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://screenov.eu/img_full/img.html
Frame ID: FA5D4535744D61091BDABEEAABDD7A16
Requests: 41 HTTP requests in this frame

Frame: data://truncated
Frame ID: 9C0C7C1A14DCBCEC1D21A82265A497D0
Requests: 19 HTTP requests in this frame

Frame: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
Frame ID: C4B18F5474ECFBF1287308143BF5EC3B
Requests: 4 HTTP requests in this frame

Frame: https://stream.bantgoau.com/files/ytls/bundle16.js
Frame ID: 6B6ED58AF4273CB1298A36700A8F5033
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: BD9F9DC9A7EC45BB7BE8ED78063478B3
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

92 %
HTTPS

70 %
IPv6

23
Domains

28
Subdomains

20
IPs

6
Countries

2308 kB
Transfer

6028 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://counter.yadro.ru/hit?t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285
Request Chain 56
  • https://ntvpforever.com/in/show/?mid=1659398855&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=72952460&sid=2725982386&cid=10289&price=0&is_cpm=1&cpm=2.8&ecpm=2.38&crid=&crtid=424005fbae447d7336b74addbe45d279&tcid=0&out_id=0&ver=5.7.0&ver_c=&refdom=screenov.eu&hostname=auc-inpage-hz-1&site_id=3114525&spot_id=14525&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=2022-02-11&is_native=3&auction_queue=0&burl=&pop_winurl=&ip=193.27.14.10&testab=0&px_id=3114525&adblock=0&auction_host=all&mm=0&yc=0&render_type=mq&campaign_type=lq-pop-ext&pop_type=1&space_id=1886&verify_hash=8558289a9e434a9e6c7008dee25fb397&real_bid=2.38&skin_id=1&vertical_id=0&url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FDE%2FDE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp&pop_price=0.0023799999999999997&pop_real_bid=0.0023799999999999997&pop_ecpm=0.049183404345037325&auc_type=1&pr=&user_keywords=&format=compact-slide-t_r-body&mlf=1&cpa=76f1ac26-cdd6-44da-9b5d-fdc651ded6ef HTTP 302
  • https://static.bookmsg.com/creatives/DE/DE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp
Request Chain 59
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiIxODY3OTgxNTkiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjozMTA2MiwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIifSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIzMTA2MiIsInBhZ2UiOiJodHRwczovL3NjcmVlbm92LmV1L2ltZ19mdWxsL2ltZy5odG1sIn0sImRldmljZSI6eyJ3IjoxNjAwLCJoIjoxMjAwfSwidXNlciI6eyJpZCI6ImE0MDc5NTIxMzc5OGExNzEwOTc5YWM0MzQxYmFjOGU1In0sImV4dCI6eyJkdCI6MTY0NDU5Nzk4NzE5N319 HTTP 302
  • https://rtbbnr.com/banner/in/show/?mid=1904929145&pid=0&site=31062&sc=DE&usage_type=DCH&subid=186798159&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=screenov.eu&hostname=auc-banner-hz-5&site_id=0&spot_id=31062&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&burl=&pop_winurl=&ip=2001:ac8:20:301::201e&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&min_cpm=0&ttl=&space_id=1695&banner_width=1&banner_height=1&url=%2F%2Ftcimp.zog.link%2Fin%2Fbanners%3Fkatds_ep%3D91LvCpHsj7HNYd2pPVovvkbVOlGoKd5KzyRli-z6ohX9NwSzcPM_v26gFDzDDpxkyxK5_Y-RoUv4bCYB8yG8gPsQAaBOjuDodQp2cI3J7pzJBdSAfHaJnTcTxCOFSItOAvL-BRxNzzCwx4iSGRD-oqtzxizIOxoUYrnDVsTGFejCPr7HZBZZC4I22c7HIb6gWhMvNPBeKsn2vbwWENmGbJXmM9sVg8B1WJFKIF6KH8W3HPEp8HoQSIg6GrcOeKyHfcboxLI1S5XFg_n7CJ0sIUrILfuczNVdSGN76N_-evKVuNaDgTw6jUCSXF1_PUHMvdy1l7diRQvVXK33wd31cSSOBkr2bZ2-XkiLfvw9HS-qGH-cXye-u99bQeyr858bEZQlWe6E4Xenlk_i1JpY7Kk9ov0mtXNNsJjB6MA2vEJH-sqPlxZwcmofNGOOliRXjYMz1vCPcEpeP75CFfmtfSG3OjjOzyWx1w&pr=&bid_crid=&bid_cid=&is_iframe=0 HTTP 302
  • https://tcimp.zog.link/in/banners?katds_ep=91LvCpHsj7HNYd2pPVovvkbVOlGoKd5KzyRli-z6ohX9NwSzcPM_v26gFDzDDpxkyxK5_Y-RoUv4bCYB8yG8gPsQAaBOjuDodQp2cI3J7pzJBdSAfHaJnTcTxCOFSItOAvL-BRxNzzCwx4iSGRD-oqtzxizIOxoUYrnDVsTGFejCPr7HZBZZC4I22c7HIb6gWhMvNPBeKsn2vbwWENmGbJXmM9sVg8B1WJFKIF6KH8W3HPEp8HoQSIg6GrcOeKyHfcboxLI1S5XFg_n7CJ0sIUrILfuczNVdSGN76N_-evKVuNaDgTw6jUCSXF1_PUHMvdy1l7diRQvVXK33wd31cSSOBkr2bZ2-XkiLfvw9HS-qGH-cXye-u99bQeyr858bEZQlWe6E4Xenlk_i1JpY7Kk9ov0mtXNNsJjB6MA2vEJH-sqPlxZwcmofNGOOliRXjYMz1vCPcEpeP75CFfmtfSG3OjjOzyWx1w HTTP 302
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14&ts=1644597986 HTTP 302
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
Request Chain 71
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request img.html
screenov.eu/img_full/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx / PHP/5.4.16
Resource Hash
e8b44a1a3dc406519d7ddfbb444ea819390d7ae526876611a5ce11320cb7249d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Encoding
gzip
main.css
screenov.eu/img_full/ 		67 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/main.css
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx /
Resource Hash
d8a7d2e48e324d8dc37d42efa11527939cde7c5b041806a3e6bd29c8d8737bc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 05:28:41 GMT
Server
nginx
ETag
W/"60e68d09-10aae"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 13 Mar 2022 16:46:23 GMT
jquery.min(1).js
screenov.eu/img_full/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/jquery.min(1).js
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 16:39:35 GMT
Server
nginx
ETag
W/"609d5647-176f8"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 13 Mar 2022 16:46:23 GMT
showHide.js
screenov.eu/img_full/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/showHide.js
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx /
Resource Hash
734bffcd4fb5a2dfc11194bc5cd3afe2558fa5289d713ade5190d6590c2dd542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 May 2021 16:39:36 GMT
Server
nginx
ETag
W/"609d5648-d9b"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Sun, 13 Mar 2022 16:46:23 GMT
screenovclu.php
screenov.eu/img_full/ 		348 B
440 B 		Script
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/screenovclu.php
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx / PHP/5.4.45
Resource Hash
e35173c514bad4a757b2c1d22dda6dd2d41d6a2e617fbba98f205ad8a1e3121d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.45
Transfer-Encoding
chunked
Content-Type
text/html
jquery.screenov.php
screenov.eu/img_full/ 		418 B
468 B 		Script
General
Check archive.org
Download Go to
Full URL
https://screenov.eu/img_full/jquery.screenov.php
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx / PHP/5.4.45
Resource Hash
3e6e1bc6ef7566fe732bf147d709b955a02f3e46e1187544952e2cf588783f20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.45
Transfer-Encoding
chunked
Content-Type
text/html
UEp2OXpqUEw3UDQ3MGg1ULFoKCi21A
taz.mfcewkrob.com/xj/ 		822 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://taz.mfcewkrob.com/xj/UEp2OXpqUEw3UDQ3MGg1ULFoKCi21A
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/screenovclu.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx / PHP/7.0.33-0+deb9u12
Resource Hash
21df6f875f3749f52beaa7bffac052c34cd3f00b7a47a22c5266c09995e866b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

