89.184.83.166 Open in urlscan Pro
89.184.83.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://89.184.83.166/
Submission: On January 05 via api (January 5th 2023, 5:49:45 am UTC) from TR — Scanned from DE

Summary HTTP 328 Redirects Links 60 Behaviour Indicators

Summary

This website contacted 52 IPs in 13 countries across 35 domains to perform 328 HTTP transactions. The main IP is 89.184.83.166, located in Ukraine and belongs to MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA. The main domain is 89.184.83.166.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 3rd 2021. Valid for: a year.

This is the only time 89.184.83.166 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
72	89.184.83.166 89.184.83.166	28907 (MIROHOST ...) (MIROHOST Web hosting)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a03:90c0:e1:... 2a03:90c0:e1:2801::254	199524 (GCORE) (GCORE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
36	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
4	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	108.138.17.83 108.138.17.83	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
15	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.147.7 18.66.147.7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:811::200d	15169 (GOOGLE) (GOOGLE)
1	18.66.15.25 18.66.15.25	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
17	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
6	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	34.248.24.189 34.248.24.189	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 8	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
3 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	54.93.225.243 54.93.225.243	16509 (AMAZON-02) (AMAZON-02)
2 2	52.209.54.253 52.209.54.253	16509 (AMAZON-02) (AMAZON-02)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
5	92.123.36.4 92.123.36.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
5	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	52.16.223.13 52.16.223.13	16509 (AMAZON-02) (AMAZON-02)
11	62.149.18.58 62.149.18.58	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	44.195.196.224 44.195.196.224	14618 (AMAZON-AES) (AMAZON-AES)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14dc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:400e:1b::a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
328	52

72 89.184.83.166 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: 1-ekonomika.ua

89.184.83.166	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:34fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:90c0:e1:2801::254 (Prague, Czech Republic)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-7.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-25.vie50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.24.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-24-189.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.93.225.243 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-225-243.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.54.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-253.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 92.123.36.4 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-4.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.16.223.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 62.149.18.58 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc53243-01.cc.colocall.com

content.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.196.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-196-224.compute-1.amazonaws.com

cdn.adm.admixer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:1b::a (Ireland)

ASN15169 (GOOGLE, US)

rr5---sn-5hnednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 24779 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 174755 inv-nets.admixer.net — Cisco Umbrella Rank: 3328 content.admixer.net — Cisco Umbrella Rank: 133360	500 KB
36	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	2 MB
20	gstatic.com fonts.gstatic.com www.gstatic.com ssl.gstatic.com	477 KB
18	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 393 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	161 KB
17	google.com apis.google.com — Cisco Umbrella Rank: 163 www.google.com — Cisco Umbrella Rank: 16 accounts.google.com — Cisco Umbrella Rank: 113 adservice.google.com — Cisco Umbrella Rank: 142	254 KB
10	pubmatic.com 5 redirects image8.pubmatic.com — Cisco Umbrella Rank: 933 image2.pubmatic.com — Cisco Umbrella Rank: 1316 image4.pubmatic.com — Cisco Umbrella Rank: 1480 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739	2 KB
8	googlesyndication.com 66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	42 KB
8	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856	8 KB
8	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 658 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452	2 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 323	61 KB
7	googlevideo.com rr5---sn-5hnednss.googlevideo.com — Cisco Umbrella Rank: 37361	3 MB
7	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 318	7 KB
5	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 818	15 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2287	3 KB
5	adform.net adx.adform.net — Cisco Umbrella Rank: 3427	2 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1583	2 KB
5	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6213 ghb1.adtelligent.com — Cisco Umbrella Rank: 8603 ghb2.adtelligent.com — Cisco Umbrella Rank: 11118	5 KB
5	piano.io api-esp-eu.piano.io — Cisco Umbrella Rank: 118519	16 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246	73 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	40 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 204	6 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 743	58 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1929	125 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 32320	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658 adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	42 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	204 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5399	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	112 KB
2	delo.ua 1 redirects delo.ua — Cisco Umbrella Rank: 759667	205 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	102 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 473	523 B
1	admixer.com cdn.adm.admixer.com — Cisco Umbrella Rank: 247662	915 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 80910	351 B
328	35

	Domain	Requested by
36	www.youtube.com	89.184.83.166 apis.google.com www.youtube.com
17	inv-nets.admixer.net	cdn.admixer.net 89.184.83.166
15	prebid-inv-eu.admixer.net	89.184.83.166 cdn.admixer.net
11	content.admixer.net	cdn.admixer.net 89.184.83.166
11	cdn.admixer.net	89.184.83.166 cdn.admixer.net prebid-inv-eu.admixer.net
8	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net
8	jnn-pa.googleapis.com	www.youtube.com
8	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
8	apis.google.com	89.184.83.166 apis.google.com www.youtube.com accounts.google.com
7	rr5---sn-5hnednss.googlevideo.com	www.youtube.com
7	ib.adnxs.com	89.184.83.166 cdn.admixer.net
6	ssl.gstatic.com	accounts.google.com 89.184.83.166
6	fonts.gstatic.com	www.youtube.com www.google.com
6	www.google.com	89.184.83.166 www.youtube.com www.gstatic.com tpc.googlesyndication.com
5	js-agent.newrelic.com	89.184.83.166
5	g2.gumgum.com	cdn.admixer.net
5	hbopenbid.pubmatic.com	cdn.admixer.net
5	bidder.criteo.com	cdn.admixer.net
5	adx.adform.net	cdn.admixer.net
5	a.teads.tv	cdn.admixer.net
5	prebid-eu.creativecdn.com	cdn.admixer.net
5	api-esp-eu.piano.io	89.184.83.166
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com api-esp-eu.piano.io 89.184.83.166
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	image8.pubmatic.com	3 redirects
3	creativecdn.com	1 redirects 89.184.83.166 cdn.admixer.net
3	yt3.ggpht.com	www.youtube.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.admixer.net static.criteo.net
2	code.createjs.com	cdn.admixer.net
2	ghb1.adtelligent.com	cdn.admixer.net
2	ghb.adtelligent.com	cdn.admixer.net
2	r.scoota.co	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	i.ytimg.com	www.youtube.com 89.184.83.166
2	static.doubleclick.net	www.youtube.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	accounts.google.com	apis.google.com 89.184.83.166
2	www.facebook.com	89.184.83.166
2	counter.yadro.ru	1 redirects 89.184.83.166
2	connect.facebook.net	89.184.83.166 connect.facebook.net
2	delo.ua	1 redirects 89.184.83.166
2	www.googletagmanager.com	89.184.83.166
1	mug.criteo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.adm.admixer.com	89.184.83.166
1	ghb2.adtelligent.com	cdn.admixer.net
1	m.trafmag.com	89.184.83.166
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	in.hotjar.com	script.hotjar.com
1	www.google.de	89.184.83.166
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
328	61

This site contains links to these domains. Also see Links.

Domain
old.delo.ua
energo.delo.ua
zza.old.delo.ua
www.facebook.com
twitter.com
www.instagram.com
bit.ly
www.youtube.com
delo.ua
www.i.ua

Subject Issuer	Validity	Valid
*.delo.ua Sectigo RSA Domain Validation Secure Server CA	`2021-09-03` - `2022-09-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
gumgum.com Amazon	`2022-09-06` - `2023-10-05`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
*.adm.admixer.com AlphaSSL CA - SHA256 - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-12-13` - `2023-02-21`	2 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://89.184.83.166/
Frame ID: 8EF30EB791F6F3D296EFE7B87AD55951
Requests: 223 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cj7swk3FTZw
Frame ID: B8CE1BE869E8844A02483F10FF208A10
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 04520FDE113B71FFF49B23C501979E9B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: C67AC7B681E45B1F84FA1CB6D402D678
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 6E20B76B5CECD0A8D71D4135E4BB83DF
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 0A0FBD9D69922B74D3A97AEA5594983E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 69D48227050616138A9529D0DBCB61ED
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
Frame ID: B941FB8218D6A17575FFC5EB34C4B280
Requests: 39 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=1tjhf64v6i46
Frame ID: 00646183952F80F9449CA2E31888B050
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 146AF9DE9AE48AD08FA6FA7659DAF913
Requests: 4 HTTP requests in this frame

Frame: https://code.createjs.com/1.0.0/createjs.min.js
Frame ID: F27B57168DE2830DE5AD1F2C3DFD6DCC
Requests: 4 HTTP requests in this frame

Frame: https://code.createjs.com/1.0.0/createjs.min.js
Frame ID: F9F63AFA626F37653E9E393234E65A5E
Requests: 8 HTTP requests in this frame

Frame: https://66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BE11E800BC25E8B2680591B99DA77B5A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA9B3AA750E6AF5EECADC8A5A16B12DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6DDFC8548659D0A3CE65F79BE9FEFD6D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=89.184.83.166
Frame ID: 0D2D8A6612FBA993F26D220B2C39A3A8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delo.ua — главный деловой портал Украины

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 30%
Detected patterns

xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

328
Requests

74 %
HTTPS

54 %
IPv6

35
Domains

61
Subdomains

52
IPs

13
Countries

9074 kB
Transfer

18629 kB
Size

45
Cookies

60 Outgoing links

These are links going to different origins than the main page.

URL: https://old.delo.ua/

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/top100/

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/
Title: Политика и экономика

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/finance/
Title: Финансы

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/world/
Title: В мире

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/politics/
Title: Политика

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/economy/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://old.delo.ua/econonomyandpoliticsinukraine/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/markets/
Title: Рынки

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/companies/
Title: Крупный бизнес

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/initiative/
Title: Устойчивое развитие

Search URL Search Domain Scan URL

URL: https://energo.delo.ua/
Title: Энциклопедия энергоэффективности

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/rates/
Title: Рейтинги

Search URL Search Domain Scan URL

URL: https://old.delo.ua/business/news-companies/
Title: Новости компаний

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/
Title: Вне офиса

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/learning/
Title: Образование и карьера

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/leisure/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/health/
Title: ЗОЖ

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/gadgets/
Title: Гаджеты

Search URL Search Domain Scan URL

URL: https://old.delo.ua/lifestyle/science/
Title: Наука

Search URL Search Domain Scan URL

URL: https://old.delo.ua/opinions/
Title: Мнения

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://zza.old.delo.ua/
Title: ZZA

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/bankopad/
Title: Как разворовывались банки

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/smartinvest/
Title: SMART INVESTMENTS

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/bez-smol-ta-nikotinu/
Title: Без смол та нікотину

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/30let/
Title: Преуспеть в 30

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/svoyedelo/
Title: Свое дело с Василием Хмельницким

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/recruitment-awards/
Title: Всеукраїнська премія рекрутингових кейсів Ukrainian Recruitment Awards

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/hrperezagruzka/
Title: HR Перезагрузка

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/sustainable-development/
Title: Лідери сталого розвитку

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/zemelnaja-reforma/
Title: Земельная реформа

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/industry4/
Title: Индустрия 4.0

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/investicii-na-vyrost/
Title: Инвестиции на вырост

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/new-business-reality/
Title: Переход в обновленную реальность

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/good-corporations/
Title: Корпорации добра

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/epicentr-podderzhki-biznesa/
Title: Эпицентр поддержки бизнеса

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/smallbusiness-vs-coronavirus/
Title: MCБ vs коронакризис: идеи в дело

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/5-7-9/
Title: 5,7,9%: Від знань до грошей

Search URL Search Domain Scan URL

URL: https://old.delo.ua/special/get-business-fest/
Title: Get Business Fest

Search URL Search Domain Scan URL

URL: https://old.delo.ua/photo/
Title: Фото

Search URL Search Domain Scan URL

URL: https://old.delo.ua/video/
Title: Видео

Search URL Search Domain Scan URL

URL: https://old.delo.ua/contacts/#form-team-bottom
Title: письмо в редакцию

Search URL Search Domain Scan URL

URL: https://old.delo.ua/contacts/
Title: наша команда

Search URL Search Domain Scan URL

URL: https://old.delo.ua/advertisment/
Title: отдел рекламы

Search URL Search Domain Scan URL

URL: https://www.facebook.com/delo.ua/

Search URL Search Domain Scan URL

URL: https://twitter.com/Delo_ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/delo.ua_official/

Search URL Search Domain Scan URL

URL: http://bit.ly/2S2JW4E

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCM1hAMz3CA03_xH6H4mD5sQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://delo.ua/business/rates/ceo/
Title: Рейтинг СЕО

Search URL Search Domain Scan URL

URL: https://delo.ua/special/smartinvest
Title: Smart Investments

Search URL Search Domain Scan URL

URL: https://delo.ua/special/30let
Title: Преуспеть в 30

Search URL Search Domain Scan URL

URL: https://delo.ua/special/bez-smol-ta-nikotinu/
Title: Без смол та нікотину

Search URL Search Domain Scan URL

URL: https://delo.ua/special/svoyedelo/
Title: Свое дело с Василием Хмельницким

Search URL Search Domain Scan URL

URL: https://delo.ua/special/industry4/
Title: Индустрия 4.0

Search URL Search Domain Scan URL

URL: https://old.delo.ua/privacy-policy/
Title: политика конфиденциальности

Search URL Search Domain Scan URL

URL: http://www.i.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5SmvR9wCgf4
Title: Online трансляція HR Wisdom Summit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://delo.ua/delo2017/js/counters/xgemius.js HTTP 301
https://delo.ua/delo2017/js/counters/xgemius.js/

Request Chain 62

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397 HTTP 302
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397

Request Chain 113

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 167

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 168

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEMxREYwOUEtM0ExOC00MERGLTlBMUUtMDMyOEYyOUE0Q0Mw&gdpr=0&gdpr_consent={consent} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEMxREYwOUEtM0ExOC00MERGLTlBMUUtMDMyOEYyOUE0Q0Mw&gdpr=0&gdpr_consent={consent}&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0

Request Chain 171

https://x.bidswitch.net/sync?ssp=admixer&user_id=1f0f3930522b4c9a95d0dc9c37fbc638&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=1f0f3930522b4c9a95d0dc9c37fbc638&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1f6dd126-2687-4b20-b0a3-8d89bbe1ea03&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=261bde76-7eed-4004-ab64-4fba2e756ecc&gdpr=&consent=&gdpr_pd=

Request Chain 225

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 326

https://gum.criteo.com/sid/json?origin=publishertag&domain=89.184.83.166&sn=ChromeSyncframe&so=0&topUrl=89.184.83.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kWVnw3x6dWZiY1VuRW1xRHR3aEF6WTZVYXZ0MGorQkVnY0orbW5QK1hxUGZJYU5ZYUFJRmxiTEFoOWtpTEFuMzRxYklaYUVOb0pxU0JTMUFIVzN6ZzRGSVgwclBlbVRnL29GMDlkVHlmTkpsUnkzNmNKRWhRdkdlZ0RHZUN4T25hNVozWXorM2hTMmN2aXRlbGdITWNzY01OaDlJR29la2VINE91b2w1eTlRdHFYWkxaaTQ1T1RDaFZ3ekpkMU9rUWZDd2d2bldDajgyeVBVUHYrRXJqODdiOHRuOGd4SHI1Q1ZBVFQ5QVdJTTZRRzNiTGpTSFdaa3Y4TmpFSzl5TnozSjRCS3JWNkMzTkNkNWVCV1JUenUzTEpvZz09fA&cppv=2

328 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
89.184.83.166/ 152 KB
37 KB 1186ms
836ms Document
text/html 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 / PHP/7.4.26
Resource Hash: e72c4becd6d86e95d8cd0cd4b17f7468a25f4b623c3c317384074d84a67a732f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 05 Jan 2023 05:49:36 GMT
Expires: Thu, 05 Jan 2023 05:49:35 GMT
Last-Modified: Thu, 05 Jan 2023 05:45:36 GMT
Pragma: no-cache
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.4.26
X-Robots-Tag: noindex, nofollow
X-no-cookie: /static/89.184.83.166/index.html
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

