ytssub.com Open in urlscan Pro
2606:4700:3034::ac43:9656 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ytssub.com/subtitle-download/423100
Submission: On May 19 via manual (May 19th 2022, 2:02:35 am UTC) from US — Scanned from DE

Summary HTTP 161 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 31 domains to perform 161 HTTP transactions. The main IP is 2606:4700:3034::ac43:9656, located in United States and belongs to CLOUDFLARENET, US. The main domain is ytssub.com. The Cisco Umbrella rank of the primary domain is 977447.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time ytssub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700:303... 2606:4700:3034::ac43:9656	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.242.7.192 44.242.7.192	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.120.107.143 34.120.107.143	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
4	138.201.64.38 138.201.64.38	24940 (HETZNER-AS) (HETZNER-AS)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 4	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
4	46.236.35.87 46.236.35.87	12703 (PULSANT-AS) (PULSANT-AS)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.49 143.204.215.49	16509 (AMAZON-02) (AMAZON-02)
4	34.254.130.126 34.254.130.126	16509 (AMAZON-02) (AMAZON-02)
161	39

5 2606:4700:3034::ac43:9656 (United States)

ASN13335 (CLOUDFLARENET, US)

ytssub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.242.7.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-7-192.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

widgets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.247 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.240 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.64.38 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.38.64.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.157 (Reilingen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal90007.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (Valence, France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.236.35.87 (Plymouth, United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.130.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	246 KB
25	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	246 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 344	325 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 33656 hal90007.redintelligence.net — Cisco Umbrella Rank: 249423	55 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1493 m.addthis.com — Cisco Umbrella Rank: 1449 api-public.addthis.com — Cisco Umbrella Rank: 4078	218 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	208 KB
6	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
6	gstatic.com fonts.gstatic.com	134 KB
5	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 19930 api.webgains.io — Cisco Umbrella Rank: 48593	52 KB
5	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 4556 us-u.openx.net — Cisco Umbrella Rank: 399 google-bidout-d.openx.net — Cisco Umbrella Rank: 4222	917 B
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	47 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	4 KB
5	ytssub.com ytssub.com — Cisco Umbrella Rank: 977447	57 KB
4	webgains.com track.webgains.com — Cisco Umbrella Rank: 38036	8 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 393 mug.criteo.com — Cisco Umbrella Rank: 2669	8 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 44639	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	pinterest.com widgets.pinterest.com — Cisco Umbrella Rank: 6572	480 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	83 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 77703	312 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 43330	629 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	12 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 4607	8 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 5577	904 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1736	711 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 374	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	39 KB
161	31

	Domain	Requested by
24	tpc.googlesyndication.com	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net ytssub.com securepubads.g.doubleclick.net cdn.ampproject.org
16	pagead2.googlesyndication.com	ytssub.com d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
15	cdn.ampproject.org	securepubads.g.doubleclick.net
14	securepubads.g.doubleclick.net	ytssub.com securepubads.g.doubleclick.net
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
6	s0.2mdn.net	ytssub.com s0.2mdn.net d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com ytssub.com tpc.googlesyndication.com
5	cdnjs.cloudflare.com	ytssub.com
5	fonts.googleapis.com	ytssub.com securepubads.g.doubleclick.net hal90007.redintelligence.net
5	ytssub.com	ytssub.com
4	api.webgains.io	analytics.webgains.io
4	track.webgains.com	ytssub.com d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
4	hal90007.redintelligence.net	1 redirects d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com hal90007.redintelligence.net
4	hal9000.redintelligence.net	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com hal90007.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	googleads.g.doubleclick.net	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com ytssub.com
3	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	s7.addthis.com	ytssub.com s7.addthis.com
2	pv.medialead.de	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ytssub.com
2	gum.criteo.com	1 redirects static.criteo.net
2	widgets.pinterest.com	s7.addthis.com
2	www.googletagservices.com	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects ytssub.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	analytics.webgains.io	track.webgains.com
1	ad-server.eu	d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
1	pb.media01.eu	hal90007.redintelligence.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	ytssub.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	ytssub.com
161	44

This site contains links to these domains. Also see Links.

Domain
ytssub.net
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-04-16` - `2022-07-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
redintelligence.net R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-13` - `2023-06-08`	a year	crt.sh
*.webgains.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://ytssub.com/subtitle-download/423100
Frame ID: 301017C4D8423B2D2417B8FFD2F7C043
Requests: 43 HTTP requests in this frame

Frame: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B62EDCC3AC0A989D3F602AE3DCB9B9AC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B58E985F526C9DF38F73A98807D855D5
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 59E9BD712F15D45A4CEA3DDDD8B1C2F7
Requests: 1 HTTP requests in this frame

Frame: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0B51770B51713CB4C7D7FCE141824621
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYkILUyQEwAQ&v=APEucNVopVggl_Ld9sypYJ8MxBggMu-ZM4yO6CrJpkjjd713Qx8rQ1McxFY7R6RxcaN3QNVJl7V2QY4p3z92v7srO_2MEB_mC-u0RYBouq3dbQoFmbYuK70s0bTjHmtAma1locr6q1poD0qi_p7KwEXI3BoYOeTy8ov26fwgMbvHAW1ZxFfpFvjksYXfQTxGQ5vcvZye9rMMMIL0iPJmjNYpkeWeEEhWJQ
Frame ID: A5B270BF0E4C7D2ACCBA8ED98FCF7FE8
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ytssub.com
Frame ID: D6A2B039212A837E4D551B0B2130EE8A
Requests: 2 HTTP requests in this frame

Frame: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 84435F1D6EBF80DA5095D1656FF3CBFC
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html
Frame ID: 9470197CCD423325E9A58A3900A478A4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg
Frame ID: 60AA34D88FC5EB855381D59EB13995C2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B33A2193326D2F1115A964992941C08
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92888459559A89656607C91E065A38E7
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: F86418B1E3D8DCBCE015A55AE40C6852
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 3BBBD3FE414A3762C541AF64495BDB69
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: E26E12FE5200223E05EFC8B4990E7433
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs
Frame ID: 95F742607AB21849AF00A89607428D73
Requests: 17 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73751100013153904444644011964007&actionid=981741&produktid=&dt_url=
Frame ID: 2BD7572F19DB6838CB86BDDC916C0F9A
Requests: 1 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Frame ID: 09B9EF6A5E44F7F59D066276D2FA52B6
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8304CE1DE60A952EE4659C5CF7153024
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6F9086A09EFAACA57A1686554C572394
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Four Lions English subtitles dowloadFacebookTwitterPinterestAddThisFacebookTwitterPinterestAddThis

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

161
Requests

93 %
HTTPS

44 %
IPv6

31
Domains

44
Subdomains

39
IPs

6
Countries

1774 kB
Transfer

4612 kB
Size

25
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://ytssub.net/file/data/four-lions-english-1676039.zip
Title: DOWNLOAD SUBTITLE

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://oajs.openx.net/esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp&cc=1

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1

Request Chain 55

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoWlNXRgOOovxCBN0IjzHQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOSQ3nuFq2uu3kj3w1CCo6w&google_cver=1

Request Chain 57

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyOTU5MzIzMDc4NDY0NzE0Nw%3D%3D

Request Chain 73

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ytssub.com&sn=ChromeSyncframe&so=0&topUrl=ytssub.com&cw=1&lsw=1&topicsavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QpRoO3xETUxic2dRY1djVEJHd2o1dUtROWsvakFFSWgxczVXMDcxT0ZEL1NvVVFYbXFFaW5wUW9jcVFRR0tXckptaUF3UGY5ZkYxQ21OQVU3akZnNEhlci9mM3ZacEoxbnZEM1RUaG1Wb3ZzQXlZSEU3Z01zUG1TY1BmUDAzQnViUE51dER6Y3M5MXlVRkczVFpNdkp4QVMrMDNnUkcwKy9odmovdHRHWmorSkhMdWVKdmVSeDkrSTdqSFhqU0tGRkpoUjNHT1FiNkdXNDBOa3N6WDNJcDV6M1RBQkhpekZXeEpUTDhsdU5LYkZMalBDUHBHZU85c1NPaTJpLzV5TVBMNFk5aldueDAwSzIrYWk2djdBVUdPNjRPQT09fA&cppv=2

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA8g2soiSInIyityR5-qe2A&google_cver=1

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEL6CITyJwY1G_f9DuWnWAH4&google_cver=1

Request Chain 107

https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 140

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=73751100013153904444644011964007&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73751100013153904444644011964007&actionid=981741&produktid=&dt_url=

Request Chain 144

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=73751100013153904444644011964007 HTTP 302
https://ad-server.eu/wm/pb/native.png

161 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 423100 Show response
ytssub.com/subtitle-download/ 12 KB
4 KB 192ms
134ms Document
text/html 2606:4700:3034::ac43:9656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ytssub.com/subtitle-download/423100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 7056ed2b35c9d6a13f5b65cbce0f28e96fdac5e9eb49f31faba9d62ce7c8c9ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 70d940271de39b6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:02:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0GkcxvVeq1k%2FfRzpcQAO0sHGVv2VDwYd3NGUbM6pfIOc42aU2LhUnvkPMSXcDHeBx%2BHwoRa5pim5%2FalWHXX8l2%2Fd3JgrGZiqYEjooMv%2BZcEqrJ5aARf%2BiA%2B6TbBqwGO6Tcy0qqIF96C"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 79ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,800italic,800

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed641ce65f6faa41d79b74a28d64a47f665aba41010deb5dfddb19790abc84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 00:12:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:02:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:02:28 GMT

GET
H2 200 app.min.css
ytssub.com/frontend/css/ 155 KB
26 KB 61ms
61ms Stylesheet
text/css 2606:4700:3034::ac43:9656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ytssub.com/frontend/css/app.min.css?ver=18
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28892d03c60b4c046ba53410f788d2c082d8f23063643189a09b54c69af45db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/subtitle-download/423100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Feb 2020 09:13:18 GMT
server: cloudflare
etag: W/"5e3d2a2e-26c1b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MAPwN1DKTeLp4JSzQxCBJvaUZbNct1TD99KEVAgPM5PSwbMumaDcy%2FPBsYV7kPM4LVOoEKqO52j4Ly6g8IjH4AL5SNwNFyO2flmfWw8EbAX4gvokbHE8orB%2B3U%2B%2BvrxyUiNoIpNzeew"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d940281ecd9b6e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152048891-1

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3112294a67cbad63e064f6112bf8b4e4c31e8a4300fb70ea7e2cb4a687f80ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39172
x-xss-protection: 0
last-modified: Thu, 19 May 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 May 2022 02:02:28 GMT