vw-charset
utf-8
date
Fri, 11 Feb 2022 16:46:23 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.0.33-0+deb9u12
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-transform
content-length
390
UEp2OXpqUEw3UDQ3MGg1ULFoKiGy0g
bbckdl.mfcewkrob.com/xj/ 		67 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbckdl.mfcewkrob.com/xj/UEp2OXpqUEw3UDQ3MGg1ULFoKiGy0g
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/jquery.screenov.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx / PHP/7.0.33-0+deb9u12
Resource Hash
6bfb4ff626d3485e278d6c5f6ca8f7ad99ce84a411eba4ec9e996c6bed9ca99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:23 GMT
cache-control
no-transform
server
nginx
content-encoding
gzip
x-powered-by
PHP/7.0.33-0+deb9u12
vw-charset
utf-8
content-type
text/javascript;charset=utf-8
main_bg_rpt-dark.jpg
screenov.eu/img_full/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://screenov.eu/img_full/main_bg_rpt-dark.jpg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx /
Resource Hash
c5747a66c008472dafa2b2a3a5471ef6ca2542edfa40d6250920e977ef10c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/img_full/img.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:23 GMT
Last-Modified
Thu, 13 May 2021 16:39:35 GMT
Server
nginx
ETag
"609d5647-161a5"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90533
Expires
Sun, 13 Mar 2022 16:46:23 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285
  • https://counter.yadro.ru/hit?q;t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285
246 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
89f7f2af809d71f508c67eca0357020bb7852c5c03f7f5fa9a6a5568ac762de1
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Feb 2022 16:46:24 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
246
Expires
Wed, 10 Feb 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Feb 2022 16:46:24 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.10;r;s1600*1200*24;uhttps%3A//screenov.eu/img_full/img.html;h;0.6247118953106285
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 10 Feb 2021 21:00:00 GMT
f812c9ff7f6f9e68988dc1e26a7c937f.js
a937a51544.85e954452d.com/ 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3

Request headers

Referer
https://screenov.eu/
Origin
https://screenov.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:23 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 11:57:31 GMT
server
nginx/1.18.0
etag
W/"62064f2b-13e4c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Feb 2022 16:51:23 GMT
cache-control
max-age=300
x-proxy-cache
HIT
18975
a937a51544.85e954452d.com/6b959194ba8e8110f6ebfeb861d81e42/ 		1 KB
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a937a51544.85e954452d.com/6b959194ba8e8110f6ebfeb861d81e42/18975
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a27866af006e303d0bb022c286a6a84fe2465b714832f6d8f465efa0a07d9478

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:23 GMT
content-encoding
gzip
server
nginx/1.18.0
content-type
application/json
access-control-allow-origin
*
expires
Fri, 11 Feb 2022 16:51:23 GMT
cache-control
max-age=300
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:23 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Feb 2022 16:51:23 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
xx
taz.mfcewkrob.com/ 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taz.mfcewkrob.com/xx?qxq!&clu=WPR-o1FR7fGTxrUcNLOy0B8VDFmoYFyu7jdXXG4KgpojFLWoKsiUIbhBBxsp04DU8c2IwMOerACljvhEZdEmhtP4URM7ubhjjh49WL8L4VwV6O_8VLMz&mb=0&fsb=0&lb=0
Requested by
Host: taz.mfcewkrob.com
URL: https://taz.mfcewkrob.com/xj/UEp2OXpqUEw3UDQ3MGg1ULFoKCi21A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx / PHP/7.0.33-0+deb9u12
Resource Hash
56d3657cd7183011a045ec159680e530d3b3d870b19bebbac369ac86b98d4544

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:23 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.0.33-0+deb9u12
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-transform
content-length
15438
jquery.min.js
bbckdl.mfcewkrob.com/ 		29 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bbckdl.mfcewkrob.com/jquery.min.js
Requested by
Host: bbckdl.mfcewkrob.com
URL: https://bbckdl.mfcewkrob.com/xj/UEp2OXpqUEw3UDQ3MGg1ULFoKiGy0g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
c489df4cfe5b67cbc17aac70ee1f53105feb48224863d26c5fc8ea68b813eb10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2015 12:35:44 GMT
server
nginx
etag
W/"55f17920-731f"
content-type
application/javascript
cache-control
max-age=864000
expires
Mon, 21 Feb 2022 16:46:24 GMT
tags
notification.tubecup.net/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.tubecup.net/tags?tag_id=18975&timezone_olson=Etc/Unknown
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.198.204.166 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-204-166.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:24 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
506341.1637633648.8874.gif
bbckdl.mfcewkrob.com/i/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/506341.1637633648.8874.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf1b81a974856222f48eddd28bc92335aaa4a4ea5fdfc2d69a19a0c800ad9206