GET
H/1.1 200
OK delo_bootstrap.v21.js Show response
89.184.83.166/assets/js/ 16 KB
5 KB 51ms
51ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4043b430cdb3bfcb0b40d3833904230c7c2a471de20da0af50995fd1ed2168c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 04:21:24 GMT
Server: nginx/1.12.2
ETag: W/"6163bbc4-41d9"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 195ms
74ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5812255-8

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

436dc4c24e1dc17a12d17b352f3147392010a3f968540bc97987307a74369829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43612
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 158ms
47ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:49:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 199ms
75ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25f411f5160d0e8b79d3e138181a95ea53fe98290e5c122188024d88321a4f5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK delo_styles.v176.css
89.184.83.166/assets/css/ 594 KB
79 KB 119ms
67ms Stylesheet
text/css 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 25ad976d86fd6d5797433ffb7fe13ec462a8faa8553bc937a9b7d2117a88f4c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 12:47:30 GMT
Server: nginx/1.12.2
ETag: W/"60dc67e2-9494f"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK logo.svg
89.184.83.166/delo2017/img/delo-redis/ 4 KB
2 KB 407ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/logo.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ccc2cc65d021d9b0caf7b63114b583d0f88f030aa20993ac639606209a316d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-f51"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK menu-logo.png
89.184.83.166/delo2017/img/refrash/ 3 KB
4 KB 411ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/menu-logo.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ab28873c8e8d1c2243a8b503355f7dec5849c4c7eea5d7d8f5344444324e2c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-ca4"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3236
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK _picturesmart-investments45_46_s1.png
89.184.83.166/files/delo_promo_links/images/0/46/ 4 KB
4 KB 451ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/46/_picturesmart-investments45_46_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c01213743d506882073f6d37facbb3613ed04adc8f4d03119e7cec7cae2fcdb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 05 Nov 2021 11:25:47 GMT
Server: nginx/1.12.2
ETag: "618514bb-e92"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3730
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_smart-investments_45_s1.png
89.184.83.166/files/delo_promo_links/images/0/45/ 3 KB
4 KB 455ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/45/picture_smart-investments_45_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c9fd93c387faf51b4dba5a4ad0a6ea830d25e6684543e09a4b6b23a6b12c207b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Thu, 21 Oct 2021 07:48:33 GMT
Server: nginx/1.12.2
ETag: "61711b51-ce9"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3305
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK _picturebez-smol-ta-nikotinu43_44_s1.png
89.184.83.166/files/delo_promo_links/images/0/44/ 3 KB
3 KB 272ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/44/_picturebez-smol-ta-nikotinu43_44_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: af16335bf6b483d1af48346fc533aaac9c13d409bcb0c0947b82ac89b577aa7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Thu, 19 Aug 2021 13:37:42 GMT
Server: nginx/1.12.2
ETag: "611e5ea6-a31"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2609
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_bez-smol-ta-nikotinu_43_s1.png
89.184.83.166/files/delo_promo_links/images/0/43/ 5 KB
5 KB 294ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/43/picture_bez-smol-ta-nikotinu_43_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 1b742e99f7879210cdba49ceb11018f3c3b36b35386cf1dc3b2ef479895815da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 25 Aug 2021 07:07:36 GMT
Server: nginx/1.12.2
ETag: "6125ec38-1214"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4628
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK _picturerecruitment-awards41_42_s1.png
89.184.83.166/files/delo_promo_links/images/0/42/ 5 KB
5 KB 241ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/42/_picturerecruitment-awards41_42_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: cc90ed8bed736bf0d285780c0e7ac790b255911e11d1bb711c0e73400c13bf8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 28 Jul 2021 19:27:25 GMT
Server: nginx/1.12.2
ETag: "6101af9d-1333"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4915
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_industrija-4.0_33_s1.png
89.184.83.166/files/delo_promo_links/images/0/33/ 3 KB
3 KB 290ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/33/picture_industrija-4.0_33_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fa60314eac1ac8b1b6a156834a67af2f674d760ad8b36348e379e627dcf62c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 24 Mar 2021 07:44:45 GMT
Server: nginx/1.12.2
ETag: "605aeded-c18"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3096
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_ja-protiv-dostrai_388633_s40.jpg
89.184.83.166/files/news/images/3886/33/ 15 KB
15 KB 245ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/33/picture2_ja-protiv-dostrai_388633_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0a78cdfd041c9a17fc239c0e6babb558fba53cfaa95700b2318c8a3ac8f7e698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 15 Nov 2021 19:57:48 GMT
Server: nginx/1.12.2
ETag: "6192bbbc-3bbe"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 15294
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_vakcinirovannym-u_388641_s40.png
89.184.83.166/files/news/images/3886/41/ 141 KB
142 KB 276ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/41/picture2_vakcinirovannym-u_388641_s40.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4bedf8e2051759eafef8a4c64805d0c66798f02feb371b67b7d310b12f81c83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 15 Nov 2021 19:05:59 GMT
Server: nginx/1.12.2
ETag: "6192af97-235d3"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 144851
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_c0e40673ca88989fd_1135202_s4.png
89.184.83.166/files/users/images/11352/2/ 70 KB
70 KB 321ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/2/picture_c0e40673ca88989fd_1135202_s4.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 54a60ee7cc9aaf064dae78a7c5d8a1261f6d544f903cb22c6eed904721ff4cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Thu, 11 Nov 2021 17:35:18 GMT
Server: nginx/1.12.2
ETag: "618d5456-117b4"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 71604
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_f5c7c26cb68e7cfff_1135138_s4.jpg
89.184.83.166/files/users/images/11351/38/ 11 KB
11 KB 268ms
47ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/38/picture_f5c7c26cb68e7cfff_1135138_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 9cdde54f5bb000acacaae3c958ece52fc805ebaa56ebb07aac43f20dc2c54898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 19 Jul 2021 13:24:24 GMT
Server: nginx/1.12.2
ETag: "60f57d08-2a22"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10786
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_v-kieve-otkrylsja_388601_s10.jpg
89.184.83.166/files/news/images/3886/1/ 18 KB
19 KB 282ms
96ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/1/picture2_v-kieve-otkrylsja_388601_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: bd9d8c90d126d68422214ec080c47336499601756c5dec6a20b8fd08c0060990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 15 Nov 2021 09:27:25 GMT
Server: nginx/1.12.2
ETag: "619227fd-4943"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18755
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_koronavirus-v-ukr_366141_s10.png
89.184.83.166/files/news/images/3661/41/ 135 KB
135 KB 317ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3661/41/picture2_koronavirus-v-ukr_366141_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 973fdb9bac39a0ab7b0e9dec0f7f32f4603a5786a265f7e9e167ec4e56dda947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 15 Nov 2021 17:17:14 GMT
Server: nginx/1.12.2
ETag: "6192961a-21ac3"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 137923
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_ne-kreditom-jedin_388350_s40.jpg
89.184.83.166/files/news/images/3883/50/ 22 KB
22 KB 332ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3883/50/picture2_ne-kreditom-jedin_388350_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c57e393f5d657a93422b59bbd2a261f438262e225ec3a8fb7dd26da598ed7584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 15 Nov 2021 07:47:51 GMT
Server: nginx/1.12.2
ETag: "619210a7-577e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 22398
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_prizyvy-ne-vakcin_388577_s10.jpg
89.184.83.166/files/news/images/3885/77/ 17 KB
17 KB 51ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/77/picture2_prizyvy-ne-vakcin_388577_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: a5769bd2f91e1cb153da6a96c75d536be28d157a6d62c56ecae5c06fa0135366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Sun, 14 Nov 2021 16:55:32 GMT
Server: nginx/1.12.2
ETag: "61913f84-4310"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 17168
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_cifrovoe-ozero.-z_388521_s40.jpg
89.184.83.166/files/news/images/3885/21/ 29 KB
29 KB 50ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/21/picture2_cifrovoe-ozero.-z_388521_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 57c9dd73905368e6de71c6750472d111ee224d0b293d16192236a2729f51d865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 12 Nov 2021 16:10:52 GMT
Server: nginx/1.12.2
ETag: "618e920c-736d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 29549
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_zachem-kabmin-soz_388533_s10.jpg
89.184.83.166/files/news/images/3885/33/ 17 KB
18 KB 51ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/33/picture2_zachem-kabmin-soz_388533_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4f150f75e5e901aa4761c94916ec09efd6195bc67c275314ef10fb40f89bc7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 12 Nov 2021 21:18:52 GMT
Server: nginx/1.12.2
ETag: "618eda3c-4525"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 17701
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_torgi-za-elektron_388545_s10.jpg
89.184.83.166/files/news/images/3885/45/ 14 KB
15 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/45/picture2_torgi-za-elektron_388545_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 26f4fa38bb374ed737f85001726a9e16aa2646a6bd4ba58dab157c0d0277b0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 12 Nov 2021 16:38:21 GMT
Server: nginx/1.12.2
ETag: "618e987d-39fc"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 14844
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_privlekatelnyj-kv_388468_s10.png
89.184.83.166/files/news/images/3884/68/ 129 KB
129 KB 49ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/68/picture2_privlekatelnyj-kv_388468_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b19a1e5b97b156a53ef43758ebc61cc4a3ea97c49649225633f991a895e1f838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 12 Nov 2021 07:59:13 GMT
Server: nginx/1.12.2
ETag: "618e1ed1-20306"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 131846
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture_c235624d331e36b2a_1135201_s4.jpg
89.184.83.166/files/users/images/11352/1/ 19 KB
19 KB 53ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/1/picture_c235624d331e36b2a_1135201_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fd4fe5bc4ecdc8918f367345e22fa3a191ea0536e0faf1b73bf3c8fa4aaec96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Thu, 11 Nov 2021 14:40:21 GMT
Server: nginx/1.12.2
ETag: "618d2b55-4a7e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 19070
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_sejchas-stradajut_388451_s10.png
89.184.83.166/files/news/images/3884/51/ 121 KB
121 KB 50ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/51/picture2_sejchas-stradajut_388451_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f693c430b149d1dd86d8e293cb2b4652eceff0397b2bda6dcc086c873b6affd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Thu, 11 Nov 2021 12:04:29 GMT
Server: nginx/1.12.2
ETag: "618d06cd-1e210"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 123408
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_vo-mnogih-ukrains_388193_s10.png
89.184.83.166/files/news/images/3881/93/ 145 KB
146 KB 53ms
53ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/93/picture2_vo-mnogih-ukrains_388193_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d16867bf82af6c40d1cee5465db20c707aec50aac2fbddbe74015c43cc79cfa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 10 Nov 2021 16:26:11 GMT
Server: nginx/1.12.2
ETag: "618bf2a3-24546"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 148806
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_jak-rozvivati-biz_388416_s10.jpg
89.184.83.166/files/news/images/3884/16/ 21 KB
22 KB 56ms
56ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/16/picture2_jak-rozvivati-biz_388416_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4fac05547f67b240219ad2a04113a090141704abd68631c6ef29669ce9851d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Fri, 12 Nov 2021 11:12:50 GMT
Server: nginx/1.12.2
ETag: "618e4c32-5465"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 21605
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_buhuchet-po-cene-_388356_s10.jpg
89.184.83.166/files/news/images/3883/56/ 16 KB
16 KB 52ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3883/56/picture2_buhuchet-po-cene-_388356_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: eb55690d241b2e8e0ecc7440456d20291e51c8a98920cd45880e406f48edb0a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Tue, 09 Nov 2021 18:17:49 GMT
Server: nginx/1.12.2
ETag: "618abb4d-3faf"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 16303
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_ujti-ot-gaza-bizn_388224_s10.png
89.184.83.166/files/news/images/3882/24/ 123 KB
123 KB 52ms
52ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/24/picture2_ujti-ot-gaza-bizn_388224_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 100b510c8f04622669c04d979d7d3d3f5f23a2ab506feb5a66a421c6901e8bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Tue, 09 Nov 2021 08:13:35 GMT
Server: nginx/1.12.2
ETag: "618a2daf-1ec07"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 125959
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_bolshaja-ploschad_388062_s10.jpg
89.184.83.166/files/news/images/3880/62/ 20 KB
20 KB 52ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3880/62/picture2_bolshaja-ploschad_388062_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fb549f61771d0a49e89d1cabb8aad1e235d7de55df6d2f18d3c40688c8eea44e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Tue, 09 Nov 2021 07:27:46 GMT
Server: nginx/1.12.2
ETag: "618a22f2-5043"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 20547
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_pochemu-robot-ubo_388197_s10.jpg
89.184.83.166/files/news/images/3881/97/ 26 KB
27 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/97/picture2_pochemu-robot-ubo_388197_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 51abcbf7f761a0bd7a496a721524975c973dfd86d293fbec44da8ebdd0c70f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 10 Nov 2021 09:23:27 GMT
Server: nginx/1.12.2
ETag: "618b8f8f-697e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 27006
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_mdjaimjujaluoafzh_388220_s10.png
89.184.83.166/files/news/images/3882/20/ 165 KB
165 KB 51ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/20/picture2_mdjaimjujaluoafzh_388220_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2376fbd5427f7255c8e164ee17651a11a14e56901ce0500856fcf7dc51a109e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Wed, 10 Nov 2021 09:23:57 GMT
Server: nginx/1.12.2
ETag: "618b8fad-29263"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 168547
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK picture2_kesh-ribejty-v-uk_388228_s10.png
89.184.83.166/files/news/images/3882/28/ 99 KB
99 KB 53ms
52ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/28/picture2_kesh-ribejty-v-uk_388228_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b8200ae953d63e0faedabd480c68facb4518654e6d3af037a08a77925012a271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Sun, 07 Nov 2021 19:45:08 GMT
Server: nginx/1.12.2
ETag: "61882cc4-18bcc"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 101324
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_simuljacija-produ_388138_s10.jpg
89.184.83.166/files/news/images/3881/38/ 13 KB
13 KB 53ms
53ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/38/picture2_simuljacija-produ_388138_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0d7e8ffd0347d3ec8fe14ec510b892288fadfd08038bf2fa5c8d448b8bab27bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Fri, 12 Nov 2021 14:53:48 GMT
Server: nginx/1.12.2
ETag: "618e7ffc-3408"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 13320
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_gosudarstvennye-i_388154_s10.png
89.184.83.166/files/news/images/3881/54/ 104 KB
105 KB 52ms
52ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/54/picture2_gosudarstvennye-i_388154_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d94f1b6f2b7eabad7de5adb186aeb0573d07a7d79e8d99b6e5fbf254011b9850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Fri, 05 Nov 2021 10:55:36 GMT
Server: nginx/1.12.2
ETag: "61850da8-1a0b0"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 106672
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_v-ukrainu-idut-ko_388645_s10.jpg
89.184.83.166/files/news/images/3886/45/ 21 KB
21 KB 50ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/45/picture2_v-ukrainu-idut-ko_388645_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0176d4b7efa07e00f0111aed2eba384aaffae02bd4b4b14f24e81c7816fa8847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 20:57:45 GMT
Server: nginx/1.12.2
ETag: "6192c9c9-52ab"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 21163
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_naftogaz-dopustil_388643_s10.jpg
89.184.83.166/files/news/images/3886/43/ 18 KB
18 KB 49ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/43/picture2_naftogaz-dopustil_388643_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4c154f99fe5dad7a87e5b35d2af00d2be584e50a881a0d59981c2310f0dbe78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 19:28:39 GMT
Server: nginx/1.12.2
ETag: "6192b4e7-466e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18030
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_v-krasnuju-zonu-p_388638_s10.png
89.184.83.166/files/news/images/3886/38/ 144 KB
144 KB 49ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/38/picture2_v-krasnuju-zonu-p_388638_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2153512e5fa3ec1253db2a15547681b17f9134466b8faeb1ef3e793213fad97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 17:11:08 GMT
Server: nginx/1.12.2
ETag: "619294ac-23e57"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 147031
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_partiju-sluga-nar_388636_s10.jpg
89.184.83.166/files/news/images/3886/36/ 11 KB
11 KB 54ms
54ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/36/picture2_partiju-sluga-nar_388636_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4c57f62a304f9d10babab4b8d3ebc274b5c3dacdedcbb5e19bc92ad6b52162a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 16:52:29 GMT
Server: nginx/1.12.2
ETag: "6192904d-2a06"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10758
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_microsoft-zabloki_388635_s10.jpg
89.184.83.166/files/news/images/3886/35/ 12 KB
12 KB 51ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/35/picture2_microsoft-zabloki_388635_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 67c7e0bf05da7b24d79b355de597384ba320fb3f7ae2dca0d2552e63908d22e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 16:17:27 GMT
Server: nginx/1.12.2
ETag: "61928817-2e82"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 11906
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_rossija-namerena-_388634_s10.jpg
89.184.83.166/files/news/images/3886/34/ 11 KB
12 KB 49ms
48ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/34/picture2_rossija-namerena-_388634_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 963eb58029e69121c912be7093ad23b8ade26a80d67ab09e87ce8bb714cba08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 16:20:33 GMT
Server: nginx/1.12.2
ETag: "619288d1-2d6d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 11629
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_minekonomiki-sniz_388632_s10.jpg
89.184.83.166/files/news/images/3886/32/ 16 KB
16 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/32/picture2_minekonomiki-sniz_388632_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ae8466dd4772a3ee4fd5ebe687958432611c40f33a4ac8670c3709ad12ea420c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 15:47:41 GMT
Server: nginx/1.12.2
ETag: "6192811d-4002"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 16386
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_vladelec-kernel-v_388631_s10.jpg
89.184.83.166/files/news/images/3886/31/ 12 KB
12 KB 51ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/31/picture2_vladelec-kernel-v_388631_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0e0c7a0dbd3427a6c99e5887329a0d3f4e168b30bbf1477af211a6933c453f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 15:43:31 GMT
Server: nginx/1.12.2
ETag: "61928023-2fe5"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 12261
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_v-ukrainu-idut-mo_388630_s10.jpg
89.184.83.166/files/news/images/3886/30/ 19 KB
20 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/30/picture2_v-ukrainu-idut-mo_388630_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ec4c1586b53ff9b581e654c5f390df522c6077689d46922638070c25efcde88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 15:36:17 GMT
Server: nginx/1.12.2
ETag: "61927e71-4da3"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 19875
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture2_predskazavshij-kr_388629_s10.jpg
89.184.83.166/files/news/images/3886/29/ 18 KB
18 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/29/picture2_predskazavshij-kr_388629_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f8e9e0f2bfdb93775d1370b2a7df4df165b460a626c9be55ba3c1d97295ab48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 15 Nov 2021 15:12:29 GMT
Server: nginx/1.12.2
ETag: "619278dd-477d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18301
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture_9a145d9c7a7de67dc_1135200_s4.jpg
89.184.83.166/files/users/images/11352/0/ 9 KB
10 KB 48ms
48ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/0/picture_9a145d9c7a7de67dc_1135200_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 28f05c94d67836beac03027bea2f48d141611b085e12e18088a67e3cfdeef7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Thu, 11 Nov 2021 08:48:26 GMT
Server: nginx/1.12.2
ETag: "618cd8da-246b"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 9323
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture_5a457c03d2c1dee5c_1135199_s4.jpg
89.184.83.166/files/users/images/11351/99/ 14 KB
14 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/99/picture_5a457c03d2c1dee5c_1135199_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: cecf378a0bb6355c852eb2cfe5b23159f61c914f79abe7ee09422ce41fe37cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Wed, 10 Nov 2021 16:12:19 GMT
Server: nginx/1.12.2
ETag: "618bef63-37a1"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 14241
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK picture_5eeab8ea6a99ffad4_1135198_s4.jpg
89.184.83.166/files/users/images/11351/98/ 10 KB
10 KB 51ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/98/picture_5eeab8ea6a99ffad4_1135198_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c42d49ff0f64cf93690bd1c1b07e7cddbb1ae86c3e3a4328c12e2932d89a08b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Wed, 10 Nov 2021 15:11:23 GMT
Server: nginx/1.12.2
ETag: "618be11b-27db"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10203
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK loading.svg
89.184.83.166/delo/img/ 2 KB
1 KB 49ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo/img/loading.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b17d9c5b043c2813aeeb64c3cf08b318ebab7a1894aa4a77538d2a3c7c4dde46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-9ef"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK logo-fotter.png
89.184.83.166/delo2017/img/refrash/ 4 KB
4 KB 50ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/logo-fotter.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: a3d21d5a0d84e6a6cdca677e5541eb7345b0181b96dcb0a4b020b013c6797a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-f72"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3954
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2