GET
H3 200 logo.png
ytssub.com/images/ 7 KB
7 KB 45ms
44ms Image
image/png 2606:4700:3034::ac43:9656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ytssub.com/images/logo.png
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8a9b87bb44ec77b0df5b351771b1ae60051d8a4f91abd4f4b36d20aa68fb68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/subtitle-download/423100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Jan 2020 03:04:16 GMT
server: cloudflare
etag: "5e1546b0-1b65"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkpQNl51d4z4zQ2Mp3tiajrZTku5GX%2FRrmpyQFbF0kjqitTyBSIVEKmr9KQqFWVGAOK4bedyrYqDvU%2BR4vWEUaiXFVLgxQgoPdygndp1ES5M%2FXgpZ%2BTJeH%2BzXtAff8eS9pwN3QfIZH6B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70d940289f309b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7013

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 103ms
41ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

849bf84d3b5bf1b4f3be082d7f47134ab3051fc70f6a756823969f10640e89f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28367
x-xss-protection: 0
server: sffe
etag: "1219 / 44 of 1000 / last-modified: 1652911556"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 19 May 2022 02:02:28 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/ 82 KB
27 KB 68ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1216418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-1499c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqlwg2E%2BgEayMhTYddVivmSK5nfeW%2FjNL8mMLSeSgAhxw7LDDcokhoYAOq1pTgfdXSgVIhpq4W615dNH%2F6UCUcqeYCvSap1YDulWRj5LA3V%2FHEX9A062WhyDBPeTn4s%2F11R4ymfWcaoIEi8%2BuLD5wtaT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d94028bc8391ea-FRA
expires: Tue, 09 May 2023 02:02:28 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/ 35 KB
9 KB 53ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2437154
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8441
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04010-8c6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Ewrd4Q1i7%2BSU%2BBBCxLDEZhohoM7e4R7wmv%2BSym2HbeSf1DbvoDeffkPFsCCfYzZk8%2BbKVnCBnCAb4dKUkOIV3%2FeSgixqmrAVQkn7LNhZlBvBF52FBxUZ3le147XXDY2NPJhwvB4GTH0G9H1SqJlLCE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d94028bc8891ea-FRA
expires: Tue, 09 May 2023 02:02:28 GMT

GET
H3 200 typeahead.jquery.js Show response
ytssub.com/frontend/js/ 62 KB
13 KB 62ms
62ms Script
application/javascript 2606:4700:3034::ac43:9656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ytssub.com/frontend/js/typeahead.jquery.js?ver=18
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3643c4ebcb19a6b5ccb667ed329cbdbb20072fc76bedcc567da15258f420f8f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/subtitle-download/423100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Jan 2020 03:04:16 GMT
server: cloudflare
etag: W/"5e1546b0-f6b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iu3vdULy%2BFUu5DGLvvjqxBM1w1S6BvFxbnpmczlTmoVsdM2V%2Bt%2Bl%2Fd3x9cjU%2FkaNLWFtRZNEZaqfg0%2BCYg%2BKYv%2BJRQSfegeCCOHbyW2cqXOeZHFaDTBqnCKUGgG%2F1EdGiwysJznirD01"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70d940289f2d9b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/ 42 KB
10 KB 54ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/owl.carousel.min.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2bed74f256f5e731f2b2bb66cebc43963153aa0720808f163497aea15c69d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8068456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9751
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-a6fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=muspL0f87XdVKCiLx6OEUhFAT57VPCxBJd5wPJx7YOmKGxq3EiCFxyFd9IWUnPoRCyOEp9dlfYSDaoBOYd1htB%2F4dC1RsNiNxzUFsADuN2sk%2B2nr7XYolxM4TsSR3jDGxrw4TYLdZjycyN02WkgGYUWj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d94028bc8591ea-FRA
expires: Tue, 09 May 2023 02:02:28 GMT

GET
H2 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/assets/ 3 KB
1 KB 54ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/assets/owl.carousel.min.css

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a365a7e32ce97af977d8af302287db4e9e66b9c8a5b1a61f2128c61b5645cf12

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9821798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 754
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-bcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfJ5tt9ERBMT6rJH9ZQhUTz3VYrDLRf%2B5ipcbHXo8P5A7D00EBAkK9gDDMuDS7zmac9R%2BhqrkGaKdj%2BJ5qPjt5gm1Xj50vnyG1JEyvMQsKXSo1w3gBjuH6JyEZXUCGl4o14gsoBV8dWD9HqkkKej8DiI"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d94028bc8691ea-FRA
expires: Tue, 09 May 2023 02:02:28 GMT

GET
H2 200 owl.theme.default.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/assets/ 1003 B
696 B 53ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.1.5/assets/owl.theme.default.min.css

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

277b166c3c59f12e659bdf64d131dc21a35b32f658b79f4ba134d00d76960e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9821798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 332
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-3eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQM%2F3EhaLYuBoX3wHyz0aky695HC5wjVskSEIrzIVD%2BikMhDLspLf2de%2B%2B08qHKjmApFX3P3wQWEBFvJlHPcByb4g%2FJzY9v43g8dzjxv2K80KZfxgv%2B%2FgRVmY7hXJH2AMAH8rU8rzFugNbL1ngPxbFnS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70d94028bc8791ea-FRA
expires: Tue, 09 May 2023 02:02:28 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 499ms
23ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Thu, 19 May 2022 02:02:29 GMT
x-host: s7.addthis.com
content-length: 116421

GET
H3 404 bg-blue-main.png
ytssub.com/images/misc/ 7 KB
7 KB 197ms
197ms Image
text/html 2606:4700:3034::ac43:9656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ytssub.com/images/misc/bg-blue-main.png
Requested by: Host: ytssub.com
URL: https://ytssub.com/frontend/css/app.min.css?ver=18
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.33
Resource Hash: 44a6b0f9ff9be0aa5f27179086b505fa3d6bdea8a98b8199ce3e450aad7870db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/frontend/css/app.min.css?ver=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.33
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aeG2IibO2JwOSjgUCoNDxp4PO7C27reSnnm%2FJVmQnEoUmHDyrwnDMiqWFHx2VZplDfXmZ4AXgfJrywmYk6iDpQI7g7AKEwZZVCnccVxeBJlY%2BZJV9b4x283gMutMzo9Fygu%2BnQSaD93q"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 70d940289f339b63-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 74ms
22ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,800italic,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 23:32:09 GMT
x-content-type-options: nosniff
age: 181819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 23:32:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 73ms
21ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152048891-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6200
date: Thu, 19 May 2022 00:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 19 May 2022 02:19:08 GMT

GET
H3 200 pubads_impl_2022051201.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 61ms
19ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25576
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127621
x-xss-protection: 0
last-modified: Thu, 12 May 2022 08:35:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 18 May 2023 18:56:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
92 B 71ms
29ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ytssub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a8bd9840fc1278d1e6bc8d8e7447a58037f808b55f435c556798f3db7357be84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Thu, 19 May 2022 02:02:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 68ms
27ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=585463284&t=pageview&_s=1&dl=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&ul=en-us&de=UTF-8&dt=Four%20Lions%20English%20subtitles%20dowload&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=146175645&gjid=87774047&cid=1016148110.1652925749&tid=UA-152048891-1&_gid=1680989576.1652925749&_r=1&gtm=2ou5b0&z=1272941180

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ytssub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ytssub.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 101ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ytssub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 77ms
29ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ytssub.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
12 KB 912ms
912ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1151118136475979&correlator=1678512037096792&eid=31060545%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=162717810%2CAdPlus%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=1&adks=2769095154&sfv=1-0-38&ecs=20220519&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1652925748839&lmt=1652925748&dlt=1652925748465&idt=342&biw=1600&bih=1200&adxs=145&adys=106&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&frm=20&vis=1&scr_x=0&scr_y=0&psz=312x0&msz=312x0&fws=0&ohw=0&ga_vid=1016148110.1652925749&ga_sid=1652925749&ga_hid=585463284&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

f68ae1134eee76eaf108643cc934f0ee5d54b85f07bf646197e34f3d5e277874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12541
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytssub.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 656ms
655ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1151118136475979&correlator=1678512037096792&eid=31060545%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=3552733747&sfv=1-0-38&ecs=20220519&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1652925748847&lmt=1652925748&dlt=1652925748465&idt=342&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1016148110.1652925749&ga_sid=1652925749&ga_hid=585463284&ga_fc=true&btvi=-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

9d15e8ec7d41303c5d94c3e0afac4baf60e30a210dd1e22c30094a2d41e3c23f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9064
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytssub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
35 KB 458ms
457ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1151118136475979&correlator=1678512037096792&eid=31060545%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=162717810%2CAdPlus%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=3&adks=2683569567&sfv=1-0-38&ecs=20220519&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1652925748849&lmt=1652925748&dlt=1652925748465&idt=342&biw=1600&bih=1200&adxs=1058&adys=106&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&frm=20&vis=1&scr_x=0&scr_y=0&psz=426x0&msz=426x0&fws=0&ohw=0&ga_vid=1016148110.1652925749&ga_sid=1652925749&ga_hid=585463284&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

8ac610caf44e65485454faa10ce0e688d99f5f605cec1caddfdfb4ef07664112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35774
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytssub.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 1397ms
1396ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1151118136475979&correlator=1678512037096792&eid=31060545%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&adks=2586217363&sfv=1-0-38&ecs=20220519&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1652925748852&lmt=1652925748&dlt=1652925748465&idt=342&biw=1600&bih=1200&adxs=488&adys=286&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&frm=20&vis=1&scr_x=0&scr_y=0&psz=540x0&msz=540x0&fws=0&ohw=0&ga_vid=1016148110.1652925749&ga_sid=1652925749&ga_hid=585463284&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0ad07687471649fc2cf910bcd4f37248bb6220f54570c5b617ea2023cfe349f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11882
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytssub.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 1151ms
1151ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1151118136475979&correlator=1678512037096792&eid=31060545%2C31064019&output=ldjh&gdfp_req=1&vrg=2022051201&ptt=17&impl=fif&iu_parts=162717810%2CAdPlus%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&adks=1019508751&sfv=1-0-38&ecs=20220519&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1652925748854&lmt=1652925748&dlt=1652925748465&idt=342&biw=1600&bih=1200&adxs=488&adys=510&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&frm=20&vis=1&scr_x=0&scr_y=0&psz=540x0&msz=540x0&fws=0&ohw=0&ga_vid=1016148110.1652925749&ga_sid=1652925749&ga_hid=585463284&ga_fc=true&btvi=0&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c994d02092af0c3ef07eaf2a098bfc748a3a214e39db2f6d646d4b2997226f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11803
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ytssub.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B62E 6 KB
4 KB 111ms
28ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:28 GMT
expires: Fri, 19 May 2023 02:02:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 71ms
20ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=48592
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5de21fef8164636a/ 1 KB
711 B 206ms
198ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5de21fef8164636a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 79dbc00f9ae9cb4014517a12ead67f018cb4d7b77f0bffe01610528aecb1b8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
etag: -952978125--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=54, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 535