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 23 Nov 2021 02:14:08 GMT
server
nginx
etag
"619c4e70-e188"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
57736
expires
Mon, 21 Feb 2022 16:46:24 GMT
505096.1635858504.8935.jpeg
bbckdl.mfcewkrob.com/i/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/505096.1635858504.8935.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0c0287022d6d6d4ea8c435f6c4f7a97de6710929661a6ca98d23768220b8b87a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 02 Nov 2021 13:08:24 GMT
server
nginx
etag
"61813848-2817"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
10263
expires
Mon, 21 Feb 2022 16:46:24 GMT
1ae94a593b9e3378908eb55852e1eee2f92a3aa50f873f05.jpg
bbckdl.mfcewkrob.com/i/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/1ae94a593b9e3378908eb55852e1eee2f92a3aa50f873f05.jpg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a2fea8d474b68bf3f597637d81edecf8f64d62a6024e5caec8390df2fa06e2a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Thu, 25 Oct 2012 07:09:15 GMT
server
nginx
etag
"5088e59b-2ac5"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
10949
expires
Mon, 21 Feb 2022 16:46:24 GMT
cf07359e0114fe5dde3a6aaeb156659dab0c0cb1adbb5ff6.jpg
bbckdl.mfcewkrob.com/i/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/cf07359e0114fe5dde3a6aaeb156659dab0c0cb1adbb5ff6.jpg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
9d85b330e6f9c6f3c2723c51212c427d743cbaa61d339d5be5238eacbedbac56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Sun, 10 Mar 2013 12:37:28 GMT
server
nginx
etag
"513c7e88-9db9"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
40377
expires
Mon, 21 Feb 2022 16:46:24 GMT
294150.1614451676.0604.jpeg
bbckdl.mfcewkrob.com/i/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/294150.1614451676.0604.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d0ae6380338630d396b7056dfd1765e6e93b2c989adb782913ec2c7e8da8d02d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Sat, 27 Feb 2021 18:47:56 GMT
server
nginx
etag
"603a93dc-2dc7"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
11719
expires
Mon, 21 Feb 2022 16:46:24 GMT
506341.1637633621.7263.gif
bbckdl.mfcewkrob.com/i/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/506341.1637633621.7263.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
dde1f98bb4f18563190ecad46ca4e8e41682ee6d09e07154a0b52d9b9750d62c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 23 Nov 2021 02:13:41 GMT
server
nginx
etag
"619c4e55-10a2c"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
68140
expires
Mon, 21 Feb 2022 16:46:24 GMT
504165.1634688594.059.jpeg
bbckdl.mfcewkrob.com/i/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/504165.1634688594.059.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
fbb027398c2a1744b2537663ea1208f3288b4cae4aac65a5adcceaa2bbaf8ac2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Wed, 20 Oct 2021 00:09:54 GMT
server
nginx
etag
"616f5e52-157f"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
5503
expires
Mon, 21 Feb 2022 16:46:24 GMT
0977fca9173b0900efa4d29e0a350caa07027e00e786d356.gif
bbckdl.mfcewkrob.com/i/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/0977fca9173b0900efa4d29e0a350caa07027e00e786d356.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ede95015450e67145f9c0f47022d1e8986e08a450d61d860f148ca754f0244e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 07 Aug 2012 16:39:47 GMT
server
nginx
etag
"502144d3-4005"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
16389
expires
Mon, 21 Feb 2022 16:46:24 GMT
6c2fd0b1a23b4503c594c2f181cf4ba00af409131bf161e8.jpeg
bbckdl.mfcewkrob.com/i/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/6c2fd0b1a23b4503c594c2f181cf4ba00af409131bf161e8.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
5577589a41359fa4182182b91021a2bddacd310dfb08b86b0bed43fd333ec10a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Thu, 17 Sep 2015 09:59:33 GMT
server
nginx
etag
"55fa8f05-4303"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
17155
expires
Mon, 21 Feb 2022 16:46:24 GMT
506341.1637632063.1626.gif
bbckdl.mfcewkrob.com/i/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/506341.1637632063.1626.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
da59739b1bc8dc744c031a13296bae914553ea598d21b2b65d4ed9d349e979f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 23 Nov 2021 01:47:43 GMT
server
nginx
etag
"619c483f-10873"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
67699
expires
Mon, 21 Feb 2022 16:46:24 GMT
4f03b84100e6b80154fe030ac9c5037cbd08f3fb326dba98.jpeg
bbckdl.mfcewkrob.com/i/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/4f03b84100e6b80154fe030ac9c5037cbd08f3fb326dba98.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
03f64a679805dd6aae1189eb63cbfb2f767cf59a40ca7ae4a5c9d338bdd36267

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Wed, 01 Mar 2017 12:11:40 GMT
server
nginx
etag
"58b6ba7c-373e"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
14142
expires
Mon, 21 Feb 2022 16:46:24 GMT
73b60321a77c8935431b4633a1cb6bb58c8ca0c0b2ac540b.jpeg
bbckdl.mfcewkrob.com/i/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/73b60321a77c8935431b4633a1cb6bb58c8ca0c0b2ac540b.jpeg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
a892936fd1d03edde418a5e39aa43c9f065f9fcbb5a7061a47d9ec35f3fdc680

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Fri, 21 Jun 2013 14:52:48 GMT
server
nginx
etag
"51c468c0-180f"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
6159
expires
Mon, 21 Feb 2022 16:46:24 GMT
505750.1636898147.9564.gif
bbckdl.mfcewkrob.com/i/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/505750.1636898147.9564.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e5e32726bd518aaca98ecb978e1df5313844547e8b8b4e65b3374d4024348cc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Sun, 14 Nov 2021 13:55:47 GMT
server
nginx
etag
"61911563-49e0"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
18912
expires
Mon, 21 Feb 2022 16:46:24 GMT
506341.1637632046.1212.gif
bbckdl.mfcewkrob.com/i/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/506341.1637632046.1212.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
d2dcf6ba1772ce339375bceee314dba25055b1fef7df05588c63e6942c3bc2bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 23 Nov 2021 01:47:26 GMT
server
nginx
etag
"619c482e-b600"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
46592
expires
Mon, 21 Feb 2022 16:46:24 GMT
73ba9c5f800b6a7c32083254c91dc73e82694e0a45fb1475.jpg
bbckdl.mfcewkrob.com/i/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/73ba9c5f800b6a7c32083254c91dc73e82694e0a45fb1475.jpg
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f64a0ce3d23693d4e823673291ee90225692525309a536dac452f793b1883213