404

/
delo.ua/delo2017/js/counters/xgemius.js/
Redirect Chain

https://delo.ua/delo2017/js/counters/xgemius.js
https://delo.ua/delo2017/js/counters/xgemius.js/

0
0

119ms
119ms

Script
text/html

2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delo.ua/delo2017/js/counters/xgemius.js/
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Server: 2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date: Thu, 05 Jan 2023 05:49:36 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
server: cloudflare
age: 772
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://delo.ua/delo2017/js/counters/xgemius.js/
cache-control: max-age=14400
cf-ray: 7849ee7e9a2d9191-FRA

GET
H/1.1 200
OK ru.lang.v1591010330.js Show response
89.184.83.166/frontend/languages/ 9 KB
4 KB 51ms
50ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/frontend/languages/ru.lang.v1591010330.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f972e4acfe8115daf147547986bf67bd74830e4e1b3c43eb94300d9a327adf14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:50 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e41a-2521"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK delo_app.v92.js Show response
89.184.83.166/assets/js/ 569 KB
165 KB 115ms
105ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/js/delo_app.v92.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ebcc03a80c0f2482958b713ef14fe9bc76a100ce4e92469607806788bdd4b826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 15:32:06 GMT
Server: nginx/1.12.2
ETag: W/"615f12f6-8e237"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 132ms
17ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:42 GMT
server: nginx
etag: W/"6375fd62-2c101"
x-cached-since: 2023-01-05T05:43:00+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 17 Nov 2022 09:34:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
59 KB 77ms
75ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSST3NJ

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a63df3e6b20707c620c5688caf54a5fb947510d0b47a51eccd83147a5463294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60130
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 05:49:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 3KTglhiR5t2yxALgmXedbL14StxbRH93YxqoUn+dN9gbbBPRJEZIMkgXu9siB59DdNqKqxhYpDVUKWZFx1t+7w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK top100_2019.png
89.184.83.166/delo2017/img/delo-redis/ 7 KB
8 KB 190ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/top100_2019.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 472c294a89dcde758b37b51698a4cc2f5717b949934665dae2b5c5d6a2ac6c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-1d83"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 7555
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK GothamProNarrow-Medium.ttf
89.184.83.166/delo2017/fonts/GothamProNarrowMedium/ 39 KB
40 KB 97ms
56ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProNarrowMedium/GothamProNarrow-Medium.ttf
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 1d3b5e2512f23c40d71d0c08ee189866d38c753056ec140fbc5cb1a3a8b373b7

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-9de8"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 40424
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK GothamProRegular.woff
89.184.83.166/delo2017/fonts/GothamProRegular/ 23 KB
23 KB 180ms
93ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProRegular/GothamProRegular.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 70e7ea50d23c538692bbd47bcf1f82d46a4f532f14b2c87aab660eeb4f8485e9

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-5a34"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 23092
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H2 200 cj7swk3FTZw Show response
www.youtube.com/embed/ Frame B8CE 67 KB
28 KB 184ms
93ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cj7swk3FTZw

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2520bf797d1db8e297c339d6a9db4543245613479f02113ed89462340932a24a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397

104 B
590 B

41ms
41ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 104
Expires: Tue, 04 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.5459434738767397
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 04 Jan 2022 21:00:00 GMT

GET
H/1.1 200
OK search.svg
89.184.83.166/delo2017/img/delo-redis/ 413 B
750 B 175ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/search.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 8fbf0cb4fbf892c6adced48d299ad8715fffe44854652445614a69f65953a1e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-19d"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK menu.svg
89.184.83.166/delo2017/img/delo-redis/ 273 B
653 B 173ms
47ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/menu.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b501e04314f4ed8fc971a52a17fc9bab9339de9b9a4f61e82c83fc721e52f371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-111"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK close-white-bold.svg
89.184.83.166/delo2017/img/delo-redis/ 370 B
715 B 185ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/close-white-bold.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 5a00c549909c3e4186f0525545b2f4754c134d57dcf89ea1d94de034dcdc4824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-172"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK youtube.svg
89.184.83.166/delo2017/img/delo-redis/ 748 B
982 B 226ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/youtube.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fa34aadc5bfd96f4a10d635898302472a62a115932326ff26d86d378a5ea4f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-2ec"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK telegram.svg
89.184.83.166/delo2017/img/delo-redis/ 756 B
971 B 224ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/telegram.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2c0a749efc0b4d387c753b776ade50fc9b525a6536946b25c1e00b3df9a7e1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-2f4"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK fb.svg
89.184.83.166/delo2017/img/delo-redis/ 369 B
771 B 220ms
47ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/fb.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ba2762cb9490cb7ab39632c895e7f76138e68300b42d1da8d5af681bcc30ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-171"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK tw.svg
89.184.83.166/delo2017/img/delo-redis/ 1 KB
1 KB 195ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/tw.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ed11e5b02ae470c530cc6c5cac37df11eb257f15a1e18686f6ec74d94a11ce64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-47f"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK instagram.svg
89.184.83.166/delo2017/img/delo-redis/ 2 KB
2 KB 144ms
50ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/instagram.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 32b70ab5fc48590df0a00789276a79331f0c3eef1ebca7b0e518d3dd63dab541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-935"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK innerHamburger.svg
89.184.83.166/delo2017/img/newDelo/svg/ 285 B
666 B 193ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/newDelo/svg/innerHamburger.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c1981fa3cfaed9f5221d75fd22e51a28023bddc837134260e85b3197e6f2e107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-11d"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK all-news-icon.png
89.184.83.166/delo2017/img/refrash/ 1 KB
1 KB 47ms
47ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/all-news-icon.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 803fe9f27b76a391e1f762d984b1fb2a88a39082660856eb8a3f7be0a09e32ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-417"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1047
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H/1.1 200
OK GothamProMedium.woff
89.184.83.166/delo2017/fonts/GothamProMedium/ 24 KB
25 KB 162ms
94ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProMedium/GothamProMedium.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d3bb6c505b9bc95c4a8e55608f679d0589fb9b54455e23adbdd2d5a7224ff6b7

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-6190"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 24976
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK icomoon.ttf
89.184.83.166/delo2017/fonts/ 4 KB
4 KB 116ms
49ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/icomoon.ttf?7cozra
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: e1e3bb3543e3be16e086a3b447c61cf01dd160aad6b5466b93b0891fd5836a4a

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-f8c"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3980
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK icomoon.ttf
89.184.83.166/delo2017/fonts/icomoon2/ 3 KB
4 KB 119ms
50ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/icomoon2/icomoon.ttf?rp50vy
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 12acdb8a2ac7ff6298b619c644f819df8166c16735d3ebaa17a57f649222f5d5

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-df0"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3568
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK GothamProBold.woff
89.184.83.166/delo2017/fonts/GothamProBold/ 23 KB
23 KB 126ms
49ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProBold/GothamProBold.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2fb79490e7b334bd4aae1679ec8ca15d1e080b5231346364e8e1700ed05da262

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-5b14"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 23316
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H/1.1 200
OK GothamProLight.woff
89.184.83.166/delo2017/fonts/GothamProLight/ 24 KB
25 KB 210ms
95ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProLight/GothamProLight.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 6aba63345a774be90643ddd2fa76dcc3116bb2e1aa6fcb5c72b925420da4fd68

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:36 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-6114"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 24852
Expires: Thu, 05 Jan 2023 05:49:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 164ms
47ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5812255-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:27:17 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4939
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 06:27:17 GMT

GET
H2 200 1684515781783344 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1684515781783344?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bf74a31f35205a47f522a290b6f01506d965aff111d588195a4ca3b54d6d81f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 05:49:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86144
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: BwDde/C8QelnSXVkdwWob0DJbAWrEHpzFOyMLVpihr2vRPxEaoQ1N9frg5A2W+rleCi0fueNXOxKPRfpqYhIAA==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 27ms
9ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1684515781783344&ev=PageView&dl=https%3A%2F%2F89.184.83.166%2F&rl=&if=false&ts=1672897776559&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.3.1672897776557.2059705114&it=1672897776506&coo=false&rqm=GET

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 05:49:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 hotjar-1232730.js Show response
static.hotjar.com/c/ 8 KB
4 KB 133ms
38ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSST3NJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-83.fra56.r.cloudfront.net

Software

Resource Hash

daa7d0b90d724263a545337797cdc60ed4fed5bf2b024dfc008fd7b52ef8201e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:49:36 GMT
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
etag: W/8a3401c5bbb97719660294df9c2d6116
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: r_h4PTyJdnriHcxc2ljE22h0D2dOFwjREIEPMB5GI8oyGRHJSK3Jyw==

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 123 KB
43 KB 121ms
42ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1672332b758b4ed6959d0309e08582342550f015c3f5116121d9fadfa4af96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 19:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43589
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 19:13:23 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 121 KB
41 KB 115ms
38ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03c0c8de96c5509603e802b8f9ac8825d0fc79b7f6a39139d10164420fa7d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 19:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42323
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 19:13:23 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 0452 2 KB
839 B 152ms
78ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63105cfc405a18ce4b621c77a41da39189f82d19a63f353b329d59153bcab581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 05 Jan 2023 05:49:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame B8CE 360 KB
49 KB 66ms
37ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame B8CE 339 KB
107 KB 65ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B8CE 2 MB
597 KB 107ms
79ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611344
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:44 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame B8CE 9 KB
3 KB 121ms
93ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120309
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H2 200 sdk.js Show response
api-esp-eu.piano.io/public/sdk/v04/ 43 KB
14 KB 48ms
22ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:36 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 513501
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 03 Dec 2022 08:35:00 GMT
server: cloudflare
etag: W/"1bbec-184d71fdd40"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu-v2.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 7849ee806d78913a-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 05 Jan 2024 05:49:36 GMT

GET
H/1.1 200
OK close-all-news.png
89.184.83.166/delo2017/img/ 1 KB
2 KB 49ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/close-all-news.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f886ad4d62165edfc981c99b190fe5b789c3e7293ad561523bd59320c89e406c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-521"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1313
Expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/51428/ Frame C67A 738 B
450 B 17ms
14ms Document
text/html 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 05 Jan 2023 05:49:36 GMT
etag: W/"6375fd72-2e2"
expires: Sat, 18 Nov 2023 09:24:09 GMT
last-modified: Thu, 17 Nov 2022 09:22:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-11-17T09:24:09+00:00
x-id: cec-up-gc12

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/51428/ 23 KB
9 KB 17ms
13ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:56 GMT
server: nginx
etag: W/"6375fd70-5d41"
vary: Accept-Encoding
x-cached-since: 2022-11-17T09:24:09+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 18 Nov 2023 09:24:09 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/51428/ 75 KB
20 KB 19ms
16ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:36 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:47 GMT
server: nginx
etag: W/"6375fd67-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-17T09:24:09+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 18 Nov 2023 09:24:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B8CE 15 KB
16 KB 168ms
46ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 505718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 09:20:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B8CE 15 KB
15 KB 180ms
58ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 545675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 22:15:01 GMT