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 171ms
155ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6285a535e63d0e78&bkl=0&bl=1&pdt=214&sid=6285a535e63d0e78&pub=ra-5de21fef8164636a&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=ytssub.com&fp=subtitle-download%2F423100&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1652925749165&jsl=1&uvs=6285a5357fb7c772000&skipb=1&callback=addthis.cbs.jsonp__89764267619599460
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e3a848e094f7a78c726bd285cce7b6513533259676d3aad8630ff6bad5822df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B58E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 59E9 71 KB
26 KB 30ms
30ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Thu, 19 May 2022 02:02:29 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 574ms
190ms Script
application/javascript 44.242.7.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.242.7.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-242-7-192.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
cache-control: public, max-age=86400
last-modified: Sun, 24 Apr 2022 08:15:44 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 68ms
20ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 15 May 2022 11:20:59 GMT
content-encoding: gzip
age: 312090
x-guploader-uploadid: ADPycdtxsAJzpm-hSthu87bqhOkXQNNlTkGKLKMUcnBDlyGlfrrAhZIldrXZyUEt0U_-WndyUH2Fe4q_PUypmJxNzYE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Mon, 15 May 2023 11:20:59 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 103ms
34ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:01 GMT
server: nginx
etag: W/"6271101d-8ed3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 20 May 2022 02:02:29 GMT

GET
H3 200 container.html Show response
d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0B51 6 KB
3 KB 68ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:28 GMT
expires: Fri, 19 May 2023 02:02:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 34ms
34ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Thu, 19 May 2022 02:02:29 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp&cc=1

85 B
103 B

152ms
128ms

Fetch
application/json

34.120.107.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp&cc=1
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 5b8282e83f576ae9f1a82b6324c558571444a0fa196bd3337a5d219c0e503f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
via: 1.1 google
etag: W/"55-r4DbYeKSZQVDPaiYdnBsyUCKOb8"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ytssub.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 19 May 2022 02:02:29 GMT
via: 1.1 google
access-control-allow-origin: https://ytssub.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A5B2 624 B
976 B 84ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYkILUyQEwAQ&v=APEucNVopVggl_Ld9sypYJ8MxBggMu-ZM4yO6CrJpkjjd713Qx8rQ1McxFY7R6RxcaN3QNVJl7V2QY4p3z92v7srO_2MEB_mC-u0RYBouq3dbQoFmbYuK70s0bTjHmtAma1locr6q1poD0qi_p7KwEXI3BoYOeTy8ov26fwgMbvHAW1ZxFfpFvjksYXfQTxGQ5vcvZye9rMMMIL0iPJmjNYpkeWeEEhWJQ

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:29 GMT
expires: Thu, 19 May 2022 02:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0B51 106 KB
38 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Origin: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 May 2022 11:48:32 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220516/r20110914/elements/html/ Frame 0B51 6 KB
3 KB 75ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220516/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 22:07:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:07:56 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220516/r20110914/ Frame 0B51 21 KB
9 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220516/r20110914/abg_lite_fy2019.js

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 23:55:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7647
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8629
x-xss-protection: 0
server: cafe
etag: 5929215855369850247
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:55:02 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B51 42 B
173 B 101ms
55ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AsThWN8FIUqfUpnYyq2ri6bqTBxoXhICmXuOgfG24OIPIsewyvcKdsDqfw89qHHbuql1WIQD3Td5uEPkF-qTLRHNQ6loPQbHOKi_4WgMW0cb5VuQY

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 0B51 3 KB
1 KB 76ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:41:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B51 135 KB
42 KB 85ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:02:29 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 0B51 16 KB
7 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:43:51 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0B51 0
0 82ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXxyH-tafHbHdZK6vjS3WbohMgpr5XoT9jfvLPuowMOa7tcJ-IghhJVTk5bWB-GRFJvjLeT0MVfyQXo4NZ3HUT18Iutw
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
264 B 184ms
169ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://ytssub.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://ytssub.com/subtitle-download/423100
last-modified: Thu, 19 May 2022 02:00:00 GMT
server: nginx/1.15.8
date: Thu, 19 May 2022 02:02:29 GMT
content-type: application/json
access-control-allow-origin: https://ytssub.com
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 90 B
164 B 269ms
213ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&callback=window._ate.cbs.rcb_hrn50

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e4046316198c138a9f256711ef96fe2a5e55701a5ce5d73af4fa5db41cfa57ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 102
accept-ranges: none
x-pinterest-rid: 4888040652563908
expires: Thu, 19 May 2022 02:17:29 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
295 B 200ms
185ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&callback=_ate.cbs.rcb_f27b0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

d990339d29ae16678c71d24356bc338142a54d6ddad1091773aaed49c8eaa1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ytssub.com/subtitle-download/423100
last-modified: Thu, 19 May 2022 02:02:29 GMT
server: nginx/1.15.8
date: Thu, 19 May 2022 02:02:29 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
H2 200 count.json Show response
widgets.pinterest.com/v1/urls/ 89 B
316 B 172ms
116ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.pinterest.com/v1/urls/count.json?url=http%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&callback=window._ate.cbs.rcb_b5xa0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cbe83b387d5c248b1f2152de44ca8043857ebe6ce8f15902b7bd1b86c0362bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
vary: accept-encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=887
x-envoy-upstream-service-time: 5
accept-ranges: none
x-pinterest-rid: 4112736858193221
expires: Thu, 19 May 2022 02:17:29 GMT

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 33 B
295 B 213ms
200ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fytssub.com%2Fsubtitle-download%2F423100&callback=_ate.cbs.rcb_fzbw0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

1e6c9fc2a4332fdc7993b65f9c4c1a96752d42afa1e68c0c7e170b167aa4fe76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: ytssub.com/subtitle-download/423100
last-modified: Thu, 19 May 2022 02:02:29 GMT
server: nginx/1.15.8
date: Thu, 19 May 2022 02:02:29 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 53

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D6A2 14 KB
6 KB 147ms
50ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ytssub.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6039
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:29 GMT
server-processing-duration-in-ticks: 2499
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0B51 41 KB
15 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1

43 B
1014 B

29ms
28ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYkILUyQEwAQ&v=APEucNVopVggl_Ld9sypYJ8MxBggMu-ZM4yO6CrJpkjjd713Qx8rQ1McxFY7R6RxcaN3QNVJl7V2QY4p3z92v7srO_2MEB_mC-u0RYBouq3dbQoFmbYuK70s0bTjHmtAma1locr6q1poD0qi_p7KwEXI3BoYOeTy8ov26fwgMbvHAW1ZxFfpFvjksYXfQTxGQ5vcvZye9rMMMIL0iPJmjNYpkeWeEEhWJQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 May 2022 02:02:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A5B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoWlNXRgOOovxCBN0IjzHQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1

43 B
894 B

27ms
27ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYkILUyQEwAQ&v=APEucNVopVggl_Ld9sypYJ8MxBggMu-ZM4yO6CrJpkjjd713Qx8rQ1McxFY7R6RxcaN3QNVJl7V2QY4p3z92v7srO_2MEB_mC-u0RYBouq3dbQoFmbYuK70s0bTjHmtAma1locr6q1poD0qi_p7KwEXI3BoYOeTy8ov26fwgMbvHAW1ZxFfpFvjksYXfQTxGQ5vcvZye9rMMMIL0iPJmjNYpkeWeEEhWJQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:29 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 19 May 2022 02:02:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM0fMKamrGDa2jPokboc2tc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame A5B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOSQ3nuFq2uu3kj3w1CCo6w&google_cver=1

43 B
1018 B

75ms
29ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOSQ3nuFq2uu3kj3w1CCo6w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COed9gIQ_eHmjwIYkILUyQEwAQ&v=APEucNVopVggl_Ld9sypYJ8MxBggMu-ZM4yO6CrJpkjjd713Qx8rQ1McxFY7R6RxcaN3QNVJl7V2QY4p3z92v7srO_2MEB_mC-u0RYBouq3dbQoFmbYuK70s0bTjHmtAma1locr6q1poD0qi_p7KwEXI3BoYOeTy8ov26fwgMbvHAW1ZxFfpFvjksYXfQTxGQ5vcvZye9rMMMIL0iPJmjNYpkeWeEEhWJQ

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:29 GMT
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 042acea3-4979-44db-b208-7dc01551a6c6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOSQ3nuFq2uu3kj3w1CCo6w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A5B2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyOTU5MzIzMDc4NDY0NzE0Nw%3D%3D

170 B
188 B

70ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyOTU5MzIzMDc4NDY0NzE0Nw%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:29 GMT
X-Proxy-Origin: 217.114.218.29; 217.114.218.29; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee8a4af3-c8a8-48e1-92c4-41f8d6194e5f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQyOTU5MzIzMDc4NDY0NzE0Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8443 6 KB
3 KB 23ms
23ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:28 GMT
expires: Fri, 19 May 2023 02:02:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10061888859026381267/ Frame 9470 7 KB
2 KB 63ms
21ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10061888859026381267/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f97b10a726f3dee8838075065cbb5830bdc589f2c364e3582e1822c7b4f69286