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Fri, 21 Sep 2012 09:13:58 GMT
server
nginx
etag
"505c2fd6-14b2"
content-type
image/jpeg
cache-control
max-age=864000
accept-ranges
bytes
content-length
5298
expires
Mon, 21 Feb 2022 16:46:24 GMT
506341.1637633635.3881.gif
bbckdl.mfcewkrob.com/i/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/i/506341.1637633635.3881.gif
Requested by
Host: screenov.eu
URL: https://screenov.eu/img_full/img.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f7a85b91d2085d849387353f12ecf693121a9ce8b90b48760ce060e35f6625d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 23 Nov 2021 02:13:55 GMT
server
nginx
etag
"619c4e63-11b18"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
72472
expires
Mon, 21 Feb 2022 16:46:24 GMT
track
9873bb2aa8.85e954452d.com/in/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://9873bb2aa8.85e954452d.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI5MjA2ODkxNDk5OTYxOTcxMDAwIiwidGltZXpvbmUiOjAsInZlciI6IjIuMTUuMCIsInRhZ19pZCI6MTg5NzUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MH0=
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:24 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
de9680f880487bc8af9808e202a4377c.js
a937a51544.85e954452d.com/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a937a51544.85e954452d.com/de9680f880487bc8af9808e202a4377c.js
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
fbf881b009aa0064fcb588a500230a0cac4ef00eaf417d6c6bd1fb36ef89f51b

Request headers

Referer
https://screenov.eu/
Origin
https://screenov.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
content-encoding
gzip
last-modified
Fri, 11 Feb 2022 12:27:27 GMT
server
nginx/1.18.0
etag
W/"6206562f-1943c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Feb 2022 16:51:24 GMT
cache-control
max-age=300
x-proxy-cache
HIT
build.m.js
js.cabnnr.com/banner-admanager/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.m.js
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/f812c9ff7f6f9e68988dc1e26a7c937f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.25 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cc415797d8d66eb0358bf9565ef550d8c352e76e9fc5468dce26c3df1ca4b6db

Request headers

Referer
https://screenov.eu/
Origin
https://screenov.eu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 13:21:09 GMT
server
nginx/1.18.0
etag
W/"62051145-6bec"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 11 Feb 2022 16:51:24 GMT
cache-control
max-age=300
x-proxy-cache
HIT
dip
nereserv.com/in/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nereserv.com/in/dip?site=native-push&wl=1&event_id=1b8b5a6f-0201-4df5-b5e0-01f45e06eef0&subid=72952460&sid=2725982386&spot_id=14525&created_at=2022-02-11&timezone=0&ver=5.7.0&is_native=1
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/de9680f880487bc8af9808e202a4377c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:24 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
multy
ntvpinp.com/in/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ntvpinp.com/in/multy?wl=1&event_id=1b8b5a6f-0201-4df5-b5e0-01f45e06eef0&subid=72952460&sid=2725982386&spot_id=14525&created_at=2022-02-11&timezone=0&ver=5.7.0&is_native=1&tcid=0&site=native-push&screen_resolution=1600x1200&format=compact-slide-t_r-body&adblock=0&testab=0&timezone_olson=Etc%2FUnknown&after_video=0&tu=1&mm=0&skins=1&default=1
Requested by
Host: a937a51544.85e954452d.com
URL: https://a937a51544.85e954452d.com/de9680f880487bc8af9808e202a4377c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
8a6662db342e60979c19368490bcbf0713bf9b707bd7566a03d7f09ad8246b96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:25 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
2674
ref-96-1.gif
bbckdl.mfcewkrob.com/images/ 		895 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/images/ref-96-1.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
8492d3a640accc7c6dc8f456639c1eab991fe0fcd23dc38d57fb0ffa77436c68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 02 Apr 2013 15:07:48 GMT
server
nginx
etag
"515af444-37f"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
895
expires
Mon, 21 Feb 2022 16:46:24 GMT
ref-16-1.gif
bbckdl.mfcewkrob.com/images/ 		387 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/images/ref-16-1.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
0fea6b2647c7015adde4c52209ae87a5a98a7fb04152ca85d178540423ca45be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Tue, 02 Apr 2013 15:07:48 GMT
server
nginx
etag
"515af444-183"
content-type
image/gif
cache-control
max-age=864000
accept-ranges
bytes
content-length
387
expires
Mon, 21 Feb 2022 16:46:24 GMT
close.png
bbckdl.mfcewkrob.com/images/ 		721 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbckdl.mfcewkrob.com/images/close.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.222.167 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6b6b100a58d6e936a087e518cb66d88c2a862e6866340192af123109a77f4635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:24 GMT
last-modified
Thu, 04 Apr 2013 13:40:43 GMT
server
nginx
etag
"515d82db-2d1"
content-type
image/png
cache-control
max-age=864000
accept-ranges
bytes
content-length
721
expires
Mon, 21 Feb 2022 16:46:24 GMT
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C0C 		110 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
DE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp
static.bookmsg.com/creatives/DE/ Frame 9C0C
Redirect Chain
  • https://ntvpforever.com/in/show/?mid=1659398855&pid=0&site=native-push-adult&sc=DE&usage_type=DCH&subid=72952460&sid=2725982386&cid=10289&price=0&is_cpm=1&cpm=2.8&ecpm=2.38&crid=&crtid=424005fbae44...
  • https://static.bookmsg.com/creatives/DE/DE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp
324 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bookmsg.com/creatives/DE/DE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp
Protocol
H2
Server
88.198.209.15 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-209-15.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
43c9d86790de28fcc9452200bb53ee8b56f00c6120ef9948b5195841553e2693

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:25 GMT
last-modified
Tue, 24 Nov 2020 14:19:51 GMT
server
nginx/1.18.0
etag
"5fbd1687-144"
content-type
image/webp
cache-control
public, max-age=315360000
accept-ranges
bytes
content-length
324