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 646ms
198ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 83ea1fa1b65bf233ef269b9598ba28e3f56d991f31db434988653d116e190f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 646ms
198ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=41f0c8ad-aa36-494a-bfb5-7e06fe8248de
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4c26b502a3db718f3c45367c8febc04f9412cc0569298365d65e414149de385a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 653ms
205ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=586cecde-ba4a-45a6-8286-e2895def8b07
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 2fa9862c6fb53980cbf8714ac896d0d9c3186448a31f26c9888bafa2c1a5e64f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 653ms
205ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=8dfc6dda-9699-42b7-8fcd-5dd7987df939
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: c653c51e42bcf5133bcc59f3e19fe8680a31cceb5334e7ce9bcb41fce8941846

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 651ms
204ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=7a370b14-2698-4686-84e2-8588003f5544
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: f6179a031eac9933de3ced950ec0f73fac889c2d241594d11536b52be4ba823c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3 200 iframe_api Show response
www.youtube.com/ 992 B
517 B 65ms
65ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 05 Jan 2023 05:49:36 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 22:27:42 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 0452 38 KB
6 KB 40ms
38ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 10:36:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 587573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Dec 2023 10:36:43 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 0452 252 KB
72 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316011
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 01 Jan 2024 14:02:45 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 163ms
67ms XHR
text/plain 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2114308469&t=pageview&_s=1&dl=https%3A%2F%2F89.184.83.166%2F&ul=en-us&de=UTF-8&dt=Delo.ua%20%E2%80%94%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1364299731&gjid=1618180510&cid=222992302.1672897777&tid=UA-5812255-8&_gid=1215432409.1672897777&_r=1&gtm=2oubu0&z=465506286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 41ms
8ms Script
application/javascript 18.66.147.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-7.fra60.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 1201352
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 9H-1HJTDT3CnMgsh8QDl1FTdSUk5BAase9KvThyz6g-Q8P18B4QyNQ==

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 6E20 566 B
903 B 302ms
49ms Document
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e24842a4c4db1ce543132b9f0b7c9cc1ffdb2af4710ca41a0f1714b3e4b00ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zkYXPwy_mh64ttuhnPHcbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zkYXPwy_mh64ttuhnPHcbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport require-trusted-types-for 'script';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 05:49:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 118 Show response
api-esp-eu.piano.io/publisher/fusion/lucid/data/ 472 B
843 B 56ms
37ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/118?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd1ffd56a4df39cf99b4c36a1ff6d2db89b2bdf43d550f695727e30f27e9fe3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"1d8-gBJPPhwnrzOftaJsS0JszMzrCrM"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7849ee8408f79130-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame 0A0F 2 KB
1 KB 77ms
18ms Document
text/html 18.66.15.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-25.vie50.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3688771
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
x-amz-cf-id: UL2SCs4fe4fVJRGv2IxdNmwdwINuSyQBycRPKVeQOu5h6gJEzcX_nQ==
x-amz-cf-pop: VIE50-P1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 0452 156 B
179 B 36ms
36ms Image
image/png 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 11:08:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 153688
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 11:08:09 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ 184 KB
62 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:46:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62997
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 04:46:41 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 91ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5812255-8&cid=222992302.1672897777&jid=1364299731&gjid=1618180510&_gid=1215432409.1672897777&_u=YEBAAUAAAAAAACAAI~&z=365952330

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B8CE
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

127ms
53ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98321cea175076f435a7998b257eb597a12f5ffb27d4aa9415839131d78fa7c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B8CE 29 B
588 B 139ms
40ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:43:52 GMT
x-content-type-options: nosniff
age: 345
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 05:58:52 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 0452 126 KB
42 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 13:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 13:38:15 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 69D4 0
18 B 21ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://89.184.83.166
Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://89.184.83.166
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H3 200 118
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame 0
0 216ms
30ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/118?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://89.184.83.166
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7849ee83bca32c55-FRA
date: Thu, 05 Jan 2023 05:49:37 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 186ms
68ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 05:49:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B8CE 66 KB
30 KB 172ms
77ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5529ea89311e24bd89c75ddb0da152f0e0b6da0807d58ea026987b269bc7e59b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31068
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B8CE 119 KB
36 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37321
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:48 GMT

GET
H3 200 G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js Show response
www.google.com/js/th/ Frame B8CE 36 KB
14 KB 149ms
49ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 05:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 05:56:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B8CE 26 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:48 GMT

GET
DATA 200
OK truncated
/ Frame B8CE 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B8CE 2 KB
2 KB 173ms
54ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:06 GMT
x-content-type-options: nosniff
age: 1411
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1747
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 04:10:39 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/cj7swk3FTZw/ Frame B8CE 34 KB
35 KB 126ms
39ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/cj7swk3FTZw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3fc33f1b59e6a46497652cf9b1b9c4935046702f204da30a9bc9859ff43d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:16 GMT
x-content-type-options: nosniff
age: 3741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35256
x-xss-protection: 0
server: sffe
etag: "1635674323"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 06:47:16 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B8CE 10 KB
10 KB 146ms
50ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 09:12:28 GMT
x-content-type-options: nosniff
age: 592629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 09:12:28 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 7 KB
3 KB 609ms
197ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=8783738359283437&cpv=36b84a04-624f-a3df-3a74-9add41ad8a33&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2228a71ea6-9009-a9f2-6bbb-ada6a17ca6b5%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252F89.184.83.166%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2257b5f53a-3a3a-6d99-c8d0-274ae1719e27%22%2C%22tagid%22%3A%228357f430-2b48-4c59-b4ab-3e3f923a8bce%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8357f4302b484c59b4ab3e3f923a8bce_zone_30421_sect_822_site_809%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

2a8e782e190b49b16ef4e7e7a41f302d1b23d57ece3a37683d49735a8252c983

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 2658
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 1 KB
1 KB 611ms
201ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=3185242674798143.5&cpv=36b84a04-624f-a3df-3a74-9add41ad8a33&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%225d49876c-c9f4-12a2-77c1-b5c6699987af%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252F89.184.83.166%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e4120ff4-7726-ebf5-d9ff-8695bf920a22%22%2C%22tagid%22%3A%227643a12b-a173-4c9e-90bc-338ed2e42c90%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_7643a12ba1734c9e90bc338ed2e42c90_zone_27319_sect_822_site_809%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

f16c19ee224aa490b73837f3214532100d4c75e665bd423b7bd5f2f27d919f23

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 612
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 8 KB
3 KB 611ms
202ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=2410602400345774&cpv=36b84a04-624f-a3df-3a74-9add41ad8a33&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%222d611c0d-52f3-bd6d-b4a7-a7965dcbf777%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252F89.184.83.166%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2268baad03-a99a-7739-aca0-aadb4abef89f%22%2C%22tagid%22%3A%2281fc4af8-1714-40ee-a7ed-4e7acdc56013%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_81fc4af8171440eea7ed4e7acdc56013_zone_5922_sect_822_site_809%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22invents%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

23fe9468ed7db681d165beb2c09d8e96be781cc075abfe3af72f47ad59227eaa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 2718
X-Xss-Protection: 0

POST
H3 204 cspreport
accounts.google.com/o/ Frame 6E20 0
20 B 156ms
81ms Other
text/html 2a00:1450:4001:811::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PMKQTmh_luhcW6NYtXtNRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-PMKQTmh_luhcW6NYtXtNRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 6E20 10 KB
5 KB 289ms
38ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 19:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:33 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 6E20 17 KB
7 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:49:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6901
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c75ce447b1f6d98e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:49:37 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5812255-8&cid=222992302.1672897777&jid=1364299731&_u=YEBAAUAAAAAAACAAI~&z=876050819

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
502 B 285ms
53ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5812255-8&cid=222992302.1672897777&jid=1364299731&_u=YEBAAUAAAAAAACAAI~&z=876050819

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 04:27:17 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4940
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 06:27:17 GMT

POST
H3 200 40 Show response
api-esp-eu.piano.io/tracker/lucid/visit/ 65 B
545 B 59ms
58ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2F89.184.83.166%2F&visitor=z2dt874gricwyfpj

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4454c11fd821ed4c84cc2b6e8b61fc9a06e7ece137add9435fde1ce2aab0d3ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-HXQX7gBci4Tv1BrjcDpY1MvLnyE"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 7849ee84ba499130-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 40
api-esp-eu.piano.io/tracker/lucid/visit/ Frame 0
0 24ms
24ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2F89.184.83.166%2F&visitor=z2dt874gricwyfpj

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.184.83.166
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7849ee848d962c55-FRA
date: Thu, 05 Jan 2023 05:49:37 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 5SmvR9wCgf4 Show response
www.youtube.com/embed/ Frame B941 67 KB
27 KB 87ms
83ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e43fee7b80aa191c2f1821ade30cb8734c1872897c7c4f6e82e2d4c3c896796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK close-modal-small.png
89.184.83.166/delo2017/img/refrash/ 168 B
600 B 53ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/close-modal-small.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 394dce7e4c301cef115be471e7994b635771915e34057f5c0eeff510a1e23436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:37 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-a8"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 168
Expires: Thu, 05 Jan 2023 05:49:36 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1232730/ 148 B
323 B 147ms
37ms XHR
application/json 34.248.24.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1232730/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.24.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-24-189.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B8CE 4 KB
2 KB 132ms
53ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:49:37 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46085336-14&cid=222992302.1672897777&jid=1293800074&gjid=968366412&_gid=1215432409.1672897777&_u=ACCAgEABCAAAAEAAI~&z=1470713669

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 05:49:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 48ms
47ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2114308469&t=pageview&_s=1&dl=https%3A%2F%2F89.184.83.166%2F&ul=en-us&de=UTF-8&dt=Delo.ua%20%E2%80%94%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABCAAAAAAAI~&jid=1293800074&gjid=968366412&cid=222992302.1672897777&tid=UA-46085336-14&_gid=1215432409.1672897777&z=1525561335

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 Jan 2023 18:42:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40010
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0064 7 KB
1 KB 76ms
76ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=1tjhf64v6i46

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

50ca3b701fa62f910608648250a8abbe11bf1093a13c97636e268c4d3913f9f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZFesu9aT2nzPAcueGrcQLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1050
content-security-policy: script-src 'report-sample' 'nonce-ZFesu9aT2nzPAcueGrcQLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:37 GMT
expires: Thu, 05 Jan 2023 05:49:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 305 KB
114 KB 49ms
20ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 300e6fffe3f6d8727dcd71853fed1cf0321ffa78494a9a3df7fe0b0c745f2d6d

Request headers

Referer: https://89.184.83.166/
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc4
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 12:38:06 GMT
server: nginx
etag: W/"6380b72e-4c2e8"
vary: Accept-Encoding
x-cached-since: 2022-11-25T12:40:16+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Sun, 26 Nov 2023 12:40:16 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 561 B
516 B 15ms
14ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 12:25:34 GMT
server: nginx
etag: W/"61e5603e-231"
vary: Accept-Encoding
x-cached-since: 2022-12-07T10:12:53+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Fri, 08 Dec 2023 10:12:53 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame B8CE 0
10 B 36ms
35ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?8BLyww
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 69ms
69ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 05:49:37 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B8CE 90 B
134 B 79ms
79ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f61bfaded10648532f0d9f783ccecbccd51bff2b07373dac93156c62c3089ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame B941 360 KB
49 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame B941 339 KB
107 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B941 2 MB
597 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120293
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611344
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:44 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame B941 9 KB
3 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120310
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:27 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0064 52 KB
24 KB 43ms
42ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=1tjhf64v6i46

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 13:16:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0064 407 KB
163 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 22:27:42 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 27 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 13:27:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9143
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 13:27:24 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B941 15 KB
15 KB 55ms
54ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 505719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 09:20:58 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B941 15 KB
15 KB 55ms
55ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 22:15:01 GMT
x-content-type-options: nosniff
age: 545676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Dec 2023 22:15:01 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 6E20 54 KB
19 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 17:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19257
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 17:38:34 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame B8CE 52 KB
15 KB 125ms
124ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 06 Jan 2023 01:58:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 177ms
66ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e50fa341028e19ffcf2fa13fba93c388d2b38626ef1bf7b21d3be0dc2ad802d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
server: sffe
etag: "1442 / 20 of 1000 / last-modified: 1672873566"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 05:49:38 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/51428/ 28 KB
11 KB 28ms
14ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:01 GMT
server: nginx
etag: W/"6375fd75-702f"
vary: Accept-Encoding
x-cached-since: 2022-12-05T10:57:00+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 06 Dec 2023 10:57:00 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/51428/ 42 KB
18 KB 29ms
15ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-a793"
vary: Accept-Encoding
x-cached-since: 2022-12-05T10:57:00+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 06 Dec 2023 10:57:00 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/51428/ 13 KB
5 KB 26ms
13ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:54 GMT
server: nginx
etag: W/"6375fd6e-326c"
vary: Accept-Encoding
x-cached-since: 2022-12-05T10:57:00+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 06 Dec 2023 10:57:00 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/51428/ 11 KB
4 KB 30ms
17ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:53 GMT
server: nginx
etag: W/"6375fd6d-2a79"
vary: Accept-Encoding
x-cached-since: 2022-12-05T10:57:00+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 06 Dec 2023 10:57:00 GMT

GET
H2 200 f744d5275c14e0b3b41a.b.js Show response
cdn.admixer.net/scripts3/51428/ 216 KB
75 KB 30ms
19ms Script
application/javascript 2a03:90c0:e1:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: cec-up-gc12
date: Thu, 05 Jan 2023 05:49:37 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-360b6"
vary: Accept-Encoding
x-cached-since: 2022-11-17T09:24:10+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 18 Nov 2023 09:24:10 GMT

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

24ms
15ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT, Thu, 05 Jan 2023 05:49:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 05 Jan 2023 05:49:37 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEMxREYwOUEtM0ExOC00MERGLTlBMUUtMDMyOEYyOUE0Q0Mw&gdpr=0&gdpr_consent={consent}
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEMxREYwOUEtM0ExOC00MERGLTlBMUUtMDMyOEYyOUE0Q0Mw&gdpr=0&gdpr_consent={consent}&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D8C1DF09A-3A18-40DF-9A1E-0328F...
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0

43 B
463 B

195ms
194ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:39 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0
date: Thu, 05 Jan 2023 05:49:37 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 0
592 B 96ms
18ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=1f0f3930522b4c9a95d0dc9c37fbc638

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: b13074c8-32c8-4434-9392-cc4137e37420
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 120ms
15ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=1f0f3930522b4c9a95d0dc9c37fbc638
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=1f0f3930522b4c9a95d0dc9c37fbc638&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=1f0f3930522b4c9a95d0dc9c37fbc638&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=1f6dd126-2687-4b20-b0a3-8d89bbe1ea03&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=261bde76-7eed-4004-ab64-4fba2e756ecc&gdpr=&consent=&gdpr_pd=

43 B
463 B

200ms
199ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=261bde76-7eed-4004-ab64-4fba2e756ecc&gdpr=&consent=&gdpr_pd=

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=261bde76-7eed-4004-ab64-4fba2e756ecc&gdpr=&consent=&gdpr_pd=
date: Thu, 05 Jan 2023 05:49:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 146A 604 B
297 B 67ms
65ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57d6c59ee8f0560aec2ebb80836817460db4d262c75987b158f7b084a3e7994d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 05 Jan 2023 05:49:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 119ms
40ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 13:17:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 491499
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Dec 2023 13:17:59 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 120ms
41ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 17:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 477228
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 30 Dec 2023 17:15:50 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 114ms
39ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:53:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 71794
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 09:53:04 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 114ms
39ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:13:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 214550
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 02 Jan 2024 18:13:48 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 117ms
42ms Image
image/png 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 18:58:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 39075
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 18:58:23 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 200ms
200ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 56ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 14ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c6b826ddbb6bff94065dd8e003f0575db8d0fb3db18007a08f02195f3f5b9655