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 574387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2422
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 12 May 2022 10:29:22 GMT
expires: Fri, 12 May 2023 10:29:22 GMT
last-modified: Thu, 05 May 2022 07:04:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B51 0
622 B 175ms
102ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKjy0-QRzlm_TUJ_FsbRzH9W4NeBymwfEdWoxmNlPrJYElOMTb4uwTzGYSXDR-1ImgVQgyF9vZ47WvcyWvXsB02bu9EJvoWW6G_Oi4a2lxCBQS2wm_tfrups2r7gp6E4ac1OC8djhQzOB84_wyArXzHNBLRlYAbDKwS_9JOzZYegetnGXKIa21Y_2LALC4a6uI-U7TLfZThW6E8ZtJFuxgGejh8hZ5yZBMmluRL6amkJ9JeNq8WDO1DLIboRdKn4clI-cLw_4rrL9kcDOpD5V_wskfsBR9_gO1Kx_FUOk0k-WjfakPQFGJ7ztMkCh_dyvMg0Dh8V-yxMwY5rfJmVo5Ri00bn1aREpFcg6QLf3Gw4E-URQ24eCEIi9qP4KqfIX3fBQPvpe6cqht0p-evA0jpXxERHbYsrSzn1nhfW7CrHMmkkffat03DZe2TBRaUnb3RPWNYjP73-i1N8kWfKgXQmeReOUN720AtnRDE9ZkQMhDrQoB2WfarfuPXeMG8Lv6rTdmRvXze6B8mIKCmaRAynBdMpIi0GM_NROuOc1wArpBJbHU7-MKDTX3Jizb5mhIND5IUuG19zPkhCcnQ08gKRjYpglyQd2nBXoN1ReQ_eIe_Q0Vc6rlzgboUh1iOFFtEjm74p45ckeOXgku2nMPKBfj0u5PfAliTMGUj_L2ULBEi7fEknVcQC5fsVI3IZBg7_YOul-ifyX9bwYMIjRN_WwmdceXW9kssT_lO3ql7h56kl2dJ2IqdArLvCkPSLYdEhSsCSTFL3aIlX193XgkhYTVAwhYRveKHlnTuBAm1w_A1AcSGUHGT5jsFGSQe5wEPIiyZnw86bNA4qARWwkIqxc8qSLmpWAelcOiX7K9Q18s_ydZ6TsXZnVSXNJ19pdux4y3rNu1Kd3eHsKvT-EFUrpxk-crAfcbfBlkKQ3ZL4GmQ94g2kSyfTKODbzD6HUTr9QlLaZwKfwYQsA55GFrwY5v2Rv1tdvBTnXqNv1N1NMUhZYUROcrhGXKIHqntCloX_k_TQpVa0KoP4JKf-AB6aKqGvsCUf9roaJI20BJrFJ7aH_b_JLuJIkLeGgOFxukfc2Wl-yZ6Dw4Cuu0eU2sLn8O0wn0MVPitA&sai=AMfl-YTLeT0tRDnCIAQVHfuGG9NEEyNu1rjqXoi83rj5Gns5mFoUgKGCMKP1CuC3ARRILnQ5tm6oFVOzSF5v6RfImFRqCPP4rfgZEu1NaDvmpV_CcDE7lkUMyMh7uoz46IGg9KBCv2CRlsQhzxh80PM_jSjAJ3iR-7yt884eTd6ZX_y39lELY2LnoXsaBYM8KBBysR7d_BnhTiI7oOA1YhT5BrpKH8sqd_EcK8kaY52JYFAVIJsW4Uxe_Ws3ehTYwRDI-KkxAjzdCCrhx3_s32Flx_jbcwWy9UQQzKf5q5BF8pHvctyaatrumlqroXWYJVrSVo1cJ5JoCAEd7mvfXXcRtDhPcErp9JqVcZEsI1aTyOyVNAOqvfEnTa6c57c3NiyJ0CGTRMEACs9FIO-k44CVcg&sig=Cg0ArKJSzI2OdtQEB1u1EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=107&cbvp=1&cstd=105&cisv=r20220516.13291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 19 May 2022 02:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 0B51 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01daf3b8698d015cc383c44a03ec26471a5cf8f383cc2d9ff11f075eabab9dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 60AA 640 B
318 B 77ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:29 GMT
expires: Thu, 19 May 2022 02:02:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8443 14 KB
10 KB 96ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmXQ8rGUonOka3CC8L3j0gjAPpCjzC7R6mnb58s52F-DeT0XJek3OQlIX481byMqYshR7CsycmxJkpJCLNj791rHSKze1KRAAMIK4CAXzhRB-aoY9dptg-DEcDNNH4oXcZhwCr8W-XZJsla-JP_ZLYK6wnmQ&cry=1&dbm_d=AKAmf-BxnZolawrwElV_Ob-arc8b-A_ihSfTh1fd4lnxOaxX4OY6Ii-yw3i0ydGEVtyYTetK7jZDCeXUuI3k4b-eXPdQ22mWMBliL1mr7RAnX1CJdZxMFasJrm5y3IQHh9HacKEbOK4xyx-HGPZwVXvOnPypl6Jl1QMB3eTC69EQ74CZ7RyHKE1TLTYSMllf9X2pjv4rfMYweNEuIe-Ld664_R628LTTR_6jQ7OY4S5suRW795C_-5qSsUx5zitQXLq4rqHrLgg59uXRCRMOVO5jyUJvoShDDbDRtfzniVKEK6VEJUGLzIOKZPV0_oGlckVssmS3_lTFnWVfnL2vSoPkGZaZipUJfa-ILAmr8Z0gA0aaV7smS3ZRfF2UUrh5LKOqYUQ8lceZTZASQlIBbDLVVh-5T8WpRvjQoelRoxm9BsrudtWWw8ZJo9eXiGrXJRs62fp0mrZMIGLFCJSQKiW1gntBxVeTlqExx6LqKOgzY8pICc4j5_izzQaiqIWsgjfVlkgsaYEdvLVD3W1B813KRDZodu7PQsV4MeGUAHKwTMAVT9rHBfgqxlrGGVIvzId67OppBozkXXOCEcTWpCCfHLwmIcJLTXgNHktLR7eDkRrL-jaAvICrLVL_SP4E_Y0oyUEZZ0VC6mweei1UFGSBS1RhudbjEWbeGs8ozPZQiNWhxS9RNQYgl8MYZzHyoTJ4FurgfPDlCxZk8f6gv0C2-gY8NM1jFfrfH4AWPH1Qb8hWAaymYNcs5FYm3lpYQEplsYxpDj5iVgfuemzFIEfWBuwjB6wRXA0xr37mDZ1fYvEsyKraygnNoQd2snL1CWBzZaizzDjuejPnbHNoaBQiCgllw6xMj6Hiy8LRwKxG_UPE622ShBeSQcPL_T6mlaJeZ5En8HmAA2RHNXnuxjNBWeP8VK6v1dtUa4JCXEjDwmCTihBkuY9tHR6uIP2LPN0_HK421zH65Nx8pTmYIYuvoCKPIlqfa_RMZjeYIQs-8m-f3_66ufTnGF92un3bNT32i0lsYZhtBVgJ-DIF9K4s4T_lN24YKzzhroXxB-ddupyhoPnFyJJCLXviVhgDvh9rgnBIjMhcAQ90NvD7qYKOuFE5T98-WSethfUuYnIf7ZjGwBPmV-ZLlM5XgRvG2E0sApFLud8k3dcTXajfT-IYydF3T5xscWGhDEIHvLbzt78GmGFQK5_nII8haGpsN8Tx0zWd1yd0SKKnR0IuJ1DS43hKnDFgWfxYAr7v0R6t1pDJoUx91tnKrwmjjPqF9A0Rj1S5171LpaqDZzAMd4feNmRFKdkMEaXFGGksYYc2OB12XhOpyRy8FGk19rPac2tSjve0cpmLHqaveEzwAOnwZxdKTsAGad48wHQveO-BNg6Te5YUxND6PV-j6SFS4VCfkKQA_LMp5ygI2ZNzLUB0RamyX6j8oRI6qnQCTHWBHE1zOtoPJ0lnCzXQiJyvnAUbiC5oXLTCRrpfCD65mINqHEjB6xd9AdpphCSVZVMZy1d0OOwH_5UISNpNegfVKT99CJQt6qfTs8tes3Li2UadGczkKQJDblJI75L7tzQAIq-bPas-DWU3jERJwadXeqSzB94A2yKxzjUy6s9rMw93OhQOkanRR_AKpnARjAND9rVh67ABENopgmSiqrBqux3MVZJIGdnY0sQLt31Aal-mrfNJuLCnvjsHB44xV8hbDeFwvkQo6YMMqbxrYsbFo50kKBe7CpnxqwujIcN735OZwtkhqlGoXz1DE2aMLl3Ip6qwDBOTjanLEMgzUKKFwRERgEAbZ1CvgxAzr0QvW6m0voV_CpsNnU7o6eeXYlwEkhfHHggpFD40hBiOmKFGmSE_VbYrzmepHPioVgNsHl-lNVK4ZJiH-g7Ffhz3Hiqpd1WWUmWoIQpAbVOzeUEJvjppK00OzoET70u83NxQEcLbUF_MFQ7VSaqCfAu4gkbK196M0mBbOKqv-h-ZSe58uDTkUA8aC3ir3SLa-7J7fHmF6PVcBtJr2i4EaG9RM9qQRy3oZE6hzj3MeB9SeEkpIBgFff0oq50y-luD7I6cxU-YOBvEw74theH269WGRMxhKGQ0beq54fvglPyMAiPxKnRYrBorfFrGxdK9IXFjtxj3nLFtBNG0xNRuqu787j-5QM2lvbsX23X9Dc2VfPmRZV5ah6mshP7tZt0kOkcbO9500d-4S2BiKu9YK4ElEw348HbEiUpsKxIOoV-shomrT-4qFbXNTrN6qARDe5UkhKQARjzZiPrfGgZAIBUu8ykx3dr-uiQj7rUvlBGgY7uxsCW7Op9fw4WHt3AX7m-2ohiPNfWVD4Bldgy2ViaXsaOAZZVOPIhYMKB5BURP0kUS-7wObdYnhZmuU8uPp-B1WNL-oQgkvvhqBn18lCAlYZ9mYgtMjzCsMCDTTOG_KOzw0XhJ_h-QTKq5nZ_faxWsZbU3YjE7MPcOP7S3mP4J7dpzfuNOAqJtMBZBb021MmWtZLgIDEgr1-7ec3PUABTLZv8hhd4j_AohrrQuA95dMF5x5NlKY29-Tc8Kr0lAWSpUXqmYdpFZBmNT4WlQnGGZC9Z1wLCISuMlJGdcRpb-7kbGiq7qExhSD_BWJzDzDQOz09_6puAbcOm1l9WZoQhNGZjDjeAzyRTMGSiecSqGm7bRJ_9q78HJ4g3jVSPKICtEfNYk_FONHVNeGTSs4VPtxroGs0bletg5grFLzaqt7zi-ylDGtweJ3EDILa32xilI_l3wAwBFM300VH8b2KkrUJuf4MfGaY7R4JiQRS8ZjxAqAkUdXz1XQveIxY2lAsPeVl5YxxASWP24u7QenI4IEDjJrbSGT5bVOa0woFe5ucsQTBnZYuW2U8KcM76pZ7Xx6M4OkoiZ0U-qTthdQx3-XPThT1W5g9zdEgrJYMrS7-PW9h7F4wR1DM95ZAxB3I7iEsjZbAcnTyvKGF-IOMBAF4f5dL0VfGvxQvuhWU5sejpxK2WzwVri5WBGbd5kNfpvrtdTwLi9_QQir3ep51CsNZKm0_LGo-zaQLYLAfpGV2qBLdYSRih8eO6NiRcJ9D3EflRSDoM57xEkPzuQL88HUzGk_hLrx7ePuwxotLUBQPR2I4nbkCOdxr0K-0oCiP0gFg5BxZPgsTvUlNh0dBPFT17Ujv2AIm31NE-tE8qVz03xgla8vBOWXBVr6C8n2ZhHGgYPXeFDcpnnrKq83yNY2MN213yXTQ6gDHtEPZnmF-Xp6ALZqGsqHySBrVWHp4PsyaCbp_8uIHyb&cid=CAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw&rfl=1%2Chttps%253A%252F%252Fytssub.com%252F%240