Redirect headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:25 GMT
server
nginx/1.18.0
access-control-allow-origin
*
vary
Origin
access-control-allow-methods
*
location
https://static.bookmsg.com/creatives/DE/DE_4d0a6f315b061470be00d7faa1581f20bb11af69_icon.webp
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
truncated
/ Frame 9C0C 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml
img.html
screenov.eu/img_full/ Frame 9C0C 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://screenov.eu/img_full/img.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.81.129.90 , Latvia, ASN43513 (NANO-AS, LV),
Reverse DNS
domaha.tv
Software
nginx / PHP/5.4.16
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 16:46:25 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
ls
stream.bantgoau.com/yt/ Frame C4B1
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiw...
  • https://rtbbnr.com/banner/in/show/?mid=1904929145&pid=0&site=31062&sc=DE&usage_type=DCH&subid=186798159&sid=0&cid=12098&price=0&is_cpm=1&cpm=0.036&ecpm=0.036&crid=&crtid=d41d8cd98f00b204e9800998ecf...
  • https://tcimp.zog.link/in/banners?katds_ep=91LvCpHsj7HNYd2pPVovvkbVOlGoKd5KzyRli-z6ohX9NwSzcPM_v26gFDzDDpxkyxK5_Y-RoUv4bCYB8yG8gPsQAaBOjuDodQp2cI3J7pzJBdSAfHaJnTcTxCOFSItOAvL-BRxNzzCwx4iSGRD-oqtzxi...
  • https://tb.baimgfroggd.site/in/1816/?user_id=7955c2577bda66b6b173b1f579d0fcbef659437f&bid=0.048000&katds_labels=&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14&ts=1644597986
  • https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%2...
8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d6ea8609be12091a61ad626d38417ce82247f8a3278e7a8f8e2e6ead878ff0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://screenov.eu/

Response headers

date
Fri, 11 Feb 2022 16:46:27 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ii27u%2F36%2F7FM3x2h9eOIrcuugI3aRJS%2Bjs24Tvo7%2FjTCaugYBNUolWhIRsSu4MJlj6CWsjZ0gF9fSrbymDvBywYBQ0Tj11V1Dp6tnEbEuAMKBbICneKaONjLb4H0Xl1hZ6lmvoR0LCLOfs8tVdjgN%2Fg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6dbf0dad98e383ac-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Fri, 11 Feb 2022 16:46:27 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
vary
*
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
bundle15.js
stream.bantgoau.com/files/ytls/ Frame C4B1 		2 MB
612 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/files/ytls/bundle15.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa42619620e84115cab469b5ef674b4acf887df690b2af613592f80700378a97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:27 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 26 Jan 2022 15:01:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTs8lkJzwK778gJgBeoz3TIAvlw3w2sUpteF6jMatb3WwUQkVxFbccpA5nYHZtoS7Fsp0b0t1PkUyLTS1tq63Ax9WS5JbUqaoU3vDgWijnhWZPVGahduv6lbP3XtpdaG5m7ozk%2FXFHgYnJa29pcTO51Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
6dbf0dae1a3783ac-MXP
expires
Fri, 11 Feb 2022 20:46:27 GMT
VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
lh3.googleusercontent.com/ Frame C4B1 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/VpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw=w1440-l80-sg-rj-c0xffffff
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 14:22:16 GMT
x-content-type-options
nosniff
age
8651
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39552
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 12 Feb 2022 02:21:59 GMT
/
vs.bantgoau.com/sts/ Frame C4B1 		2 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vs.bantgoau.com/sts/?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14&type=impression&g_referer=https://screenov.eu
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle15.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:128:7:4777::1 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 11 Feb 2022 16:46:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
bundle16.js
stream.bantgoau.com/files/ytls/ Frame 6B6E 		158 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.bantgoau.com/files/ytls/bundle16.js
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle15.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:131d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb5c013534fe38c9ed3464f25570406849297e073c027b338a1ef92e8f31027

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/yt/ls?eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.bantgoau.com%2Fsts%2F&pid=60819&p=0.0200&oid=1428841&sp=0.048000&spp=1000&se=impression&vi=XYrx_ZssOFA&tcbbi=https%3A%2F%2Flh3.googleusercontent.com%2FVpAJU4nVm9mzKA2H5GVcUR7qJ8aGQhXPg-KaKDSZQDcdDgIpwGLY0b7HgluLUDFh82djR2OUm9hSwC6r4qt8s4MSJuMoiNZjzn-TWw%3Dw1440-l80-sg-rj-c0xffffff&tcbbc=https%3A%2F%2Fwww.google.com%2F&ts=1644597986&utm1=tcb&utm2=820547339-1&utm3=195-21720-0&utm4=0-9819341-14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6dbf0db1988c8fd1-FRA
date
Fri, 11 Feb 2022 16:46:28 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 26 Jan 2022 15:01:36 GMT
server
cloudflare
age
5626
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9nibnMDk75GfBKKMgCYrKPqpZqNyY6%2B6FzIS44lL%2Fx7nxyfayisma%2FpXl8ubK5%2F6tnk6dONgiIKcaZ6Ut5ltAMc7PeGqy12d6FNEHKtCA%2FvFEcS%2FsMZeSaEqmjYRhhv%2BX4fAAc2fzyf5lgzGFRgSc%2BJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
url
www.google.com/ Frame BD9F 		603 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/XYrx_ZssOFA%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Requested by
Host: stream.bantgoau.com
URL: https://stream.bantgoau.com/files/ytls/bundle16.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
cd6fed4b00a536ba037187ba9992aae134512613d068cc7a4b825e06236df929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stream.bantgoau.com/