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: cc2b538c-c60c-480f-a6a5-cfd3cf65c1dd
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 128ms
41ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 803f4e4734790d28f7cf4acb917a13cb4dc8cf3207753f6eb996fd034d94463f

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 792

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
391 B 191ms
99ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 154ms
86ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 51ms
18ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=99274628275&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 124ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
733 B 133ms
36ms XHR
application/json 52.16.223.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672897778070&to=0&aun=admixer_e5e08653cbc34e16b9b08ae617db50b8_zone_25843_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fold.delo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b6a3f61cc83510d2f2e8e6104c40e759f9528c70866022640c9b7ec229118f7d

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
391 B 178ms
98ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 40ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=65667198761&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 148ms
42ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e63a3e6ae4b3be24ce1a5f354f995680c2ae3206371d12b2b31493e776f54942

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 808

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 200ms
199ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 33ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 138ms
88ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 15ms
14ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

63740a3026cdd65979359869c66f5168feeeead603a5e61cdb5cc9c00d106664

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: 4159d353-2daa-4b33-a20d-3db6c9e5c459
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
732 B 121ms
36ms XHR
application/json 52.16.223.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672897778083&to=0&aun=admixer_e565a1528b2843e19f7151988766fba0_zone_25842_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fold.delo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b14c60ca9abf29cb24fa94e9f274d2cbdf323076a8a701d55923cdcc3fabbe9b

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 107ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:36 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 121ms
83ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 196ms
195ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
116 B 96ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
391 B 127ms
71ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 19ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 16ms
16ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9ac03107c82593778f3531a7af055b63a0e033361914a2542dd5cb4cf17d20af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: d9c17d86-a8ef-4639-916f-73334f7ef0f9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 KB
1 KB 96ms
42ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 707420610eb6be84755eaafa91e72ad929d4f8d1b1b69c5d1853baab4ff48349

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 807

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
733 B 103ms
37ms XHR
application/json 52.16.223.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672897778102&to=0&aun=admixer_025aad06c1084acf8ccfd365c5329fee_zone_25844_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fold.delo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b949bfb9d6effe9392691e10cd47da33dc78c8223699b5c6648a1dc9ebc109cc

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 18ms
18ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=2427840587&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 20ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 18ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=68411755803&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 05:49:37 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
391 B 90ms
90ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 18ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 281ms
200ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 16ms
15ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d89d0ffc712a2c87bf03b970c8ab04419ee42241bc52036b490494cadc26d6d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: 6d2cac85-b885-4983-ab87-35815a3319ee
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
734 B 37ms
36ms XHR
application/json 52.16.223.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672897778178&to=0&aun=admixer_062b91b42556471cb34e20f350880e09_zone_2313_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250%2C300x300&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fold.delo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f0f71c21b439255f759758a0a68128a066c06e186f8de7f2da912a9a87e70537

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 87ms
87ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 51ms
42ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9d8174798e1dc6f34bf12ecf2eef504519d71184c3810479fa647f90a8da6485

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 785

GET
H/1.1 200
OK 09a55ba6-821c-4ea6-b0e2-c177b740af46.html Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ 3 KB
2 KB 230ms
35ms XHR
text/html 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/09a55ba6-821c-4ea6-b0e2-c177b740af46.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: e2ba64ef4c127560ce44129d8a8b60c04a038048d778e475521d9f6011847be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-c16"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

GET
H2 200 cm-notify
creativecdn.com/ 42 B
243 B 16ms
15ms Image
image/gif 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT, Thu, 05 Jan 2023 05:49:38 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 69b710a2-711f-4b98-ada3-5b34fed0b45c.html Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ 3 KB
2 KB 226ms
36ms XHR
text/html 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/69b710a2-711f-4b98-ada3-5b34fed0b45c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 728c5b013e45bce8cf574f6b7d73d212a440f4e994835127628d0d11a4a7c3ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-da7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 0
592 B 17ms
14ms Image
text/html 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=1f0f3930522b4c9a95d0dc9c37fbc638

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: 6f38c314-a869-4260-91be-752be8c2fba9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aa.js
cdn.adm.admixer.com/s/adm/ 915 B
915 B 710ms
108ms Image
application/javascript 44.195.196.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adm.admixer.com/s/adm/aa.js?cb=[cachebuster]
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.196.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-196-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 736ms
674ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=1f0f3930522b4c9a95d0dc9c37fbc638&zone=8357F430-2B48-4C59-B4AB-3E3F923A8BCE&device=28&rule=32BC111C-C386-451B-9F93-5C39CD7E6290&requestId=42ee9571-c5f9-4af5-9a5b-a54932445255&hp=502794149&page=89.184.83.166%2F&ts=638084945779109563&ap=MA%3D%3D&asign=590824072&sync=88%2C3&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=8C9403DF-6EDA-4A0A-AFB0-BE7B68CA005D&inst=ADS-EU-5&pxl=0&pvid=3fb187a2-d4c0-4254-99e1-0e7d515699b5&ip=185.213.155.162&item=73AA91C3-1EE2-4C16-8CCC-03F3A6E6B97F&crid=73AA91C3-1EE2-4C16-8CCC-03F3A6E6B97F&size=1200x60&profile=32BC111C-C386-451B-9F93-5C39CD7E6290&isopt=0&adv=Ekonomika&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fdelo.ua%2Fuk%2Fdonate%2F&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 744ms
670ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=1f0f3930522b4c9a95d0dc9c37fbc638&zone=81FC4AF8-1714-40EE-A7ED-4E7ACDC56013&device=28&rule=B3EE7590-EEF5-42FE-B559-1BF4ED8EB144&requestId=3cf8efab-ee7c-4d17-ba1d-88c933ccaa39&hp=502794149&page=89.184.83.166%2F&ts=638084945779109563&ap=MA%3D%3D&asign=-1335067703&sync=3%2C88&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=8C9403DF-6EDA-4A0A-AFB0-BE7B68CA005D&inst=ADS-EU-5&pxl=0&pvid=f982a90e-e73b-4299-bd33-0c62c40be4cd&ip=185.213.155.162&item=C7398ADC-AE52-4992-980D-691036DDD74E&crid=C7398ADC-AE52-4992-980D-691036DDD74E&profile=B3EE7590-EEF5-42FE-B559-1BF4ED8EB144&isopt=0&adv=Ekonomika&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fmarketing2023.mmr.ua%2F%3Futm_source%3Dcatfish_delo%26utm_medium%3Dbanner%26utm_campaign%3Dcatfish_delo_desktop&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 146A 9 KB
2 KB 37ms
36ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 03:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 03:44:44 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 146A 149 KB
44 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:04:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398682
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 31 Dec 2023 15:04:56 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0064 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 554969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0064 15 KB
15 KB 47ms
47ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 09:20:58 GMT
x-content-type-options: nosniff
age: 505720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 09:20:58 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame B941
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

44ms
43ms

XHR
application/json

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7cf91ac738220925375325477cf702a45402180d4e54a2a17cf317ef26f68b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 05:49:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame B941 29 B
54 B 119ms
38ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:43:52 GMT
x-content-type-options: nosniff
age: 346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 05:58:52 GMT

GET
H3 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 109ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 22:32:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
59 B 149ms
72ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43ab97e177e8b7e7417405c76411af0cff03307b9474e65b1d8d0e7c153d4fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:38 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 68ms
68ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 05:49:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B941 66 KB
30 KB 75ms
74ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4ae35fcf3b6a689335c9727fea7ffed35b55e4eed72a2636fdd5374842973bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30967
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame B941 59 KB
23 KB 113ms
112ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

eb03b66c82800205ddf46bbf4a0be3967cc371743214f0f905c6e02544d2c8d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23299
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:38 GMT

GET
H3 200 G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js Show response
www.google.com/js/th/ Frame B941 36 KB
14 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 05:56:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 258769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 05:56:49 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B941 26 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:48 GMT

GET
DATA 200
OK truncated
/ Frame B941 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B941 2 KB
2 KB 152ms
56ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:06 GMT
x-content-type-options: nosniff
age: 1412
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1747
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 04:10:39 GMT

GET
DATA 200
OK truncated
/ Frame B941 272 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326a1475047fc55e20e7b309cca2afbbaa10de6facd8acca827939a617732d44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 43ms
43ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: cec6ea2273f4f10c6998fd3ac30cc376fb59dada34a29e8cb68cb683538aabcd

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:37 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 792

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 248ms
200ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
391 B 94ms
94ms XHR
application/json 92.123.36.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.36.4 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 22ms
19ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=36207243368&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 80ms
78ms XHR
text/plain 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 20ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
558 B 35ms
35ms XHR
application/json 52.16.223.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672897778416&to=0&aun=admixer_13d1dd05df8c4e289bbc2fb234b5f48a_zone_41878_sect_822_site_809&pv=d8331983-4774-4fed-bdeb-a4fc9cb8b309&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250%2C300x300&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fold.delo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.223.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-223-13.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b949bfb9d6effe9392691e10cd47da33dc78c8223699b5c6648a1dc9ebc109cc

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
60 B 19ms
19ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 05:49:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 17ms
17ms XHR
application/json 185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

53c772aefb899634ac52b857f30407ec68cd6497f8e1975911b3b85fa96d723f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 05:49:38 GMT
AN-X-Request-Uuid: 97941c5a-cbbc-4cfc-abbf-d46f6c0776d0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 992ms
398ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 997ms
401ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 976ms
395ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame F27B 236 KB
63 KB 335ms
16ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:04:38 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ Frame F27B 73 KB
8 KB 255ms
69ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/body.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-1229f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 146A 126 KB
42 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 13:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 13:38:15 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame F9F6 236 KB
63 KB 319ms
15ms Script
text/javascript 2a02:26f0:3500:11::215:14dc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:04:38 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame F9F6 28 KB
4 KB 206ms
34ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/body.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-6f34"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

GET
H/1.1 200
OK script.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame F9F6 824 B
803 B 208ms
33ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/script.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 596ms
596ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryL4jUBB7jZ4KBWnAK

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame B941 90 B
133 B 72ms
71ms XHR
application/json+protobuf 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2eb67441f32c175c39b1ad77f2b534571d68ab33a535bd6f81a5d1785bc9b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame B941 0
22 B 47ms
47ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=AyMoEFbjE0Y7SbZy&el=embedded&ns=yt&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24292955%2C24390013%2C24406621%2C24415864%2C24421893%2C24439361%2C24441240&cl=499069944&seq=1&docid=5SmvR9wCgf4&ei=8mS2Y9-OF83K1wKPo6ngCw&event=streamingstats&plid=AAXxfd3T2amHAVP1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.019:B,0.316:B,0.316:B&cmt=0.019:0.000,0.316:0.000&afs=0.315:251::i&vfs=0.316:134:134::r&view=0.316:558:255&bwe=0.316:130000&bat=0.316:1:1&vis=0.316:0&bh=0.316:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778155&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 268 KB
269 KB 164ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672919378&ei=8mS2Y9-OF83K1wKPo6ngCw&ip=2a03%3A1b20%3A6%3Af011%3A%3A2e&id=o-AIfZe8PIENo5_utgHSJ4l_edBPJ1YQB8XcfMdKLrjveu&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=mj&mm=31%2C29&mn=sn-5hnednss%2Csn-5hne6nsy&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=8102500&spc=zIddbKORrLYMHSAGlUOuzzYtjM3juLQ&vprv=1&mime=video%2Fmp4&ns=Xi7-ggwah3Cttr7JocXDF_IK&gir=yes&clen=1064215806&otfp=1&dur=34408.866&lmt=1632933565058233&mt=1672897516&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7216222&n=YilX3Lka0XX9BA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgPFxnWppg41srtWsqD8y1GyIsxetgDtLRyjLbt8VRNFICIQC_idCWIBxJBfGxgejYnau2OvLcChxHzzRNsgiKrZTJpQ%3D%3D&alr=yes&sig=AOq0QJ8wRQIgOjpXgyMIMA9wMkNhXdsTs2FaciyXgUIZo_ydsPdBcScCIQC2T6XR4iewbzptne0NRt-yUDsD6nhacISm0KID_WfJvw%3D%3D&cpn=AyMoEFbjE0Y7SbZy&cver=1.20230102.00.00&range=0-274769&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fd6f037fbc41fe391a7ad687f696e6fbdbb41c06200c6a44b06df350b1a28dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 274770
Last-Modified: Wed, 29 Sep 2021 16:39:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 05 Jan 2023 05:49:38 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 126 KB
127 KB 162ms
15ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672919378&ei=8mS2Y9-OF83K1wKPo6ngCw&ip=2a03%3A1b20%3A6%3Af011%3A%3A2e&id=o-AIfZe8PIENo5_utgHSJ4l_edBPJ1YQB8XcfMdKLrjveu&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C29&mn=sn-5hnednss%2Csn-5hne6nsy&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=8102500&spc=zIddbKORrLYMHSAGlUOuzzYtjM3juLQ&vprv=1&mime=audio%2Fwebm&ns=Xi7-ggwah3Cttr7JocXDF_IK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672897516&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=YilX3Lka0XX9BA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAI3BfqdvvH8G6_KLkg6fuoBVr5cVJXpYvyFZrgsqX-SAAiAfTtULtFiihayDq3AaSFJrvZf4YNXfZfgqgQezyKVBcg%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM_hrchjGelycaUmARHUcc7bANlw-M2B2HGMZtVAZhKnAiA8RzBypmPG5bwNwgOhd-KnVMs5Cvp86Hncfqkq-UfCjg%3D%3D&cpn=AyMoEFbjE0Y7SbZy&cver=1.20230102.00.00&range=0-129402&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cab812c86d39e38d417144183925c88585ab0fbd46fd84d42f1626d9e9117440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 129403
Last-Modified: Wed, 29 Sep 2021 17:52:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 05 Jan 2023 05:49:38 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B941 119 KB
36 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37321
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:48 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B941 32 KB
9 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdecdf4fa55074c210b949cfb4e85db24ca0b9fd93d2f44c3056b7b5ffdda243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8963
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:25:39 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame B941 68 KB
20 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131bf96ca53ca4c2f4a7e7574c3ef7567f90a136167f98d047c1bab0d6eda2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:25:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 120239
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20384
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:25:39 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame B941 33 KB
6 KB 273ms
273ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b715abc771d18877d2a463103f4079cb6a92b2c4193299ff51e3a92d4d3ef749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5923
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
793 B 186ms
69ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 141ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 677 B
380 B 74ms
73ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=101613222931512&correlator=1572945050209946&eid=31071150%2C31068367%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=1&adks=114677092&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672897778735&lmt=1672897536&dlt=1672897776187&idt=2504&adxs=635&adys=1870&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=222992302.1672897777&ga_sid=1672897779&ga_hid=2114308469&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f6556283ca06f1344dd61c23ef2f60c24cbd7d42e15083eb1a8bf05d8fae67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE11 6 KB
3 KB 155ms
43ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:38 GMT
expires: Fri, 05 Jan 2024 05:49:38 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 540 B
307 B 69ms
68ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=101613222931512&correlator=2254212758520827&eid=31071150%2C31068367%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=1311067019&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672897778756&lmt=1672897536&dlt=1672897776187&idt=2504&adxs=635&adys=3614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=222992302.1672897777&ga_sid=1672897779&ga_hid=2114308469&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aff3ee2aa7ce531b7a071cc01f8f4a23e7c74fb367f139a20708bdefdca5733a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 532 B
305 B 74ms
74ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=101613222931512&correlator=633634887741460&eid=31071150%2C31068367%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300&ifi=3&adks=2493172272&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672897778765&lmt=1672897536&dlt=1672897776187&idt=2504&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=222992302.1672897777&ga_sid=1672897779&ga_hid=2114308469&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6afe0bbdf7ee693619e704b48bb0d904e2aec99f9d1687084f48c281adb5c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 276
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 993ms
595ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 532 B
301 B 71ms
71ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=101613222931512&correlator=2831199985207030&eid=31071150%2C31068367%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300&ifi=4&adks=2970253951&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672897778775&lmt=1672897536&dlt=1672897776187&idt=2504&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=222992302.1672897777&ga_sid=1672897779&ga_hid=2114308469&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea465433c6b99a0d312908522963d739a66cc4666e3df3da888eb4b70251eac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 540 B
310 B 72ms
72ms XHR
text/plain 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=101613222931512&correlator=1232275093233965&eid=31071150%2C31068367%2C31070232%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&adks=2748236754&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672897778799&lmt=1672897536&dlt=1672897776187&idt=2504&adxs=1000&adys=2739&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=222992302.1672897777&ga_sid=1672897779&ga_hid=2114308469&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6343bb502438ff027bb639f6c8be7166a53cdc92dccbe4571a4c08cb4712302