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce5a4f82a3d0819a3d0c46a6945830605abf591b26a8e24751175651abdbdbc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10658
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8443 42 B
63 B 94ms
53ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBV7EIxILG6NUJPmM2Qs3a8Ub_ZaQIVnlllvj-1i95Sunq05_75vkFHpqb27KHmNVBRKSVYz9YPo9kyv4uS6XmwhaDAEMPyq6IgPIHLdng9-QbkeY

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8443 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/window_focus_fy2019.js

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:41:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8443 135 KB
41 KB 74ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42375
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652873336749811"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:02:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/ Frame 8443 16 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220516/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 01:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7048
x-xss-protection: 0
server: cafe
etag: 17289513661582941094
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Jun 2022 01:43:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8443 0
0 76ms
30ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRfDfkHs0Wwb0K0S_02ri2jQ1lJnw61cRYEfgtNY1ZjS4OiTFkJ22PD6tCDQWVuILOaGVnGPTzdC1tHd1cQi1TtYg5Rw
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B33 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 51236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9470 60 KB
24 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 May 2022 02:02:29 GMT

GET
H3 200 cssruleplugin_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9470 2 KB
1013 B 29ms
28ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/cssruleplugin_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 985
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 May 2022 02:02:29 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/10061888859026381267/ Frame 9470 6 KB
3 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10061888859026381267/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f7929b5ffd1e316803abbbe466e4d6f8a42d8d7141944bd1741301c0e2e98f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:29:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 574385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2574
x-xss-protection: 0
last-modified: Thu, 05 May 2022 07:04:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 10:29:24 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D6A2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ytssub.com&sn=ChromeSyncframe&so=0&topUrl=ytssub.com&cw=1&lsw=1&topicsavail=0
https://mug.criteo.com/sid?cpp=QpRoO3xETUxic2dRY1djVEJHd2o1dUtROWsvakFFSWgxczVXMDcxT0ZEL1NvVVFYbXFFaW5wUW9jcVFRR0tXckptaUF3UGY5ZkYxQ21OQVU3akZnNEhlci9mM3ZacEoxbnZEM1RUaG1Wb3ZzQXlZSEU3Z01zUG1TY1BmUD...

428 B
631 B

345ms
33ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QpRoO3xETUxic2dRY1djVEJHd2o1dUtROWsvakFFSWgxczVXMDcxT0ZEL1NvVVFYbXFFaW5wUW9jcVFRR0tXckptaUF3UGY5ZkYxQ21OQVU3akZnNEhlci9mM3ZacEoxbnZEM1RUaG1Wb3ZzQXlZSEU3Z01zUG1TY1BmUDAzQnViUE51dER6Y3M5MXlVRkczVFpNdkp4QVMrMDNnUkcwKy9odmovdHRHWmorSkhMdWVKdmVSeDkrSTdqSFhqU0tGRkpoUjNHT1FiNkdXNDBOa3N6WDNJcDV6M1RBQkhpekZXeEpUTDhsdU5LYkZMalBDUHBHZU85c1NPaTJpLzV5TVBMNFk5aldueDAwSzIrYWk2djdBVUdPNjRPQT09fA&cppv=2

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f15fe24a817ccfdd3419936240770d66d8b6dd3c5da2746a012d66c1583c4509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5238
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:28 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=QpRoO3xETUxic2dRY1djVEJHd2o1dUtROWsvakFFSWgxczVXMDcxT0ZEL1NvVVFYbXFFaW5wUW9jcVFRR0tXckptaUF3UGY5ZkYxQ21OQVU3akZnNEhlci9mM3ZacEoxbnZEM1RUaG1Wb3ZzQXlZSEU3Z01zUG1TY1BmUDAzQnViUE51dER6Y3M5MXlVRkczVFpNdkp4QVMrMDNnUkcwKy9odmovdHRHWmorSkhMdWVKdmVSeDkrSTdqSFhqU0tGRkpoUjNHT1FiNkdXNDBOa3N6WDNJcDV6M1RBQkhpekZXeEpUTDhsdU5LYkZMalBDUHBHZU85c1NPaTJpLzV5TVBMNFk5aldueDAwSzIrYWk2djdBVUdPNjRPQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1529
content-length: 541
expires: 0

GET
H3 200 g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B33 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g51hIJTSSbKmE1DfHFqbr9lDc41juRM9f8n7HMlSD3A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 06:40:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13648
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 May 2023 06:40:10 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 60AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA8g2soiSInIyityR5-qe2A&google_cver=1

43 B
274 B

318ms
29ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA8g2soiSInIyityR5-qe2A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
via: 1.1 google
server: OXGW/18.1.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA8g2soiSInIyityR5-qe2A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 60AA 43 B
145 B 375ms
30ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
content-encoding: gzip
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 60AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEL6CITyJwY1G_f9DuWnWAH4&google_cver=1

23 B
172 B

340ms
49ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEL6CITyJwY1G_f9DuWnWAH4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 19 May 2022 02:02:30 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:29 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEL6CITyJwY1G_f9DuWnWAH4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 60AA 23 B
172 B 398ms
54ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxicrrvGATAB&v=APEucNUqUR6-vrGNYCOuUYvj_dMylQZwqvZdqtj0PLRrjhMKSPgE5s8jDs_IfQt-HmVhS0YXFwZaqgory3OHA5QzBoTLVVOQ4nR7vX0lDvBiZrbA1LDUz0ONBkkSQqvPhrF8PVkvB0jwA4oRFB4gr5CLdi1-KLpzZ4t-xjGMMBgNwYfYXXgdPrxShuyOfLemg8UtRwERXC5CpHejIgLYI6YmfhcJC-sLkg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 19 May 2022 02:02:30 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8443 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmXQ8rGUonOka3CC8L3j0gjAPpCjzC7R6mnb58s52F-DeT0XJek3OQlIX481byMqYshR7CsycmxJkpJCLNj791rHSKze1KRAAMIK4CAXzhRB-aoY9dptg-DEcDNNH4oXcZhwCr8W-XZJsla-JP_ZLYK6wnmQ&cry=1&dbm_d=AKAmf-BxnZolawrwElV_Ob-arc8b-A_ihSfTh1fd4lnxOaxX4OY6Ii-yw3i0ydGEVtyYTetK7jZDCeXUuI3k4b-eXPdQ22mWMBliL1mr7RAnX1CJdZxMFasJrm5y3IQHh9HacKEbOK4xyx-HGPZwVXvOnPypl6Jl1QMB3eTC69EQ74CZ7RyHKE1TLTYSMllf9X2pjv4rfMYweNEuIe-Ld664_R628LTTR_6jQ7OY4S5suRW795C_-5qSsUx5zitQXLq4rqHrLgg59uXRCRMOVO5jyUJvoShDDbDRtfzniVKEK6VEJUGLzIOKZPV0_oGlckVssmS3_lTFnWVfnL2vSoPkGZaZipUJfa-ILAmr8Z0gA0aaV7smS3ZRfF2UUrh5LKOqYUQ8lceZTZASQlIBbDLVVh-5T8WpRvjQoelRoxm9BsrudtWWw8ZJo9eXiGrXJRs62fp0mrZMIGLFCJSQKiW1gntBxVeTlqExx6LqKOgzY8pICc4j5_izzQaiqIWsgjfVlkgsaYEdvLVD3W1B813KRDZodu7PQsV4MeGUAHKwTMAVT9rHBfgqxlrGGVIvzId67OppBozkXXOCEcTWpCCfHLwmIcJLTXgNHktLR7eDkRrL-jaAvICrLVL_SP4E_Y0oyUEZZ0VC6mweei1UFGSBS1RhudbjEWbeGs8ozPZQiNWhxS9RNQYgl8MYZzHyoTJ4FurgfPDlCxZk8f6gv0C2-gY8NM1jFfrfH4AWPH1Qb8hWAaymYNcs5FYm3lpYQEplsYxpDj5iVgfuemzFIEfWBuwjB6wRXA0xr37mDZ1fYvEsyKraygnNoQd2snL1CWBzZaizzDjuejPnbHNoaBQiCgllw6xMj6Hiy8LRwKxG_UPE622ShBeSQcPL_T6mlaJeZ5En8HmAA2RHNXnuxjNBWeP8VK6v1dtUa4JCXEjDwmCTihBkuY9tHR6uIP2LPN0_HK421zH65Nx8pTmYIYuvoCKPIlqfa_RMZjeYIQs-8m-f3_66ufTnGF92un3bNT32i0lsYZhtBVgJ-DIF9K4s4T_lN24YKzzhroXxB-ddupyhoPnFyJJCLXviVhgDvh9rgnBIjMhcAQ90NvD7qYKOuFE5T98-WSethfUuYnIf7ZjGwBPmV-ZLlM5XgRvG2E0sApFLud8k3dcTXajfT-IYydF3T5xscWGhDEIHvLbzt78GmGFQK5_nII8haGpsN8Tx0zWd1yd0SKKnR0IuJ1DS43hKnDFgWfxYAr7v0R6t1pDJoUx91tnKrwmjjPqF9A0Rj1S5171LpaqDZzAMd4feNmRFKdkMEaXFGGksYYc2OB12XhOpyRy8FGk19rPac2tSjve0cpmLHqaveEzwAOnwZxdKTsAGad48wHQveO-BNg6Te5YUxND6PV-j6SFS4VCfkKQA_LMp5ygI2ZNzLUB0RamyX6j8oRI6qnQCTHWBHE1zOtoPJ0lnCzXQiJyvnAUbiC5oXLTCRrpfCD65mINqHEjB6xd9AdpphCSVZVMZy1d0OOwH_5UISNpNegfVKT99CJQt6qfTs8tes3Li2UadGczkKQJDblJI75L7tzQAIq-bPas-DWU3jERJwadXeqSzB94A2yKxzjUy6s9rMw93OhQOkanRR_AKpnARjAND9rVh67ABENopgmSiqrBqux3MVZJIGdnY0sQLt31Aal-mrfNJuLCnvjsHB44xV8hbDeFwvkQo6YMMqbxrYsbFo50kKBe7CpnxqwujIcN735OZwtkhqlGoXz1DE2aMLl3Ip6qwDBOTjanLEMgzUKKFwRERgEAbZ1CvgxAzr0QvW6m0voV_CpsNnU7o6eeXYlwEkhfHHggpFD40hBiOmKFGmSE_VbYrzmepHPioVgNsHl-lNVK4ZJiH-g7Ffhz3Hiqpd1WWUmWoIQpAbVOzeUEJvjppK00OzoET70u83NxQEcLbUF_MFQ7VSaqCfAu4gkbK196M0mBbOKqv-h-ZSe58uDTkUA8aC3ir3SLa-7J7fHmF6PVcBtJr2i4EaG9RM9qQRy3oZE6hzj3MeB9SeEkpIBgFff0oq50y-luD7I6cxU-YOBvEw74theH269WGRMxhKGQ0beq54fvglPyMAiPxKnRYrBorfFrGxdK9IXFjtxj3nLFtBNG0xNRuqu787j-5QM2lvbsX23X9Dc2VfPmRZV5ah6mshP7tZt0kOkcbO9500d-4S2BiKu9YK4ElEw348HbEiUpsKxIOoV-shomrT-4qFbXNTrN6qARDe5UkhKQARjzZiPrfGgZAIBUu8ykx3dr-uiQj7rUvlBGgY7uxsCW7Op9fw4WHt3AX7m-2ohiPNfWVD4Bldgy2ViaXsaOAZZVOPIhYMKB5BURP0kUS-7wObdYnhZmuU8uPp-B1WNL-oQgkvvhqBn18lCAlYZ9mYgtMjzCsMCDTTOG_KOzw0XhJ_h-QTKq5nZ_faxWsZbU3YjE7MPcOP7S3mP4J7dpzfuNOAqJtMBZBb021MmWtZLgIDEgr1-7ec3PUABTLZv8hhd4j_AohrrQuA95dMF5x5NlKY29-Tc8Kr0lAWSpUXqmYdpFZBmNT4WlQnGGZC9Z1wLCISuMlJGdcRpb-7kbGiq7qExhSD_BWJzDzDQOz09_6puAbcOm1l9WZoQhNGZjDjeAzyRTMGSiecSqGm7bRJ_9q78HJ4g3jVSPKICtEfNYk_FONHVNeGTSs4VPtxroGs0bletg5grFLzaqt7zi-ylDGtweJ3EDILa32xilI_l3wAwBFM300VH8b2KkrUJuf4MfGaY7R4JiQRS8ZjxAqAkUdXz1XQveIxY2lAsPeVl5YxxASWP24u7QenI4IEDjJrbSGT5bVOa0woFe5ucsQTBnZYuW2U8KcM76pZ7Xx6M4OkoiZ0U-qTthdQx3-XPThT1W5g9zdEgrJYMrS7-PW9h7F4wR1DM95ZAxB3I7iEsjZbAcnTyvKGF-IOMBAF4f5dL0VfGvxQvuhWU5sejpxK2WzwVri5WBGbd5kNfpvrtdTwLi9_QQir3ep51CsNZKm0_LGo-zaQLYLAfpGV2qBLdYSRih8eO6NiRcJ9D3EflRSDoM57xEkPzuQL88HUzGk_hLrx7ePuwxotLUBQPR2I4nbkCOdxr0K-0oCiP0gFg5BxZPgsTvUlNh0dBPFT17Ujv2AIm31NE-tE8qVz03xgla8vBOWXBVr6C8n2ZhHGgYPXeFDcpnnrKq83yNY2MN213yXTQ6gDHtEPZnmF-Xp6ALZqGsqHySBrVWHp4PsyaCbp_8uIHyb&cid=CAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw&rfl=1%2Chttps%253A%252F%252Fytssub.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 comdirect_markt_300x600_js.png
s0.2mdn.net/sadbundle/10061888859026381267/ Frame 9470 141 KB
141 KB 21ms
21ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10061888859026381267/comdirect_markt_300x600_js.png