Response headers

location
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control
private
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Fri, 11 Feb 2022 16:46:28 GMT
server
gws
content-length
603
x-xss-protection
0
expires
Fri, 11 Feb 2022 16:46:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XYrx_ZssOFA
www.youtube.com/embed/ Frame BD9F 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/XYrx_ZssOFA%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
b09b62dd436d71469eea19a3c60532c98f357d32c9b1d3d66a85273833092423
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 11 Feb 2022 16:46:28 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame BD9F 		342 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 15:40:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
3946
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47770
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Feb 2023 15:40:42 GMT
www-embed-player.js
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame BD9F 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 23:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
62037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86941
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 10 Feb 2023 23:32:31 GMT
base.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
172663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549860
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame BD9F 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 15:25:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
4835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3338
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 11 Feb 2023 15:25:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BD9F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 11:18:05 GMT
x-content-type-options
nosniff
age
278903
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 11:18:05 GMT
id
googleads.g.doubleclick.net/pagead/ Frame BD9F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Server
2a00:1450:4001:828::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
387310e7efff520a8df5b829062fbebc1fd068cec182c21b91e960a99b4a2cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 11 Feb 2022 16:46:29 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame BD9F 		29 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:44:18 GMT
x-content-type-options
nosniff
age
131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Feb 2022 16:59:18 GMT
zRgr2ACnj0YI3poDVuWyejvFMZcBcPxtDmNhcAvw--E.js
www.google.com/js/th/ Frame BD9F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/zRgr2ACnj0YI3poDVuWyejvFMZcBcPxtDmNhcAvw--E.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
cd182bd800a78f4608de9a0356e5b27a3bc531970170fc6d0e6361700bf0fbe1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 08:30:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
29742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13563
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Feb 2023 08:30:47 GMT
embed.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
172663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7710
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:46 GMT
player
www.youtube.com/youtubei/v1/ Frame BD9F 		50 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
14be3ef02d8a6e1b1d58e85e8509025721068648fb96426e52297b3581d00cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20220208.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
X-Goog-Visitor-Id
CgtZUjdobEpfMEhsZyjkpZqQBg%3D%3D
Content-Type
application/json

Response headers

date
Fri, 11 Feb 2022 16:46:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20099
x-xss-protection
0
expires
Fri, 11 Feb 2022 16:46:29 GMT
truncated
/ Frame BD9F 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
aiA3RE02clhkQUh0BXmdMG2HInmJ8Gq1CTaI-A06NpuTCjvFuuuRnEg7fUTXQnmMfup-AyC1=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame BD9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/aiA3RE02clhkQUh0BXmdMG2HInmJ8Gq1CTaI-A06NpuTCjvFuuuRnEg7fUTXQnmMfup-AyC1=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 -, , ASN (),
Reverse DNS
Software
fife /
Resource Hash
a7866d99c783dff4ae3c1035c9f69687d24ce72d8dc454069635e0cdf8feb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 14:38:57 GMT
x-content-type-options
nosniff
age
7652
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2863
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 11 Feb 2022 02:15:31 GMT
truncated
/ Frame BD9F 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame BD9F 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?zH5X8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame BD9F 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=243&afmt=140&cpn=sYUtDA6c7TAxz1ow&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24135310%2C24158010%2C24166123&cl=427307184&live=dvr&seq=1&docid=XYrx_ZssOFA&ei=5ZIGYsz1CoCD6dsPpM2X2AY&event=streamingstats&plid=AAXXwM7yLsgsPgcj&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FXYrx_ZssOFA%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cbr=Chrome&cbrver=98.0.4758.80&c=WEB_EMBEDDED_PLAYER&cver=1.20220208.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.005:B,0.196:S,0.201:S,0.201:S&cmt=0.005:0.000,0.196:0.000,0.201:0.000&afs=0.201:140::i&vfs=0.201:243:243::r&view=0.201:1:1&bwe=0.201:130000&bat=0.201:1:1&vis=0.201:0&bh=0.201:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 16:46:29 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		97 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ade2911c5af02c864d611c989426975832af5ce9a6ee9f5255181ab13ffb251a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:48:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
172663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30817
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:48:46 GMT