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 67ms
67ms Preflight
text/html 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 05:49:38 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame B941 0
11 B 36ms
35ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?6BKulg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame F9F6 28 KB
4 KB 35ms
35ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/body.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-6f34"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ Frame F27B 73 KB
8 KB 36ms
35ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/body.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:38 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-1229f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:38 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 200ms
199ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryj5zBubp9kRvVBuCM

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 595ms
199ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 199ms
198ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMsBgHcnA12c20Hw2

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 199ms
198ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySEz8Dn6DqHAkHKa3

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 598ms
199ms XHR
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame B941 2 KB
2 KB 47ms
47ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e15cd918b097c42e691e1a5d5baaaf28f6955e8388dd202c2e87d36ba56ea9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:17 GMT
x-content-type-options: nosniff
age: 3742
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2495
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 30 Nov 2022 08:02:36 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 64 KB
64 KB 31ms
14ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672919378&ei=8mS2Y9-OF83K1wKPo6ngCw&ip=2a03%3A1b20%3A6%3Af011%3A%3A2e&id=o-AIfZe8PIENo5_utgHSJ4l_edBPJ1YQB8XcfMdKLrjveu&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C29&mn=sn-5hnednss%2Csn-5hne6nsy&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=8102500&spc=zIddbKORrLYMHSAGlUOuzzYtjM3juLQ&vprv=1&mime=audio%2Fwebm&ns=Xi7-ggwah3Cttr7JocXDF_IK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672897516&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=YilX3Lka0XX9BA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAI3BfqdvvH8G6_KLkg6fuoBVr5cVJXpYvyFZrgsqX-SAAiAfTtULtFiihayDq3AaSFJrvZf4YNXfZfgqgQezyKVBcg%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM_hrchjGelycaUmARHUcc7bANlw-M2B2HGMZtVAZhKnAiA8RzBypmPG5bwNwgOhd-KnVMs5Cvp86Hncfqkq-UfCjg%3D%3D&cpn=AyMoEFbjE0Y7SbZy&cver=1.20230102.00.00&range=129403-194938&rn=3&rbuf=3921&pot=DxfhsitKL4o0F9kuV80Ap1AQILdn2yeuTiSeA5-Iy9u9b1NuC8g2VlVKmvwWtMSAtpwKLtztwolrTuCa4lHFH7KdT_57_aJiuqGifUPixOHiQ5-yPhPPI79IgIjUVYciEy5entM=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4e32343d10b7e5336f996f4af74db7981c03b5624e357fee6533794095258a08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 05:49:39 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 05:49:39 GMT

GET
H/1.1 200
OK script.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame F9F6 824 B
803 B 35ms
35ms Script
application/javascript 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/script.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:39 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 05:49:39 GMT

GET
H/1.1 200
OK body_atlas_1.png
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/images/ Frame F27B 15 KB
16 KB 68ms
68ms Image
image/png 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/images/body_atlas_1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 69b1b7cde8c4b5102d2ee01ff980537500461e4f37daee08b7a9a685ba92f6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:39 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: "62583d7f-3c71"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15473
Expires: Sat, 06 Jan 2024 05:49:39 GMT

GET
H/1.1 200
OK lan-f.jpg
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/ Frame F9F6 15 KB
16 KB 68ms
67ms Image
image/jpeg 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/lan-f.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: 6b5a58bed7abc5256ab007e13f9d3ff04b3316c21e4ed098bd1809d766d3d73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:39 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: "63983c1f-3d14"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15636
Expires: Sat, 06 Jan 2024 05:49:39 GMT

GET
H3 200 featured_channel.jpg
i.ytimg.com/an/M1hAMz3CA03_xH6H4mD5sQ/ Frame B941 7 KB
7 KB 109ms
35ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/M1hAMz3CA03_xH6H4mD5sQ/featured_channel.jpg?v=56cae361

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a756a22eee9196f8b9494d9a4402f2cdc8a0b545573a1b74782e1dc25bcda62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:17 GMT
x-content-type-options: nosniff
age: 3742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7424
x-xss-protection: 0
server: sffe
etag: "1456137057"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 06:47:17 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame B941 4 KB
2 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:49:39 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 466 KB
466 KB 14ms
14ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b372e9ae12ab421df42a5af985323cae37ba308cdd5e6dd3312ff8b32834226

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 05:49:39 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477172
last-modified: Wed, 29 Sep 2021 16:39:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 05:49:39 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B941 28 B
57 B 53ms
50ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672897779135
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778029&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 05:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:39 GMT

GET
H/1.1 200
OK body_atlas_1.png
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/ Frame F9F6 56 KB
56 KB 34ms
34ms Image
image/png 62.149.18.58
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/body_atlas_1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 62.149.18.58 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: cc53243-01.cc.colocall.com
Software: nginx /
Resource Hash: a79ad31ca964c992bd2c085dde8e3980c64e9447ce49d26e8a20bfa18adb5cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:39 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: "63983c1f-dec1"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57025
Expires: Sat, 06 Jan 2024 05:49:39 GMT

GET
DATA 200
OK truncated
/ Frame F9F6 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame B941 52 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 06 Jan 2023 01:58:24 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame B941 0
21 B 44ms
44ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=AyMoEFbjE0Y7SbZy&ver=2&cmt=0.02&fmt=134&fs=0&rt=0.859&euri=https%3A%2F%2F89.184.83.166%2F&lact=897&cl=499069944&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=34408.901&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24292955%2C24390013%2C24406621%2C24415864%2C24421893%2C24439361%2C24441240&rtn=9&afmt=251&size=558%3A255&inview=1&muted=1&docid=5SmvR9wCgf4&ei=8mS2Y9-OF83K1wKPo6ngCw&plid=AAXxfd3T2amHAVP1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&of=_fbfDd1dKjjDm6E6gf28_Q&vm=CAQQARgCOjJBTzY4R1pIM1FYd2lUMWpoUHFHMkNUWjE1NDE1QkdFUHN5cTdaWTVka3phZ2o2Z29Ed2JUQVBta0tETHdsRTcxVTVITzEtSVQwc1FuLXJwTlBBTU5LbHBpLU0xTmhGQmRNR0ZJUGV3Y3M2eGdwUksyeVJlOUljbG5nbXRyLW1XSXNDMXNoa3VXaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778155&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame B941 0
23 B 43ms
42ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=5SmvR9wCgf4&cpn=AyMoEFbjE0Y7SbZy&ei=8mS2Y9-OF83K1wKPo6ngCw&ptk=youtube_single&oid=L3rdz6zNy7O3wJRk1u6-lg&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778155&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:39 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 177 KB
177 KB 15ms
15ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672919378&ei=8mS2Y9-OF83K1wKPo6ngCw&ip=2a03%3A1b20%3A6%3Af011%3A%3A2e&id=o-AIfZe8PIENo5_utgHSJ4l_edBPJ1YQB8XcfMdKLrjveu&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C29&mn=sn-5hnednss%2Csn-5hne6nsy&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=8102500&spc=zIddbKORrLYMHSAGlUOuzzYtjM3juLQ&vprv=1&mime=audio%2Fwebm&ns=Xi7-ggwah3Cttr7JocXDF_IK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672897516&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=YilX3Lka0XX9BA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAI3BfqdvvH8G6_KLkg6fuoBVr5cVJXpYvyFZrgsqX-SAAiAfTtULtFiihayDq3AaSFJrvZf4YNXfZfgqgQezyKVBcg%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM_hrchjGelycaUmARHUcc7bANlw-M2B2HGMZtVAZhKnAiA8RzBypmPG5bwNwgOhd-KnVMs5Cvp86Hncfqkq-UfCjg%3D%3D&cpn=AyMoEFbjE0Y7SbZy&cver=1.20230102.00.00&range=194939-375834&rn=5&rbuf=7831&pot=DxfhsitKL4o0F9kuV80Ap1AQILdn2yeuTiSeA5-Iy9u9b1NuC8g2VlVKmvwWtMSAtpwKLtztwolrTuCa4lHFH7KdT_57_aJiuqGifUPixOHiQ5-yPhPPI79IgIjUVYciEy5entM=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

a07946f1395bf50538ccaa5358b3ce601810ea67ffd0e6444fc36ddc08cd7d60

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 05:49:39 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180896
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 05:49:39 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 199ms
199ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8357f430-2b48-4c59-b4ab-3e3f923a8bce

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 199ms
199ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=7643a12b-a173-4c9e-90bc-338ed2e42c90

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Jan 2023 05:49:39 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 442ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 05:49:39 GMT
x-amz-request-id: 0VBX1BWD3S1A6V8P
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: pQ+jrNPUFKPfQ/gTJNpVZPsTUUUaoqSYT/RmuqthVo7lBwjCJux4bnlWYYDOD5Amd//bd70XbV0=
x-served-by: cache-hhn-etou8220084-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1672897780.852080,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3030

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 537ms
103ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d1dfcc55c9f2d5375132403cb99bd910ea4fcf156b8af1acebab05b225851de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11207
x-xss-protection: 0

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 12ms
11ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 05:49:39 GMT
x-amz-request-id: RRKTSGB1GZCRV89T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 4l8iY1Ay2BHNb7bAAyZxHOGToVbGcN6NeFSHhghIiVqS7k6LFqaFdOqdUnsrfIawKvLFJTqoZdc=
x-served-by: cache-hhn-etou8220084-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672897780.888716,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2995

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 9ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 05:49:39 GMT
x-amz-request-id: RRKWZFQQ82P9RYZP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: uHhi53JMteirXrk4bE2zQ2rfInN8pgMnDTKzRkPSovJM5y5AVhKYCmSakQr/ADpTIHYCwno/iPU=
x-served-by: cache-hhn-etou8220084-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672897780.888333,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2984

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 10ms
10ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 05:49:39 GMT
x-amz-request-id: RRKJK0718AC26354
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: l8ESbNTyyn/P6dzRQLIojLa2rg4VwhS8fdNMFOt9gg/d/4/Kp0bjEjLMX+zdfv6F8ScooaaycLs=
x-served-by: cache-hhn-etou8220084-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672897780.888325,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2990

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 1 KB
836 B 8ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 05:49:39 GMT
x-amz-request-id: RRKZW6YW5QXSXTC9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 2hx6bADpueBAuZxvc4FgrJAgB75cBAbWtyO/2W1dg52zl/c4Dh4x5VSG4Lno06GEGXD2M/AJ6wU=
x-served-by: cache-hhn-etou8220084-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672897780.888307,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2966

GET
H/1.1 200
OK 06fd25c80d Show response
bam.nr-data.net/1/ 49 B
523 B 600ms
249ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/06fd25c80d?a=262957204&v=1220.PROD&to=blxXZhMDDxZSWxYKWFcWYEAITQgLV10aTUdRSQ%3D%3D&rst=4910&ck=0&s=dc3a30321ae4df68&ref=https://89.184.83.166/&ap=733&be=1220&fe=3200&dc=568&perf=%7B%22timing%22:%7B%22of%22:1672897774996,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:2,%22c%22:2,%22s%22:48,%22ce%22:351,%22rq%22:352,%22rp%22:1188,%22rpe%22:1190,%22dl%22:1191,%22di%22:1788,%22ds%22:1788,%22de%22:1865,%22dc%22:4420,%22l%22:4420,%22le%22:4425%7D,%22navigation%22:%7B%7D%7D&fp=1433&fcp=1433&at=QhtUEFsZHBg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:40 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7849ee969e412c33-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 90ms
89ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:49:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA9B 13 KB
5 KB 48ms
47ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30034
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6DDF 783 B
537 B 71ms
70ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aec5633ce61d7756cccb456c4a832d9ec8c95f1cf1965aa36873d8f258dd8baf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d8BVWFTWqL5US9X41SVXXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-d8BVWFTWqL5US9X41SVXXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:40 GMT
expires: Thu, 05 Jan 2023 05:49:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame EA9B 36 KB
16 KB 144ms
47ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6DDF 0
0 149ms
79ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=101613222931512&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 199ms
199ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:40 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 199ms
199ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 05:49:40 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA9B 0
10 B 47ms
46ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iMfhNg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B8CE 28 B
57 B 50ms
49ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672897780443
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cj7swk3FTZw
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtLT2pjRU5JbFV0MCjwydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897777005&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C340%2C191&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 05:49:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
84ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=101613222931512&bg=!3d6l3prNAAYDMoyoIzI7ACkAdvg8WlDrumms3LXw66CfWjcON16v4VSrk2XWTE2WKsr6OYGnw4Q-QAIAAACFUgAAAANoAQcKADNXhFJAINKGLKa83iA0OJrWDTT60LFUL6T3VNrGu_VeIK6OMVDzHhhRVc-hjJtjHI-40e-ZAqbKMLwyi5MH2F6aDBRI2HYGSyBGJyQpl0l-fyCHpje9lKQucXISbbD-KSZS29W5TkttI427nETgZC1Xbp4xSSfcbXsrN2jPdzNxMXjYtos7g0p9M1Esfsa4XGtekZSTuG2ESP-mg6YTRe9eu69OsZYLr3bvL_BsnIZsYARdJhJnIr_4Ekjtm1PATwek-OT-Z8PsHuyiD3UnuMg63U6iGwHL6w_FKsSXPlhTOhA-U1paeKu05b-Zy-ktKM8UWPq2XBF-j0PCwjSxn0JOXkN7PP1sRH17XvPd8PmaUgFtRfqgk65zBXqdxw8KprjeNoPQTAfG2_wRxVVRqtDBbiJFOMmFfdMW5rvpKMAqjoBxYU9Lc9XeOhHD1bOrW4VvTDHQNKSjhwsY5UYg4d4FeebFLyAtxVELl7QQ974gG-t6_s8rGwTC3Y_0BZ0ter5_uVIUzGl1OMbIca1FkLtroONINNFZz6S9I82qWIiJURb3q046bPGnU1MkXVotmSctpGnc888Icqpf4oBfbBGrBoJebWTqZRXbeGfbUlfWLK5AxMs2hGzfFn4jPGX4deKTklAvuJRdpshfXx0FeoztQtiuUzroxUqMT9hXrc0PNwWdMqVpetQs_I2BBCkNHQpbKwVrxwTVfqKJXyUWSNK8GdmkdWk0tye2h2TovSXM1QRh2oGkp8uvtTnTdc9IKupOv7hhCwmMh57JQY6FBiXXmyFiZgfN_RAus8RuncxdnMnLHTR38EjDSOcgDimA6fmIpvbMA0mYGw0h_0gF4VvjofvRH84Sx54x5p4UNX3tJECluzMby6nFLUyNlRJw5etd3e9j9Kb6uavwJe3nDfakY292ff---YUBlSM7jwocsMCiHlH3k69ibOaPyYOy8JDF4iDf6JIFiKfiXl0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 54ms
17ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Jan 2023 05:49:41 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D2D 15 KB
6 KB 49ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=89.184.83.166

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:49:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 974591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 47ms
17ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:49:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Jan 2023 05:49:41 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame B941 28 B
57 B 49ms
49ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672897781210
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778029&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 05:49:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:49:41 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D2D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=89.184.83.166&sn=ChromeSyncframe&so=0&topUrl=89.184.83.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=kWVnw3x6dWZiY1VuRW1xRHR3aEF6WTZVYXZ0MGorQkVnY0orbW5QK1hxUGZJYU5ZYUFJRmxiTEFoOWtpTEFuMzRxYklaYUVOb0pxU0JTMUFIVzN6ZzRGSVgwclBlbVRnL29GMDlkVHlmTkpsUnkzNmNKRWhRdkdlZ0RHZU...