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8843735b976ac4826b42e28a06040baf7fa3d18538980283ba3a5717fb980072

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/10061888859026381267/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 12 May 2022 10:29:23 GMT
x-content-type-options: nosniff
age: 574386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144435
x-xss-protection: 0
last-modified: Thu, 05 May 2022 07:04:58 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 12 May 2023 10:29:23 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0B51 0
63 B 59ms
59ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKjy0-QRzlm_TUJ_FsbRzH9W4NeBymwfEdWoxmNlPrJYElOMTb4uwTzGYSXDR-1ImgVQgyF9vZ47WvcyWvXsB02bu9EJvoWW6G_Oi4a2lxCBQS2wm_tfrups2r7gp6E4ac1OC8djhQzOB84_wyArXzHNBLRlYAbDKwS_9JOzZYegetnGXKIa21Y_2LALC4a6uI-U7TLfZThW6E8ZtJFuxgGejh8hZ5yZBMmluRL6amkJ9JeNq8WDO1DLIboRdKn4clI-cLw_4rrL9kcDOpD5V_wskfsBR9_gO1Kx_FUOk0k-WjfakPQFGJ7ztMkCh_dyvMg0Dh8V-yxMwY5rfJmVo5Ri00bn1aREpFcg6QLf3Gw4E-URQ24eCEIi9qP4KqfIX3fBQPvpe6cqht0p-evA0jpXxERHbYsrSzn1nhfW7CrHMmkkffat03DZe2TBRaUnb3RPWNYjP73-i1N8kWfKgXQmeReOUN720AtnRDE9ZkQMhDrQoB2WfarfuPXeMG8Lv6rTdmRvXze6B8mIKCmaRAynBdMpIi0GM_NROuOc1wArpBJbHU7-MKDTX3Jizb5mhIND5IUuG19zPkhCcnQ08gKRjYpglyQd2nBXoN1ReQ_eIe_Q0Vc6rlzgboUh1iOFFtEjm74p45ckeOXgku2nMPKBfj0u5PfAliTMGUj_L2ULBEi7fEknVcQC5fsVI3IZBg7_YOul-ifyX9bwYMIjRN_WwmdceXW9kssT_lO3ql7h56kl2dJ2IqdArLvCkPSLYdEhSsCSTFL3aIlX193XgkhYTVAwhYRveKHlnTuBAm1w_A1AcSGUHGT5jsFGSQe5wEPIiyZnw86bNA4qARWwkIqxc8qSLmpWAelcOiX7K9Q18s_ydZ6TsXZnVSXNJ19pdux4y3rNu1Kd3eHsKvT-EFUrpxk-crAfcbfBlkKQ3ZL4GmQ94g2kSyfTKODbzD6HUTr9QlLaZwKfwYQsA55GFrwY5v2Rv1tdvBTnXqNv1N1NMUhZYUROcrhGXKIHqntCloX_k_TQpVa0KoP4JKf-AB6aKqGvsCUf9roaJI20BJrFJ7aH_b_JLuJIkLeGgOFxukfc2Wl-yZ6Dw4Cuu0eU2sLn8O0wn0MVPitA&sai=AMfl-YTLeT0tRDnCIAQVHfuGG9NEEyNu1rjqXoi83rj5Gns5mFoUgKGCMKP1CuC3ARRILnQ5tm6oFVOzSF5v6RfImFRqCPP4rfgZEu1NaDvmpV_CcDE7lkUMyMh7uoz46IGg9KBCv2CRlsQhzxh80PM_jSjAJ3iR-7yt884eTd6ZX_y39lELY2LnoXsaBYM8KBBysR7d_BnhTiI7oOA1YhT5BrpKH8sqd_EcK8kaY52JYFAVIJsW4Uxe_Ws3ehTYwRDI-KkxAjzdCCrhx3_s32Flx_jbcwWy9UQQzKf5q5BF8pHvctyaatrumlqroXWYJVrSVo1cJ5JoCAEd7mvfXXcRtDhPcErp9JqVcZEsI1aTyOyVNAOqvfEnTa6c57c3NiyJ0CGTRMEACs9FIO-k44CVcg&sig=Cg0ArKJSzI2OdtQEB1u1EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=271&vt=11&dtpt=164&dett=3&cstd=105&cisv=r20220516.13291&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:02:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK 9zr738t4suio Show response
hal9000.redintelligence.net/zone/ Frame 8443 11 KB
4 KB 368ms
25ms Script
text/html 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/9zr738t4suio?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1abd20bfe5d4666bccca16bff7dd85a5d6b741003aee6c53b1614eca4897e458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:02:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3954
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9288 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 51237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 11:48:33 GMT
expires: Thu, 18 May 2023 11:48:33 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame F864 0
91 B 36ms
30ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 19 May 2022 02:02:30 GMT
server: OXGW/18.1.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
DATA 200
OK truncated
/ Frame 9470 54 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45a041b72e4046fef4b103e03e6fdf1116bb5798d68ad328f6f2c956e736848d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 9470 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d31e71cab9f649f2163699a4a7d6b7bafe49b0713ddaeaee3788c98e3452394

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 9470 41 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36c4e870c9c3ec6c668ad3e4cedd3252154f886fa0f3030f180085e347c4a7e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame 3BBB 220 KB
61 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 23:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 23:32:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 3BBB 14 KB
5 KB 133ms
80ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 3BBB 94 KB
28 KB 124ms
71ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 3BBB 5 KB
2 KB 130ms
78ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 3BBB 40 KB
13 KB 131ms
79ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3BBB 8 KB
892 B 77ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 01:37:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:02:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:02:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BBB 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 25362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BBB 295 B
319 B 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 73136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 19 May 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3BBB 0
0 30ms
29ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSEJpbIh3VRMpiiZyyl9sZHgJyfz3isRuHWfFyyWyoabFZr16qW1Z_YJSS-SxW-G6DSqkjxrlDeg21jJlOneVPAjKwv8Q
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3BBB 0
0 92ms
91ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C69_MNaWFYqr8HZfe3wPTlZzYBJmc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAnZHs2TCjrE-4AIAqAMByAMKqgT4AU_QMVYZQQ41Ea1SQmOy8h0bRBVMinetZ9ziUQ6T9KdcnWKraoadfTP9cOi5mSvw8pxsSOkEClM-uGhlmmiJi_TVdBYGYRnXe7sGWjdKKNMYhyEU4r6A-Nv_esCm1PNspZL4itdvpAWwCg3buNR7BfwDNjlbuPrQdpwhRGAcnI63cCuZ6Kya7o13ywwunwTclAHmXGjIbzz51majq9_zjokELYk0_6r3VsbtLRrhwwocWLxrM5SFMxTRTuR53976UwCMpJsPx3TFjFbfHz8v0HkF0om9C0CZCToqKbrdf--zsT2cUJNG8KorLgNbbvnzI6CSdv8EdlJWwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5ttG0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTA9AVAYAXAbIXHgocCAASFHB1Yi0yMzkzMzIwNjQ1MDU1MDIyGLKYKg&sigh=I20NSf8LCzI&uach_m=[UACH]&template_id=5000
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame E26E 220 KB
60 KB 101ms
55ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 23:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 23:32:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame E26E 14 KB
5 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:14 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame E26E 94 KB
28 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:15 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame E26E 5 KB
2 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame E26E 40 KB
13 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E26E 6 KB
670 B 65ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 01:34:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:02:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:02:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26E 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 25362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26E 295 B
319 B 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 73136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 19 May 2022 05:43:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E26E 0
0 59ms
59ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_531NaWFYvLILIXy3gOum6HYDZmc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAh4yEZv-jrE-4AIAqAMByAMKqgT7AU_Q9-EeV-mu2P_oAfO0YBojczcAR9XXUhUHgq-U6gJiUdeRCwtV9_2Gxm9SujfY8LOZBQff4LHUS4OdsavrwdY1eBNdnQRV-9eFqo4zvO_mpjlrFqnBcB_SYjm5zjYWZXxGTfFH5eylP1zITPPuAg7lR5alMeloKQXKuF22_vmBqlh54q6BzlrP6Q51O1pprucWwuK5ngtRWIysAOrN7jH6_1mXrXWBoFAE5aWSTABbhmXMsAKZD6v3h0_lrCC8gzkolSsU5pTSXC3cuqLW-aD2OnXk1Uada--sYQblSNs1trcU3BAs7L_7Om8roONniuEtPhmUWq-e0NDkwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ__cx0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq&sigh=fw0NnsNc9pI&uach_m=[UACH]&template_id=484
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1