endscreen.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4ef8bf525e9553b0fbde5ef3b973c955a587256507111d9e9ad12eeb611d0e06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:51:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
172514
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7230
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:51:15 GMT
annotations_module.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
48281d3c0fd02f679a43eeb5e791c4c365f3981cfa5f3965fdded318a9d97daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:52:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
172443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19776
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:52:26 GMT
heartbeat.js
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame BD9F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/heartbeat.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1b3dd2970675827fc0ae6666deec9516a2599579b83bf36c9b0ae7be22dc4a1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/XYrx_ZssOFA?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 16:56:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
172174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9241
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 01:19:32 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 09 Feb 2023 16:56:55 GMT
next
www.youtube.com/youtubei/v1/ Frame BD9F 		0
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame BD9F 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Feb 2022 16:46:29 GMT
videoplayback
rr4---sn-4g5lznle.googlevideo.com/ Frame BD9F 		32 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5lznle.googlevideo.com/videoplayback?expire=1644619589&ei=5ZIGYsz1CoCD6dsPpM2X2AY&ip=2001%3Aac8%3A20%3A301%3A%3A201e&id=XYrx_ZssOFA.1&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_live_broadcast&requiressl=yes&mh=uH&mm=44%2C26&mn=sn-4g5lznle%2Csn-2gb7sn7s&ms=lva%2Conr&mv=m&mvi=4&pl=54&initcwndbps=247500&vprv=1&live=1&hang=1&noclen=1&mime=video%2Fwebm&ns=TyFTkHhlrrz3bR7pWXSX8NkG&gir=yes&mt=1644597634&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=V9cP24Vd3DS88A&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRQIhAOC7eHesIsrDvfM6IXZ19RE1ukvfUMXELM9t75xUjr4WAiAG66zUjdLZPskEv7qXGWG0333Z-esGxkL36Rxs7chcQQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIL05fLQVu1cXc2igtXQQ4PzEZA3HL8XAhT0b6UatlFAAiAhqHHpPRMY2qjVK7SC7j_RbnU2U5j9nA2oAp-9Xxo6bA%3D%3D&alr=yes&cpn=sYUtDA6c7TAxz1ow&cver=1.20220208.01.00&headm=3&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1d::9 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Sequence-Num
21797
Date
Fri, 11 Feb 2022 16:46:29 GMT
X-Content-Type-Options
nosniff
X-Segment-Lmt
1644554381189193
X-Bandwidth-Est
3166171
X-Bandwidth-App-Limited
false
Cross-Origin-Resource-Policy
cross-origin
X-Bandwidth-Est2
1024423
Connection
keep-alive
X-Walltime-Ms
1644597989422
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
66818
X-Bandwidth-Est3
1652944
Pragma
no-cache
X-Bandwidth-Est-Comp
1024423
Last-Modified
Fri, 11 Feb 2022 04:39:41 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
X-Head-Time-Sec
43600
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Head-Seqnum
21800
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Head-Time-Millis
43600767
X-Bandwidth-Est-App-Limited
false
Expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-4g5lznle.googlevideo.com/ Frame BD9F 		41 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5lznle.googlevideo.com/videoplayback?expire=1644619589&ei=5ZIGYsz1CoCD6dsPpM2X2AY&ip=2001%3Aac8%3A20%3A301%3A%3A201e&id=XYrx_ZssOFA.1&itag=140&source=yt_live_broadcast&requiressl=yes&mh=uH&mm=44%2C26&mn=sn-4g5lznle%2Csn-2gb7sn7s&ms=lva%2Conr&mv=m&mvi=4&pl=54&initcwndbps=247500&vprv=1&live=1&hang=1&noclen=1&mime=audio%2Fmp4&ns=TyFTkHhlrrz3bR7pWXSX8NkG&gir=yes&mt=1644597634&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&n=V9cP24Vd3DS88A&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Clive%2Chang%2Cnoclen%2Cmime%2Cns%2Cgir&sig=AOq0QJ8wRAIgDyIpdr_TTo3K7B4EYE4X3-pVlg1LGAHjzJdfO71Q13cCIHPkDQOW4tEx3btbPY2XNTGFe9BjW1OgwDJR_S6RauYr&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAIL05fLQVu1cXc2igtXQQ4PzEZA3HL8XAhT0b6UatlFAAiAhqHHpPRMY2qjVK7SC7j_RbnU2U5j9nA2oAp-9Xxo6bA%3D%3D&alr=yes&cpn=sYUtDA6c7TAxz1ow&cver=1.20220208.01.00&headm=3&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:1d::9 -, , ASN (),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Sequence-Num
21797
Date
Fri, 11 Feb 2022 16:46:29 GMT
X-Content-Type-Options
nosniff
X-Segment-Lmt
1644554381189184
X-Bandwidth-Est
2959333
X-Bandwidth-App-Limited
false
Cross-Origin-Resource-Policy
cross-origin
X-Bandwidth-Est2
956755
Connection
keep-alive
X-Walltime-Ms
1644597989422
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
42227
X-Bandwidth-Est3
1396222
Pragma
no-cache
X-Bandwidth-Est-Comp
956755
Last-Modified
Fri, 11 Feb 2022 04:39:41 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/mp4
Access-Control-Allow-Origin
https://www.youtube.com
X-Head-Time-Sec
43600
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
X-Head-Seqnum
21800
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Head-Time-Millis
43600767
X-Bandwidth-Est-App-Limited
false
Expires
Fri, 01 Jan 1990 00:00:00 GMT
featured_channel.jpg
i.ytimg.com/an/VJXlmINU52CJTnWP-aF9og/ Frame BD9F 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/an/VJXlmINU52CJTnWP-aF9og/featured_channel.jpg?v=62047402
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7d75d0a82bd3ba2abd927fbad8d3637f6fa4d6a41caa6ab2d7eaefb1f0c89b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 16:46:29 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24424
x-xss-protection
0
server
sffe
etag
"1644459010"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 11 Feb 2022 16:51:29 GMT
cast_sender.js
www.gstatic.com/eureka/clank/98/ Frame BD9F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Domain
www.gstatic.com
URL
https://www.gstatic.com/eureka/clank/98/cast_sender.js