423 B
651 B

107ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kWVnw3x6dWZiY1VuRW1xRHR3aEF6WTZVYXZ0MGorQkVnY0orbW5QK1hxUGZJYU5ZYUFJRmxiTEFoOWtpTEFuMzRxYklaYUVOb0pxU0JTMUFIVzN6ZzRGSVgwclBlbVRnL29GMDlkVHlmTkpsUnkzNmNKRWhRdkdlZ0RHZUN4T25hNVozWXorM2hTMmN2aXRlbGdITWNzY01OaDlJR29la2VINE91b2w1eTlRdHFYWkxaaTQ1T1RDaFZ3ekpkMU9rUWZDd2d2bldDajgyeVBVUHYrRXJqODdiOHRuOGd4SHI1Q1ZBVFQ5QVdJTTZRRzNiTGpTSFdaa3Y4TmpFSzl5TnozSjRCS3JWNkMzTkNkNWVCV1JUenUzTEpvZz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

68ab0cf747e56e5b3dbe02c2f80266325f7eb426d4fc3014097aa6376550d31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:40 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2265154
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kWVnw3x6dWZiY1VuRW1xRHR3aEF6WTZVYXZ0MGorQkVnY0orbW5QK1hxUGZJYU5ZYUFJRmxiTEFoOWtpTEFuMzRxYklaYUVOb0pxU0JTMUFIVzN6ZzRGSVgwclBlbVRnL29GMDlkVHlmTkpsUnkzNmNKRWhRdkdlZ0RHZUN4T25hNVozWXorM2hTMmN2aXRlbGdITWNzY01OaDlJR29la2VINE91b2w1eTlRdHFYWkxaaTQ1T1RDaFZ3ekpkMU9rUWZDd2d2bldDajgyeVBVUHYrRXJqODdiOHRuOGd4SHI1Q1ZBVFQ5QVdJTTZRRzNiTGpTSFdaa3Y4TmpFSzl5TnozSjRCS3JWNkMzTkNkNWVCV1JUenUzTEpvZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 556958
content-length: 0
expires: 0

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
531 B 199ms
199ms XHR
application/json 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=8c9403df-6eda-4a0a-afb0-be7b68ca005d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

a346d68d167775c0c8e0aa54c570be004c50ac70f5e7ac414d6bb25d96c660fa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 05:49:41 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://89.184.83.166
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-XSS-Protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 332 KB
332 KB 15ms
14ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672919378&ei=8mS2Y9-OF83K1wKPo6ngCw&ip=2a03%3A1b20%3A6%3Af011%3A%3A2e&id=o-AIfZe8PIENo5_utgHSJ4l_edBPJ1YQB8XcfMdKLrjveu&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C29&mn=sn-5hnednss%2Csn-5hne6nsy&ms=au%2Crdu&mv=m&mvi=5&pl=48&initcwndbps=8102500&spc=zIddbKORrLYMHSAGlUOuzzYtjM3juLQ&vprv=1&mime=audio%2Fwebm&ns=Xi7-ggwah3Cttr7JocXDF_IK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672897516&fvip=5&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=YilX3Lka0XX9BA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAI3BfqdvvH8G6_KLkg6fuoBVr5cVJXpYvyFZrgsqX-SAAiAfTtULtFiihayDq3AaSFJrvZf4YNXfZfgqgQezyKVBcg%3D%3D&alr=yes&sig=AOq0QJ8wRQIhAM_hrchjGelycaUmARHUcc7bANlw-M2B2HGMZtVAZhKnAiA8RzBypmPG5bwNwgOhd-KnVMs5Cvp86Hncfqkq-UfCjg%3D%3D&cpn=AyMoEFbjE0Y7SbZy&cver=1.20230102.00.00&range=375835-715716&rn=6&rbuf=14713&pot=DxfhsitKL4o0F9kuV80Ap1AQILdn2yeuTiSeA5-Iy9u9b1NuC8g2VlVKmvwWtMSAtpwKLtztwolrTuCa4lHFH7KdT_57_aJiuqGifUPixOHiQ5-yPhPPI79IgIjUVYciEy5entM=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

67a857c62caa0217edc0b5aa7eccc0998a2cd75e0c77ef62ecdb687431a89913

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 05:49:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 339882
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21295
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 05:49:43 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame B941 0
23 B 48ms
47ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=AyMoEFbjE0Y7SbZy&ver=2&cmt=4.545&fmt=134&fs=0&rt=5.385&euri=https%3A%2F%2F89.184.83.166%2F&lact=5423&cl=499069944&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=34408.901&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219381%2C24255163%2C24292955%2C24390013%2C24406621%2C24415864%2C24421893%2C24439361%2C24441240&afmt=251&muted=1&docid=5SmvR9wCgf4&ei=8mS2Y9-OF83K1wKPo6ngCw&plid=AAXxfd3T2amHAVP1&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&of=_fbfDd1dKjjDm6E6gf28_Q&vm=CAQQARgCOjJBTzY4R1pIM1FYd2lUMWpoUHFHMkNUWjE1NDE1QkdFUHN5cTdaWTVka3phZ2o2Z29Ed2JUQVBta0tETHdsRTcxVTVITzEtSVQwc1FuLXJwTlBBTU5LbHBpLU0xTmhGQmRNR0ZJUGV3Y3M2eGdwUksyeVJlOUljbG5nbXRyLW1XSXNDMXNoa3VXaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtkdDNmcTFMRnFGWSjxydmdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672897778155&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:49:43 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame B941 1 MB
1 MB 15ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0cd1ba9c54876a63086e34ab513b855eb65254665d22b3b9e6913e7679df968d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 05:49:44 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345624
last-modified: Wed, 29 Sep 2021 16:39:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 05:49:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 10:51:13	Name: am-uid Value: 1f0f3930522b4c9a95d0dc9c37fbc638
89.184.83.166/	1970-01-20 17:14:16	Name: sess_id Value: df38fed055a039621e69a7f9178919fc
89.184.83.166/	1970-01-20 10:51:13	Name: _fbp Value: fb.3.1672897776557.2059705114
.yadro.ru/	1970-01-20 17:26:42	Name: FTID Value: 1ZjcJm3-8BuT1ZjcJm0016Wd
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: InIRKrHllrk
.youtube.com/	1970-01-20 13:00:49	Name: DEVICE_INFO Value: ChxOekU0TlRBME1USXpPREF4TlRJMU5UYzJPUT09EPDJ2Z0GGPDJ2Z0G
.yadro.ru/	1970-01-20 17:26:42	Name: VID Value: 15fOfv3ZsC8T1ZjcJm001Mv1
.piano.io/	1970-01-20 08:41:39	Name: __cf_bm Value: UbdDUuH4dhm55yJl9JXQHB28qV7eyoCWgIgJRZELtvI-1672897776-0-AZUKPB8bdOaYXKRaNIt7Mv2DWedHg+zI0g1Zdvs4M7PXVPA3JLCRdG53y722scIb7WP6beEYqdGk2ZLIytwyn/Q=
89.184.83.166/	1969-12-31 23:59:59	Name: Value: store.test
89.184.83.166/	1970-01-20 18:17:37	Name: _ga Value: GA1.1.222992302.1672897777
89.184.83.166/	1970-01-20 08:43:04	Name: _gid Value: GA1.1.1215432409.1672897777
89.184.83.166/	1970-01-20 08:41:37	Name: _gat_gtag_UA_5812255_8 Value: 1
89.184.83.166/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1672897777363%2C%22visitNumber%22%3A1%7D
89.184.83.166/	1970-01-20 17:27:13	Name: pnespsdk_visitor Value: z2dt874gricwyfpj
89.184.83.166/	1970-01-20 17:27:13	Name: _hjSessionUser_1232730 Value: eyJpZCI6ImNjNGU4YjNhLTRlNzktNTljNC1iNThmLTE4Njg3YmUxNGJlNiIsImNyZWF0ZWQiOjE2NzI4OTc3Nzc0MDEsImV4aXN0aW5nIjpmYWxzZX0=
89.184.83.166/	1970-01-20 08:41:39	Name: _hjFirstSeen Value: 1
89.184.83.166/	1970-01-20 08:41:37	Name: _hjIncludedInSessionSample Value: 1
89.184.83.166/	1970-01-20 08:41:39	Name: _hjSession_1232730 Value: eyJpZCI6IjczNWQ3MjlmLWM1MDktNDdhNi04NmVhLWE4YmI4OTEyYjA4YyIsImNyZWF0ZWQiOjE2NzI4OTc3Nzc0NzgsImluU2FtcGxlIjp0cnVlfQ==
89.184.83.166/	1970-01-20 08:41:37	Name: _hjIncludedInPageviewSample Value: 1
89.184.83.166/	1970-01-20 08:41:39	Name: _hjAbsoluteSessionInProgress Value: 0
89.184.83.166/	1970-01-20 08:41:37	Name: _gat Value: 1
.admixer.net/	1970-01-20 10:51:13	Name: am-uid Value: 1f0f3930522b4c9a95d0dc9c37fbc638
89.184.83.166/	1970-01-20 08:51:42	Name: am-uid Value: 1f0f3930522b4c9a95d0dc9c37fbc638
89.184.83.166/	1970-01-20 09:24:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
.creativecdn.com/	1970-01-20 17:27:13	Name: u Value: PACpQoc0Mno0E1eMXYCX
.creativecdn.com/	1970-01-20 17:27:13	Name: ts Value: 1672897777
.bidswitch.net/	1970-01-20 17:27:13	Name: tuuid Value: 261bde76-7eed-4004-ab64-4fba2e756ecc
.bidswitch.net/	1970-01-20 17:27:13	Name: c Value: 1672897778
.bidswitch.net/	1970-01-20 17:27:13	Name: tuuid_lu Value: 1672897778
.pubmatic.com/	1970-01-20 08:43:04	Name: KTPCACOOKIE Value: YES
.adnxs.com/	1970-01-20 10:51:13	Name: uuid2 Value: 4890568011179312489
.pubmatic.com/	1970-01-20 10:51:13	Name: SyncRTB3 Value: 1674086400%3A220
.pubmatic.com/	1970-01-20 17:27:13	Name: KADUSERCOOKIE Value: 8C1DF09A-3A18-40DF-9A1E-0328F29A4CC0
.gumgum.com/	1970-01-20 17:27:13	Name: cs Value: true
.gumgum.com/	1970-01-20 09:24:49	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.scoota.co/	1970-01-20 18:17:37	Name: tuuid Value: 1f6dd126-2687-4b20-b0a3-8d89bbe1ea03
.scoota.co/	1970-01-20 18:17:37	Name: c Value: 1672897778
.scoota.co/	1970-01-20 18:17:37	Name: tuuid_lu Value: 1672897778
.adnxs.com/	1970-01-20 10:51:13	Name: icu Value: ChkIgqSAARAKGAUgBSgFMPLJ2Z0GOAVABUgFEPLJ2Z0GGAQ.
.doubleclick.net/	1970-01-20 18:03:13	Name: IDE Value: AHWqTUmLGEqffDYFDFvED3CwKfqR01QmldoduFGxq2SKz43qTEJAJozl8oZXE9k663s
.pubmatic.com/	1970-01-20 08:43:04	Name: pi Value: 160846:3
.pubmatic.com/	1970-01-20 10:51:13	Name: chkChromeAb67Sec Value: 2
.criteo.com/	1970-01-20 18:03:13	Name: uid Value: 86aed127-516d-4f71-884c-bfccef717f04
89.184.83.166/	1970-01-20 18:03:13	Name: cto_bundle Value: Lu9LwF9KbTl4bVBCb3oxSDRSYlVmRmhDSlZtbHh5QlY0dUlEeWZRc3hidWVEZ2R5YnJRUlRGdGlIakg0a01IbVRNcThLMENPakhqWjclMkJQUXRBSFBnd1djN0ElMkZTU2g5Ym1lZU9QQlFuek50cHJBQkxGNHVmdkklMkJXZnk3MzJPU3BPRzc0WmtZNU9Ea1BDRnBuaiUyQnZNcFFjR3FtUSUzRCUzRA
89.184.83.166/	1970-01-20 09:24:49	Name: admixerId Value: 1f0f3930522b4c9a95d0dc9c37fbc638