200
OK

request.php Show response
hal90007.redintelligence.net/ Frame 8443
Redirect Chain

https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

139ms
86ms

Script
application/x-javascript

138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3c9672893bc65b97f2d4650cd8ccbcdccbe27914f8f2153f51be39488fe7a313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 73751100013153904444644011964007
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1035
Expires: Thu, 19 May 2022 03:02:30 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 May 2022 03:02:30 +0200

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9288 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5924117634208497824/ Frame E26E 19 KB
19 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5924117634208497824/downsize_200k_v1?w=400&h=209

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68ece11e18e840d78d42f063bc053073ec4cad8bb37fd9f3b52605dbea4317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:07:14 GMT
x-content-type-options: nosniff
age: 222916
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18977
x-xss-protection: 0
last-modified: Tue, 10 May 2022 12:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 12:07:14 GMT

GET
DATA 200
OK truncated
/ Frame E26E 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E26E 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 24780db5b19cbd638164d4d05dd16f8e2ad5bf5ee35a4fdf921b53ef892b843a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E26E 15 KB
16 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 220766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:43:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E26E 15 KB
15 KB 83ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 224113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:47:17 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5924117634208497824/ Frame 3BBB 19 KB
19 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5924117634208497824/downsize_200k_v1?w=400&h=209

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b68ece11e18e840d78d42f063bc053073ec4cad8bb37fd9f3b52605dbea4317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:07:14 GMT
x-content-type-options: nosniff
age: 222916
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18977
x-xss-protection: 0
last-modified: Tue, 10 May 2022 12:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 12:07:14 GMT

GET
DATA 200
OK truncated
/ Frame 3BBB 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3BBB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 3BBB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3789cc490de1aad22728975239abbdebabcc9923925a44290bfef93a8b18b5df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 3BBB 28 KB
28 KB 44ms
28ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 100223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 May 2023 22:12:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B33 0
20 B 56ms
55ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqF_nNKWFYrzyNpXx3gPi9ruICQAAAAA4AeAEAg&bg=!0tGl0ZXNAAZL3OSAa9w7ACkAdvg8WntXEzwv8oFknQne7q-gHUqkeHv66_91hyaq-NbcvNvAMpsYEQIAAAHXUgAAAAJoAQcKAGlUHnv-75YaEDes77wMCqyiqZZ55AZoIc2K5giBwhHgGL91bWjtbidvZiJYmTGD4-mhi2N3SFT8CPTzeCp_UchEIXSbBNZisGdc1oOMsOIgSGhmnW56e_U5EVpIWHWps--8jW_TNrkk81GZAuakJxyCNSo5gI4pBVzxHn3rtYbM7KhxKAQkPVen1BfdsAmrIiOmXqYwojgwYvsqVPppeOT5UUhdWYyqWKyjKIWtbK75aV1hUzgXNe6zgBQ5Gy7G3nAD6aBt2Eg6xn4iKaIkrkV-1qhV0uyn21SwFOgysfdWaMstJs1uuhirWJMmG0fe4u-WhjD9PSc1Z9G-Gds-s-23iUZVmiDxfZAYqX_JH0lQ0u8IFFm0fmPgpWKlZzFJJ3O3pS-NS8O5mOus6QAdhYdDL__5sAJtPE1vkrAcIyCyx7L9lFFuxloJkFBy_m0gACnHbihuyZyDK7jDDjh3A-4HOQQGwW5nKF9L2daKFgNmPNtY2EVvv1tLHQe_RcprpM1il_gTXODMX6id4IbYCWe-EMrawYR1m4ngO1apFH278B4cqlRT7TqJ8vUXjp0sXVZmxamezplUufxJJyE3JWXfrMlURuwz6fZC7cIwVA4HJsetFeYWcRFV6JiObySzXXkmyoHbwFXmKGBqyd10YylZTFNaI5jZAxADORQIKxQUUmsl-9whcvAFVlS0KzIEKF6Hhd6l70ddR3iREdeZTthdjOGSATiLqBU_uQaTBX_l2cFflc2MyuxB3s3lZ0OnE8XKli2FYEhUdP3abcDIAEcgoI-J7PKYH5UJcCZf-NVk3-0caxmcbGl9OX1U2cnjH5Mxe_zguPR36_PWI82E6jq4ZhIkMZHjy5_ekYxi6NrUxYUIZOguBaXMDfmf2Irrubc0_2Bidn4EQknIn42iBRkOR0TS6FEwIhr7gyMsoBGJiyxy8kIIWfNBqSfVVDc4SGZ-h-OKDgTRo-NCPOVUr1xv6ehSHMSTwiyWrrfgLAWKSoKpxvGrB5GZonjqZ3z5YpgAcBbjQ24JbR4za-m2rP7dtioR8v_bEn2OGfFfGxgzsCaAbcnzS4t5GMGEbTV1HKvbDRv61rBFbePVDeNyj_bqUZQKuBIqvG5xhMVJdwxnH5GO

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012204292129000/ Frame 95F7 220 KB
60 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 181819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61295
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 23:32:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c00c4adb72e5cb7f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 23:32:11 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 95F7 14 KB
5 KB 101ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5188
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "176361d496ccc411"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:14 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 95F7 94 KB
28 KB 96ms
55ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Mon, 16 May 2022 14:28:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4b15b3c971f95798"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 May 2023 14:28:15 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 95F7 5 KB
2 KB 94ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1906
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a2652581fdabc981"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012204292129000/v0/ Frame 95F7 40 KB
13 KB 91ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012204292129000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 368540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12953
x-xss-protection: 0
server: sffe
date: Sat, 14 May 2022 19:40:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8a2450dae6a66803"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 19:40:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 95F7 6 KB
670 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 01:29:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:02:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:02:30 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 95F7 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 25362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 95F7 295 B
319 B 21ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 73136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 19 May 2022 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 95F7 0
0 29ms
28ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSggeBnCFincst-qD6rWK_Teq113u16EIMtBFJOKADJq3Bm_KjV3ar1Z44HGvQepKHQLpJsPUvtnKQkT9KdItLmNF2SEg
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 95F7 0
0 60ms
59ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CO4HlNaWFYpGfO5T33gOwvYDYC5mc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAnQDR8sNjrE-4AIAqAMByAMKqgT7AU_QyA31_2rqOA_h7tUJSoBdvJzuO7s7fFgc7KQswQZq8T4o-EV7e1HPnKA3DBZa5QMHRibHAGpg-00SYgual_-BdFMUjknIV6C7XzpYdHIwBfR87ct5twwKMF-1N5t65lYtBLHbsxtz0Y0CEFqFSs2B5HQzLKvR8Kd7k3jRHtqgj39pb2WrWet-VgfD7Ot_gkiwrYL6edgv4T-kDBhF9baGUL9CmZCl34cb6bMW0q1ijNcrWQcqpfwB7l-tAasbHUNHvHSs-VVay_GsdNHoy_M7VAeSbAnfD8IFG0WZAYmzeojz4bbxntkI4ZYio6XviSdP_L9sVdMmWOwSwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2N0y0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq&sigh=b5lJCT5KJfo&uach_m=[UACH]&template_id=484
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BBB 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 25362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3BBB 295 B
319 B 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 73136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 19 May 2022 05:43:34 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26E 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 25362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 19 May 2022 18:59:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E26E 295 B
319 B 21ms
20ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012204292129000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 73136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 19 May 2022 05:43:34 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5924117634208497824/ Frame 95F7 48 KB
48 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5924117634208497824/2076313506083323656

Requested by

Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4f511a7202d71ad645a8842c8bcefb6f33504a7d472dea8e6f71bed07950d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:20:09 GMT
x-content-type-options: nosniff
age: 222141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49428
x-xss-protection: 0
last-modified: Tue, 10 May 2022 12:46:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 16 May 2023 12:20:09 GMT

GET
DATA 200
OK truncated
/ Frame 95F7 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 95F7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3a7ac0898fd7a6fd95d42b9cea999c26c350f2d8d1b3bcc6ad9dde04ce6890f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 95F7 15 KB
16 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 220766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 12:43:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 95F7 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ytssub.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Mon, 16 May 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 224113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 11:47:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9288 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4IXHNaWFYpnKJ8_t3wPfs5mwBgAAAAA4AeAEAg&bg=!trWltfHNAAZL3OSAa9w7ACkAdvg8WltuMee8ZMzPPm3pFUxI035kjEkTfPX08akKIeSbdp-g7Hj0tAIAAAC4UgAAAAFoAQeZAuPKSxlxlh85VEmLwP50iH3imKtF8oBddbG5uIiYUR09snvcbdTP3Fx0uovfu056ZlIUu_UR1ONua6Xfoh5KFDuM_zrVf3dHzOW17wd9RVU9bxu_KMb8hHlkZ002wUsKF2YyLE_WlPPxlvf9cKHfyzWv13gTsemlQVJB-qK63O-jcX0MaC8EmlvoJPDAbmImSThPz2feVLvifHolCEae8_pryL--XXSfzlrPdtRE8LCDxzdJ3OLDd2Wv4IPp5jndzsmitEpCb-OSzcWAjCn97HEmmN46NLUCOAPI7-QG9WIHnhPrY8YRO9d-351UQKE0gaQ8_NRmeuLDnKH_Uo0Ef0_T6GfC8XwBOh3aq61BYeeE6IE9hQ7YZDVvHb-mCUznwIEDxQRZOf7lifVOgAISzxcEaJrn9Dn4GxSpbWmUsGypCRSqvMdplUI1La4EmQkKbB4aiois5mg0VgeGeVIqa4x9lvlbuob-ETisOypyn1ikn7TUtFleUPHKeJV8m2_8LqnXV8P_57cui3WwVa_nsc8MKsQX_HmAIlcsUK3zmxVQn4V-kZJZrn1HYyS_cNMNDtEVTOtJDw6zEzOJAZFKfZ3w_2wkq2vOqdNouTGQwC_xOCSRGqgY9ir_gSwnR_G4W_UiytusuOPj6GxYGgWBiAybyq0BM7hARKHDtklU784iyhOCp9v6fMCqkFCksSGGWdtep4ZZyEmvBk6Ch1Gnw_mZ2a0VpN0lP43TbSRCXudvMkoOJGFrUrEbdt3uSIGKQ2AtMYBoNMCTWKQVw5KZSlouo0kARfqxhzSaM_b4cXL1sty0t1ph2VWIS0gZuBjr56XyX1ShRgubnLcoOelfnrruoEsac-mC7WEA4qILhKanl7piIkeSJmM-0SVtIuEEhDSdx2IOVOIYbvdk_faCzLNGBL_dWde-T6jpZfMYmKfk0UMc4XlJTuQ6CkE2i5jxBdQKKK6nXP9iZS1fdVxuK68nH56v