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone function| $ function| jQuery object| _0xb099 object| visitweb_script object| d function| adjustWin undefined| imgPath undefined| im function| R function| X object| __adFormats object| __formatsGetters object| AdManager object| a3klsam number| vw_is_show_adv number| vw_show_period_bi function| getCookie_vw function| setCookie_vw number| vw_cur_time_bi object| static_script function| visitweb_dr_code function| visitweb_dr_base object| VisitWeb function| Taboo object| sentences object| words object| activesInpages function| __fp-init function| __banner-init

5 Cookies

Domain/Path Name / Value
.yadro.ru/ Name: FTID
Value: 1Y1fBW3HE8uG1Y1fBW000JNC
screenov.eu/ Name: visitweb_lastshow
Value: 1644597984
.yadro.ru/ Name: VID
Value: 3ZW7fE22gCeG1Y1fBW0005M9
tcimp.zog.link/ Name: 750.0
Value: 1
tb.baimgfroggd.site/ Name: 1816.1428841
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9873bb2aa8.85e954452d.com
a937a51544.85e954452d.com
bbckdl.mfcewkrob.com
counter.yadro.ru
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
js.cabnnr.com
js.wpadmngr.com
lh3.googleusercontent.com
nereserv.com
notification.tubecup.net
ntvpforever.com
ntvpinp.com
rr4---sn-4g5lznle.googlevideo.com
rtbbnr.com
screenov.eu
static.bookmsg.com
static.doubleclick.net
stream.bantgoau.com
taz.mfcewkrob.com
tb.baimgfroggd.site
tcimp.zog.link
vs.bantgoau.com
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
www.gstatic.com
www.youtube.com
168.119.25.22
185.81.129.90
2606:4700:3032::6815:131d
2a00:1450:4001:1d::9
2a00:1450:4001:803::2016
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2006
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:831::2001
2a01:4f8:c0:33d8::1
2a01:4f8:e0:19cb::1
2a02:128:7:4722::2
2a02:128:7:4777::1
2a02:128:7:5241::2
45.133.44.25
88.198.204.166
88.198.209.15
88.212.201.210
95.211.222.167
03f64a679805dd6aae1189eb63cbfb2f767cf59a40ca7ae4a5c9d338bdd36267
05882fa4e821333fb62a4a8d07b7c451e6efbabfa9f3d4946ba9cb54dfb0f04b
0c0287022d6d6d4ea8c435f6c4f7a97de6710929661a6ca98d23768220b8b87a
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
0fea6b2647c7015adde4c52209ae87a5a98a7fb04152ca85d178540423ca45be
14be3ef02d8a6e1b1d58e85e8509025721068648fb96426e52297b3581d00cf1
1b3dd2970675827fc0ae6666deec9516a2599579b83bf36c9b0ae7be22dc4a1d
21df6f875f3749f52beaa7bffac052c34cd3f00b7a47a22c5266c09995e866b2
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
24daca1a4af9c7847a5252795eda58315e596bdb88ca4b6ae51fdaa3c672cc56
26d6ea8609be12091a61ad626d38417ce82247f8a3278e7a8f8e2e6ead878ff0
270a637e9c97cd0ce2b8860fdddf496b483ce586711e1fb7527eb8c5e0d5746e
387310e7efff520a8df5b829062fbebc1fd068cec182c21b91e960a99b4a2cc0
39ee755ad562a7fc959883b57d4918f624c3efac53f8b499734a4c5626e2879e
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6e1bc6ef7566fe732bf147d709b955a02f3e46e1187544952e2cf588783f20
3ec2068a44b2e3b4c742d0d35c1c5829623759ea96de41f3c1af363846f80536
43c9d86790de28fcc9452200bb53ee8b56f00c6120ef9948b5195841553e2693
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
444a68f8495f8630e1a536a36db8f87ae01cc45e59a3ebf341e1568cc0904cf0
44512f22387c2e598be89c01273367dcd2cb443c62dc385095926e485d56a4bd
48281d3c0fd02f679a43eeb5e791c4c365f3981cfa5f3965fdded318a9d97daa
4ef8bf525e9553b0fbde5ef3b973c955a587256507111d9e9ad12eeb611d0e06
506bc85404629c940763e1830cfdc72161eec5c0fa39616914d89ce9469a5604
5577589a41359fa4182182b91021a2bddacd310dfb08b86b0bed43fd333ec10a
56d3657cd7183011a045ec159680e530d3b3d870b19bebbac369ac86b98d4544
629060509e1420ed21ca9afbb1042d919fd746e49ea8ed5fabbe0e3dd3ed01ca
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b6b100a58d6e936a087e518cb66d88c2a862e6866340192af123109a77f4635
6b832d9f9d7c39304c9205b6d562bff9e421e204cfc19fd6065393028119cbf7
6bbfdebcfc2568412d851a7de0def80e6e12bbf31716f940d9f5bfcf354344a6
6bfb4ff626d3485e278d6c5f6ca8f7ad99ce84a411eba4ec9e996c6bed9ca99e
6e5e32726bd518aaca98ecb978e1df5313844547e8b8b4e65b3374d4024348cc
727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291
734bffcd4fb5a2dfc11194bc5cd3afe2558fa5289d713ade5190d6590c2dd542
7d75d0a82bd3ba2abd927fbad8d3637f6fa4d6a41caa6ab2d7eaefb1f0c89b5b
833cb09da79045b251d3c08071c0adc6b1a2e97e9872ca9f37337891cde9ec69
8365ad50a44341d8858863fec236793a9b4074461b61cae8aaa25343b47d7ce3
8492d3a640accc7c6dc8f456639c1eab991fe0fcd23dc38d57fb0ffa77436c68
89f7f2af809d71f508c67eca0357020bb7852c5c03f7f5fa9a6a5568ac762de1
8a6662db342e60979c19368490bcbf0713bf9b707bd7566a03d7f09ad8246b96
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d85b330e6f9c6f3c2723c51212c427d743cbaa61d339d5be5238eacbedbac56
9f339fe40b102007022ab2746a4c9436c54931f620eb8c2860743cf3569a34b8
a15164c46f901a947fcf243fe107b83fdf1ea8d394d2bda73f569daf5666e59e
a27866af006e303d0bb022c286a6a84fe2465b714832f6d8f465efa0a07d9478
a2fea8d474b68bf3f597637d81edecf8f64d62a6024e5caec8390df2fa06e2a5
a7866d99c783dff4ae3c1035c9f69687d24ce72d8dc454069635e0cdf8feb651
a892936fd1d03edde418a5e39aa43c9f065f9fcbb5a7061a47d9ec35f3fdc680
a9e43c507e2164e831bc6d4fc78f1893d6860f01d7327a85e377c7ae714173bb
aa42619620e84115cab469b5ef674b4acf887df690b2af613592f80700378a97
ade2911c5af02c864d611c989426975832af5ce9a6ee9f5255181ab13ffb251a
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b09b62dd436d71469eea19a3c60532c98f357d32c9b1d3d66a85273833092423
b41f877c5e58ec1f5bdd89ae80211cc05afbc3c871a41b38535c7130e927ac62
c489df4cfe5b67cbc17aac70ee1f53105feb48224863d26c5fc8ea68b813eb10
c5747a66c008472dafa2b2a3a5471ef6ca2542edfa40d6250920e977ef10c747
cc415797d8d66eb0358bf9565ef550d8c352e76e9fc5468dce26c3df1ca4b6db
cd182bd800a78f4608de9a0356e5b27a3bc531970170fc6d0e6361700bf0fbe1
cd6fed4b00a536ba037187ba9992aae134512613d068cc7a4b825e06236df929
cf1b81a974856222f48eddd28bc92335aaa4a4ea5fdfc2d69a19a0c800ad9206
d0ae6380338630d396b7056dfd1765e6e93b2c989adb782913ec2c7e8da8d02d
d2dcf6ba1772ce339375bceee314dba25055b1fef7df05588c63e6942c3bc2bc
d8a7d2e48e324d8dc37d42efa11527939cde7c5b041806a3e6bd29c8d8737bc9
da59739b1bc8dc744c031a13296bae914553ea598d21b2b65d4ed9d349e979f8
dde1f98bb4f18563190ecad46ca4e8e41682ee6d09e07154a0b52d9b9750d62c
e07273324aadaf8a93d5900f6373ce88110f28620656608e3a0a79ba0da25f17
e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798
e35173c514bad4a757b2c1d22dda6dd2d41d6a2e617fbba98f205ad8a1e3121d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b44a1a3dc406519d7ddfbb444ea819390d7ae526876611a5ce11320cb7249d
ede95015450e67145f9c0f47022d1e8986e08a450d61d860f148ca754f0244e4
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f64a0ce3d23693d4e823673291ee90225692525309a536dac452f793b1883213
f7a85b91d2085d849387353f12ecf693121a9ce8b90b48760ce060e35f6625d9
fa90e6cba9e9d701ef280f287f76143fb0aed1223c692fc0da4befa74860225d
fbb027398c2a1744b2537663ea1208f3288b4cae4aac65a5adcceaa2bbaf8ac2
fbf881b009aa0064fcb588a500230a0cac4ef00eaf417d6c6bd1fb36ef89f51b
fdb5c013534fe38c9ed3464f25570406849297e073c027b338a1ef92e8f31027