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://delo.ua/delo2017/js/counters/xgemius.js/ Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js(Line 1115) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66e14b0538dc34c6cd80fc03abdaeb9f.safeframe.googlesyndication.com
a.teads.tv
accounts.google.com
adservice.google.com
adservice.google.de
adx.adform.net
api-esp-eu.piano.io
apis.google.com
bam.nr-data.net
bidder.criteo.com
cdn.adm.admixer.com
cdn.admixer.net
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
content.admixer.net
counter.yadro.ru
creativecdn.com
delo.ua
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
in.hotjar.com
inv-nets.admixer.net
jnn-pa.googleapis.com
js-agent.newrelic.com
m.trafmag.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
r.scoota.co
rr5---sn-5hnednss.googlevideo.com
script.hotjar.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
prebid-inv-eu.admixer.net
108.138.17.83
146.0.227.109
146.0.227.110
151.101.130.137
162.247.241.14
172.217.16.194
178.250.2.146
18.66.147.7
18.66.15.25
185.184.8.90
185.64.189.112
185.64.190.79
185.64.190.80
185.89.211.84
193.200.65.6
198.47.127.20
2606:4700:10::6816:34fc
2606:4700::6810:f015
2a00:1450:4001:80b::200e
2a00:1450:4001:811::200d
2a00:1450:4001:812::200e
2a00:1450:4001:813::2016
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a00:1450:400d:803::2001
2a00:1450:400d:806::2003
2a00:1450:400d:807::200a
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80d::2008
2a00:1450:400e:1b::a
2a02:2638:1::1a
2a02:2638::1c
2a02:2638::3
2a02:26f0:3500:11::215:14dc
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:e1:2801::254
2a0c:5c81:5142::2
34.248.24.189
37.157.3.20
44.195.196.224
52.16.223.13
52.209.54.253
54.93.225.243
62.149.18.58
88.212.201.198
89.184.83.166
92.123.36.4
0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25
0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98
0176d4b7efa07e00f0111aed2eba384aaffae02bd4b4b14f24e81c7816fa8847
03c0c8de96c5509603e802b8f9ac8825d0fc79b7f6a39139d10164420fa7d3d9
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
0a78cdfd041c9a17fc239c0e6babb558fba53cfaa95700b2318c8a3ac8f7e698
0b372e9ae12ab421df42a5af985323cae37ba308cdd5e6dd3312ff8b32834226
0cd1ba9c54876a63086e34ab513b855eb65254665d22b3b9e6913e7679df968d
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0d7e8ffd0347d3ec8fe14ec510b892288fadfd08038bf2fa5c8d448b8bab27bc
0e0c7a0dbd3427a6c99e5887329a0d3f4e168b30bbf1477af211a6933c453f7e
0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc
100b510c8f04622669c04d979d7d3d3f5f23a2ab506feb5a66a421c6901e8bee
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
12acdb8a2ac7ff6298b619c644f819df8166c16735d3ebaa17a57f649222f5d5
131bf96ca53ca4c2f4a7e7574c3ef7567f90a136167f98d047c1bab0d6eda2cb
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b742e99f7879210cdba49ceb11018f3c3b36b35386cf1dc3b2ef479895815da
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
1d3b5e2512f23c40d71d0c08ee189866d38c753056ec140fbc5cb1a3a8b373b7
2153512e5fa3ec1253db2a15547681b17f9134466b8faeb1ef3e793213fad97e
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2376fbd5427f7255c8e164ee17651a11a14e56901ce0500856fcf7dc51a109e5
23fe9468ed7db681d165beb2c09d8e96be781cc075abfe3af72f47ad59227eaa
2520bf797d1db8e297c339d6a9db4543245613479f02113ed89462340932a24a
25ad976d86fd6d5797433ffb7fe13ec462a8faa8553bc937a9b7d2117a88f4c8
25f411f5160d0e8b79d3e138181a95ea53fe98290e5c122188024d88321a4f5a
26f4fa38bb374ed737f85001726a9e16aa2646a6bd4ba58dab157c0d0277b0c6
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
28f05c94d67836beac03027bea2f48d141611b085e12e18088a67e3cfdeef7b3
2a8e782e190b49b16ef4e7e7a41f302d1b23d57ece3a37683d49735a8252c983
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2bf74a31f35205a47f522a290b6f01506d965aff111d588195a4ca3b54d6d81f
2c0a749efc0b4d387c753b776ade50fc9b525a6536946b25c1e00b3df9a7e1c0
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2e43fee7b80aa191c2f1821ade30cb8734c1872897c7c4f6e82e2d4c3c896796
2fa9862c6fb53980cbf8714ac896d0d9c3186448a31f26c9888bafa2c1a5e64f
2fb79490e7b334bd4aae1679ec8ca15d1e080b5231346364e8e1700ed05da262
300e6fffe3f6d8727dcd71853fed1cf0321ffa78494a9a3df7fe0b0c745f2d6d
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
326a1475047fc55e20e7b309cca2afbbaa10de6facd8acca827939a617732d44
32b70ab5fc48590df0a00789276a79331f0c3eef1ebca7b0e518d3dd63dab541
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
394dce7e4c301cef115be471e7994b635771915e34057f5c0eeff510a1e23436
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4043b430cdb3bfcb0b40d3833904230c7c2a471de20da0af50995fd1ed2168c8
411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29
436dc4c24e1dc17a12d17b352f3147392010a3f968540bc97987307a74369829
43ab97e177e8b7e7417405c76411af0cff03307b9474e65b1d8d0e7c153d4fcf
4454c11fd821ed4c84cc2b6e8b61fc9a06e7ece137add9435fde1ce2aab0d3ba
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472c294a89dcde758b37b51698a4cc2f5717b949934665dae2b5c5d6a2ac6c0d
482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0
4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ae35fcf3b6a689335c9727fea7ffed35b55e4eed72a2636fdd5374842973bb7
4bedf8e2051759eafef8a4c64805d0c66798f02feb371b67b7d310b12f81c83e
4c154f99fe5dad7a87e5b35d2af00d2be584e50a881a0d59981c2310f0dbe78c
4c26b502a3db718f3c45367c8febc04f9412cc0569298365d65e414149de385a
4c57f62a304f9d10babab4b8d3ebc274b5c3dacdedcbb5e19bc92ad6b52162a1
4d1dfcc55c9f2d5375132403cb99bd910ea4fcf156b8af1acebab05b225851de
4e32343d10b7e5336f996f4af74db7981c03b5624e357fee6533794095258a08
4f150f75e5e901aa4761c94916ec09efd6195bc67c275314ef10fb40f89bc7fd
4fac05547f67b240219ad2a04113a090141704abd68631c6ef29669ce9851d28
50ca3b701fa62f910608648250a8abbe11bf1093a13c97636e268c4d3913f9f2
51abcbf7f761a0bd7a496a721524975c973dfd86d293fbec44da8ebdd0c70f9b
53c772aefb899634ac52b857f30407ec68cd6497f8e1975911b3b85fa96d723f
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
54a60ee7cc9aaf064dae78a7c5d8a1261f6d544f903cb22c6eed904721ff4cae
5529ea89311e24bd89c75ddb0da152f0e0b6da0807d58ea026987b269bc7e59b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57c9dd73905368e6de71c6750472d111ee224d0b293d16192236a2729f51d865
57d6c59ee8f0560aec2ebb80836817460db4d262c75987b158f7b084a3e7994d
5a00c549909c3e4186f0525545b2f4754c134d57dcf89ea1d94de034dcdc4824
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e24842a4c4db1ce543132b9f0b7c9cc1ffdb2af4710ca41a0f1714b3e4b00ac
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
63105cfc405a18ce4b621c77a41da39189f82d19a63f353b329d59153bcab581
63740a3026cdd65979359869c66f5168feeeead603a5e61cdb5cc9c00d106664
67a857c62caa0217edc0b5aa7eccc0998a2cd75e0c77ef62ecdb687431a89913
67c7e0bf05da7b24d79b355de597384ba320fb3f7ae2dca0d2552e63908d22e8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68ab0cf747e56e5b3dbe02c2f80266325f7eb426d4fc3014097aa6376550d31d
69b1b7cde8c4b5102d2ee01ff980537500461e4f37daee08b7a9a685ba92f6fc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aba63345a774be90643ddd2fa76dcc3116bb2e1aa6fcb5c72b925420da4fd68
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b5a58bed7abc5256ab007e13f9d3ff04b3316c21e4ed098bd1809d766d3d73f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
707420610eb6be84755eaafa91e72ad929d4f8d1b1b69c5d1853baab4ff48349
70e7ea50d23c538692bbd47bcf1f82d46a4f532f14b2c87aab660eeb4f8485e9
728c5b013e45bce8cf574f6b7d73d212a440f4e994835127628d0d11a4a7c3ee
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
75f6556283ca06f1344dd61c23ef2f60c24cbd7d42e15083eb1a8bf05d8fae67
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
7a63df3e6b20707c620c5688caf54a5fb947510d0b47a51eccd83147a5463294
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
7e50fa341028e19ffcf2fa13fba93c388d2b38626ef1bf7b21d3be0dc2ad802d
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
803f4e4734790d28f7cf4acb917a13cb4dc8cf3207753f6eb996fd034d94463f
803fe9f27b76a391e1f762d984b1fb2a88a39082660856eb8a3f7be0a09e32ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ea1fa1b65bf233ef269b9598ba28e3f56d991f31db434988653d116e190f28
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256
8fbf0cb4fbf892c6adced48d299ad8715fffe44854652445614a69f65953a1e3
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
963eb58029e69121c912be7093ad23b8ade26a80d67ab09e87ce8bb714cba08e
973fdb9bac39a0ab7b0e9dec0f7f32f4603a5786a265f7e9e167ec4e56dda947
98321cea175076f435a7998b257eb597a12f5ffb27d4aa9415839131d78fa7c4
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9ac03107c82593778f3531a7af055b63a0e033361914a2542dd5cb4cf17d20af
9cdde54f5bb000acacaae3c958ece52fc805ebaa56ebb07aac43f20dc2c54898
9d8174798e1dc6f34bf12ecf2eef504519d71184c3810479fa647f90a8da6485
a07946f1395bf50538ccaa5358b3ce601810ea67ffd0e6444fc36ddc08cd7d60
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a2eb67441f32c175c39b1ad77f2b534571d68ab33a535bd6f81a5d1785bc9b88
a346d68d167775c0c8e0aa54c570be004c50ac70f5e7ac414d6bb25d96c660fa
a3d21d5a0d84e6a6cdca677e5541eb7345b0181b96dcb0a4b020b013c6797a21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5769bd2f91e1cb153da6a96c75d536be28d157a6d62c56ecae5c06fa0135366
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
a756a22eee9196f8b9494d9a4402f2cdc8a0b545573a1b74782e1dc25bcda62f
a79ad31ca964c992bd2c085dde8e3980c64e9447ce49d26e8a20bfa18adb5cce
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
ab28873c8e8d1c2243a8b503355f7dec5849c4c7eea5d7d8f5344444324e2c31
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
ae8466dd4772a3ee4fd5ebe687958432611c40f33a4ac8670c3709ad12ea420c
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aec5633ce61d7756cccb456c4a832d9ec8c95f1cf1965aa36873d8f258dd8baf
af16335bf6b483d1af48346fc533aaac9c13d409bcb0c0947b82ac89b577aa7e
aff3ee2aa7ce531b7a071cc01f8f4a23e7c74fb367f139a20708bdefdca5733a
b14c60ca9abf29cb24fa94e9f274d2cbdf323076a8a701d55923cdcc3fabbe9b
b17d9c5b043c2813aeeb64c3cf08b318ebab7a1894aa4a77538d2a3c7c4dde46
b19a1e5b97b156a53ef43758ebc61cc4a3ea97c49649225633f991a895e1f838
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b501e04314f4ed8fc971a52a17fc9bab9339de9b9a4f61e82c83fc721e52f371
b6a3f61cc83510d2f2e8e6104c40e759f9528c70866022640c9b7ec229118f7d
b715abc771d18877d2a463103f4079cb6a92b2c4193299ff51e3a92d4d3ef749
b8200ae953d63e0faedabd480c68facb4518654e6d3af037a08a77925012a271
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
b949bfb9d6effe9392691e10cd47da33dc78c8223699b5c6648a1dc9ebc109cc
ba2762cb9490cb7ab39632c895e7f76138e68300b42d1da8d5af681bcc30ab17
bd9d8c90d126d68422214ec080c47336499601756c5dec6a20b8fd08c0060990
bdecdf4fa55074c210b949cfb4e85db24ca0b9fd93d2f44c3056b7b5ffdda243
bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96
c01213743d506882073f6d37facbb3613ed04adc8f4d03119e7cec7cae2fcdb7
c1981fa3cfaed9f5221d75fd22e51a28023bddc837134260e85b3197e6f2e107
c42d49ff0f64cf93690bd1c1b07e7cddbb1ae86c3e3a4328c12e2932d89a08b0
c57e393f5d657a93422b59bbd2a261f438262e225ec3a8fb7dd26da598ed7584
c653c51e42bcf5133bcc59f3e19fe8680a31cceb5334e7ce9bcb41fce8941846
c6b826ddbb6bff94065dd8e003f0575db8d0fb3db18007a08f02195f3f5b9655
c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9fd93c387faf51b4dba5a4ad0a6ea830d25e6684543e09a4b6b23a6b12c207b
cab812c86d39e38d417144183925c88585ab0fbd46fd84d42f1626d9e9117440
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc90ed8bed736bf0d285780c0e7ac790b255911e11d1bb711c0e73400c13bf8d
ccc2cc65d021d9b0caf7b63114b583d0f88f030aa20993ac639606209a316d0f
cd1ffd56a4df39cf99b4c36a1ff6d2db89b2bdf43d550f695727e30f27e9fe3c
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce3fc33f1b59e6a46497652cf9b1b9c4935046702f204da30a9bc9859ff43d52
cec6ea2273f4f10c6998fd3ac30cc376fb59dada34a29e8cb68cb683538aabcd
cecf378a0bb6355c852eb2cfe5b23159f61c914f79abe7ee09422ce41fe37cbc
d16867bf82af6c40d1cee5465db20c707aec50aac2fbddbe74015c43cc79cfa3
d3bb6c505b9bc95c4a8e55608f679d0589fb9b54455e23adbdd2d5a7224ff6b7
d6343bb502438ff027bb639f6c8be7166a53cdc92dccbe4571a4c08cb4712302
d7cf91ac738220925375325477cf702a45402180d4e54a2a17cf317ef26f68b2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d89d0ffc712a2c87bf03b970c8ab04419ee42241bc52036b490494cadc26d6d9
d94f1b6f2b7eabad7de5adb186aeb0573d07a7d79e8d99b6e5fbf254011b9850
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa7d0b90d724263a545337797cdc60ed4fed5bf2b024dfc008fd7b52ef8201e
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e15cd918b097c42e691e1a5d5baaaf28f6955e8388dd202c2e87d36ba56ea9ec
e1672332b758b4ed6959d0309e08582342550f015c3f5116121d9fadfa4af96b
e1e3bb3543e3be16e086a3b447c61cf01dd160aad6b5466b93b0891fd5836a4a
e2ba64ef4c127560ce44129d8a8b60c04a038048d778e475521d9f6011847be6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
e63a3e6ae4b3be24ce1a5f354f995680c2ae3206371d12b2b31493e776f54942
e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb
e72c4becd6d86e95d8cd0cd4b17f7468a25f4b623c3c317384074d84a67a732f
ea465433c6b99a0d312908522963d739a66cc4666e3df3da888eb4b70251eac0
eb03b66c82800205ddf46bbf4a0be3967cc371743214f0f905c6e02544d2c8d0
eb55690d241b2e8e0ecc7440456d20291e51c8a98920cd45880e406f48edb0a2
ebcc03a80c0f2482958b713ef14fe9bc76a100ce4e92469607806788bdd4b826
ec4c1586b53ff9b581e654c5f390df522c6077689d46922638070c25efcde88e
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed11e5b02ae470c530cc6c5cac37df11eb257f15a1e18686f6ec74d94a11ce64
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f71c21b439255f759758a0a68128a066c06e186f8de7f2da912a9a87e70537
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f16c19ee224aa490b73837f3214532100d4c75e665bd423b7bd5f2f27d919f23
f6179a031eac9933de3ced950ec0f73fac889c2d241594d11536b52be4ba823c
f61bfaded10648532f0d9f783ccecbccd51bff2b07373dac93156c62c3089ac6
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f693c430b149d1dd86d8e293cb2b4652eceff0397b2bda6dcc086c873b6affd5
f6afe0bbdf7ee693619e704b48bb0d904e2aec99f9d1687084f48c281adb5c9f
f886ad4d62165edfc981c99b190fe5b789c3e7293ad561523bd59320c89e406c
f8e9e0f2bfdb93775d1370b2a7df4df165b460a626c9be55ba3c1d97295ab48f
f972e4acfe8115daf147547986bf67bd74830e4e1b3c43eb94300d9a327adf14
fa34aadc5bfd96f4a10d635898302472a62a115932326ff26d86d378a5ea4f36
fa60314eac1ac8b1b6a156834a67af2f674d760ad8b36348e379e627dcf62c70
fb549f61771d0a49e89d1cabb8aad1e235d7de55df6d2f18d3c40688c8eea44e
fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf
fd4fe5bc4ecdc8918f367345e22fa3a191ea0536e0faf1b73bf3c8fa4aaec96d
fd6f037fbc41fe391a7ad687f696e6fbdbb41c06200c6a44b06df350b1a28dad
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

89.184.83.166 Open in urlscan Pro 89.184.83.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

328 Requests

74 %HTTPS

54 %IPv6

35 Domains

61 Subdomains

52 IPs

13 Countries

9074 kBTransfer

18629 kBSize

45 Cookies

60 Outgoing links

Redirected requests

328 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

89.184.83.166 Open in urlscan Pro
89.184.83.166 Public Scan

Screenshot
Live screenshot

Full Image

328
Requests

74 %
HTTPS

54 %
IPv6

35
Domains

61
Subdomains

52
IPs

13
Countries

9074 kB
Transfer

18629 kB
Size

45
Cookies

328 HTTP transactions
4 data transactions