Requested by

Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 2BD7
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=73751100013153904444644011964007&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73751100013153904444644011964007&actionid=981741&produktid=&dt_url=

0
629 B

111ms
44ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73751100013153904444644011964007&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 02:02:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 19 May 2022 04:02:24 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Thu, 19 May 2022 02:02:30 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=73751100013153904444644011964007&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: D972DA1D:E2FA_91EFC182:01BB_6285A536_E3E1824:2080F

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 8443 1 KB
2 KB 271ms
164ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=73751100013153904444644011964007&js=1&nw=1
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 1f1527d23868213f4581614237b9a22cb5f923531cf5b92a4e3b4461596c5c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Last-Modified: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1249
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 8443 1 KB
2 KB 299ms
191ms Script
text/html 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=723175&wgcampaignid=99582&js=1&nw=1&viewref=73751100013153904444644011964007
Requested by: Host: ytssub.com
URL: https://ytssub.com/subtitle-download/423100
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 6d79786b2e3091e835388cee676d31a06285b3d45763825b31d15e998c0c3960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Last-Modified: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1246
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal90007.redintelligence.net/ Frame 09B9 7 KB
2 KB 80ms
27ms Document
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=9zr738t4suio&nw=20&renderingType=javascript&namespace=0666ef6e67&subid=&uid=4783f0ea0bc73a63&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCJdX3NaWFYsm2EY273gPN1rrIAZumgKJprZLqi84P8C4QASCS2N9KYJXaiIKYB8gBCakCHjIRm_6OsT6oAwGqBOcBT9CVyYqg8cMwE8uMXjbQvfm1oHCVeEYQroMZub834PR92hZVAoJUMqooe0qYgcgzsHDWJMyOJhQuposuywbiUST8GXI5b0fLD_zt1enOaeVvG3j8MO8ChlZmCp2jzcutHeCc5mNzCymlu0r3XgkJzM9N4ht3D2en0VGcSaD7y_eyvsFIqa59OWhlM5u2jlsYl7D3Y9gwJZ7pAD1uPSeCauJVb9JB2F92B5CilTxzcMBRkhxGyLYMpnjR7z465m_W0bgksCFUZDDiyBaHeAndQQRte7zKVnL-rYQg0tLfndNosQutOwVswATRos_UgATgBAOQBgGgBk2AB6yt9Z8DqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBORqNEO0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-Ro762aNfrd9_qRGCpXm8HYl7e6ia-_1ntVmyPrEWmB4dpiD0O4xw%26sig%3DAOD64_0rMHPHtf_MVFx4xix7t-2yzKh9yQ%26client%3Dca-pub-2393320645055022%26dbm_c%3DAKAmf-Bon8Ma382fq0HccNHa2qwJJr8qNC7t9qaHUPoAOiLo6oZBvZqwOpeqv1RWYMPlVO5j5l3YLbzdklXTcwgxeNkXR7AFI4RW89nYlD5T5oIFDY2nWe5e1zBEqwQY5LsQIHb9tWQXrIT0zAJ22sz7tGOcpNDMog%26cry%3D1%26dbm_d%3DAKAmf-C_f9hbPBTm7-Xk9uhYB2YwALpcqUHtC6fk1HbmOFxSbJ4O8nm1_YfKrrgfksl5x7AMO6XMzjKJbv_7qzQFoHoCQoyPXndvOVdwMon82uf1F_GW1RAQabbSg6md6xBBX1gpcJPhzq9lxmL5zjhjWbJIlMt6CmYx2r7GtyuZ58W_Kc6_hGv2B7fS_e0sES9Bcv6J-7DroghnMREu3JoycWQFXugeTS00VjApYUJX7lFW3sZxtxkAEZiAMC1hW8D9wJx--sqvJnmynVca9G42Itup1Fji4oRFyEy1EDG9m1VjtFD79Wm-9ZTL9wRjQtf9mSq9BtJhYSRdB3oJEsvdvLP5EinUF90eS84mvr_M_OiMFFnjYU9bnsRiG3DdiziPM9kpLNNItSy8JHqpo7ChDdGr1VCT7X0yO7lc_mWXp6bV67ivgkDofBYHwC8JhW6naKjIjsIte7KWIFpO9NmoF649sKd1QGu_CmiRZSIxSZks4btld9A%26adurl%3D&documentReferer=https%3A%2F%2Fytssub.com%2F&ancestorOrigins=https%3A%2F%2Fytssub.com&random=7573300134368&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4f2749717849e891c2faba458124eb99da4a1bee97dccd459d021903a5bd68da

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2083
Content-Type: text/html; charset=utf-8
Date: Thu, 19 May 2022 02:02:30 GMT
Expires: Thu, 19 May 2022 03:02:30 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 8443
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=73751100013153904444644011964007
https://ad-server.eu/wm/pb/native.png

68 B
312 B

214ms
41ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:07:34 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 19 May 2022 02:02:30 GMT
Server: nginx/1.17.5
Host: pv.medialead.de
X-IPLB-Request-ID: D972DA1D:E2FC_91EFC182:01BB_6285A536_E3E1825:2080F
X-IPLB-Instance: 40027
Strict-Transport-Security: max-age=15768000
Content-Type: application/go
Location: https://ad-server.eu/wm/pb/native.png
Keep-Alive: timeout=20
Content-Length: 0
Proxy-Host: pv.medialead.de

GET
H3 200 css
fonts.googleapis.com/ Frame 09B9 4 KB
649 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 May 2022 00:03:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 19 May 2022 02:02:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 May 2022 02:02:30 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 09B9 15 KB
15 KB 73ms
25ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/TRG-star-wars-marvel-comics-panini-banner-1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aa75b1e1154ce8aac24730f7b337fe17ca65eb9eb8e93372346f9f24cac882ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:02:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15274
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 09B9 16 KB
16 KB 73ms
25ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f7488094b86d48ed98982e50360a1989c2cf0e94961fca88b6a4e071dfe44c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:02:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16462
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 09B9 13 KB
13 KB 73ms
25ms Image
image/png 138.201.64.38
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/48335/creativesup/highheels_red_1200x627.jpg
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.64.38 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.38.64.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7c60a01ee9b2ec329b243aa85286a93bf0dbc7e899a6dba1d98600fdfb119a92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:02:30 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 13235
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90007.redintelligence.net/ Frame 09B9 0
150 B 76ms
26ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90007.redintelligence.net/viewability?s=73751100013153904444644011964007&a=8396e22d&vb=m
Requested by: Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90007.redintelligence.net/request_content.php?s=73751100013153904444644011964007&a=f5435ca0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B51 42 B
64 B 103ms
59ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7Hc4UqI_8v8ADJUohjLXs_hwmdh1cfCVpX8lKxe_uw4wbR5i9wDwdGoB6mDQ-9_eK5P38JR_hlTGqR37zqlrqvqvlk64YCzjcPffinv0VqwQ&sai=AMfl-YThBWvimzp2qeqIRDO-MGJZ3DUapNBXxbQFC5MDI-Jiwvn0g3RPpVI21BMpqhTIgy2uVsl5oxx5HRuCT67tjfYnFYfM2ShDaXJKzYkhNaVAypKtXE3G9kRB1QCf-qFh&sig=Cg0ArKJSzNANMMLut-62EAE&cid=CAASKORoYITIz2gu8w3A4heRxoWm-G2Jz19vbz6REH8BySYL1wmJ_eUPiSI&id=lidar2&mcvt=1000&p=106,1058,778,1358&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220518&bin=7&avms=nio&bs=0,0&mc=0.89&if=1&vu=1&app=0&itpl=20&adk=2683569567&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652925749331&rpt=234&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8443 51 KB
51 KB 105ms
24ms Script
application/javascript 143.204.215.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3432245&wgcampaignid=99582&viewref=73751100013153904444644011964007&js=1&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-49.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 11:22:01 GMT
server: AmazonS3
age: 75527
etag: "101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Wed, 18 May 2022 05:03:44 GMT
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 52083
x-amz-cf-id: IDiD5xEiLTWgM6U_AwyDYMihxqsuHe8ZMOST3uXqAIOmkEW-oscXyA==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 8443 667 B
1 KB 106ms
41ms Image
image/jpeg 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=51905700009627700951425011964030&wglinkid=3432245
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Last-Modified: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 667
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 8443 3 KB
3 KB 104ms
38ms Image
image/png 46.236.35.87
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=99582&viewref=36094300011075604445158011964005&wglinkid=723175
Requested by: Host: d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
URL: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.236.35.87 Plymouth, United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-35-87.servers.dedipower.net
Software: Apache /
Resource Hash: 5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 02:02:30 GMT
Last-Modified: Thu, 19 May 2022 02:02:30 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Content-Length: 2727
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 43ms
42ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022051201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a33fb3093d78187e45de05fc478cccdfca797ce462c443d06fe641de605b9d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 May 2022 02:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10749
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 19 May 2022 02:02:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8304 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 18 May 2022 17:13:58 GMT
expires: Thu, 18 May 2023 17:13:58 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6F90 783 B
536 B 31ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3210f4851273d7ce69e5b3acccdf92c7ea245f9f13754dd3f17bb42e045d25c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Uq9E2FTsD-TGV_E4NtzCEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ytssub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Uq9E2FTsD-TGV_E4NtzCEw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 19 May 2022 02:02:30 GMT
expires: Thu, 19 May 2022 02:02:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js Show response
pagead2.googlesyndication.com/bg/ Frame 8304 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Yd3cEgPtLOfKcy7GxWkHziCM9jl-6RVWGk-YTJsF5Kc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 17 May 2022 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 09 May 2022 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 May 2023 16:20:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6F90 0
0 60ms
60ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022051201&jk=1151118136475979&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8304 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ufSkcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 02:02:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3BBB 0
0 58ms
58ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3a4QNaWFYqr8HZfe3wPTlZzYBJmc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAnZHs2TCjrE-4AIAqAMBqgT4AU_QMVYZQQ41Ea1SQmOy8h0bRBVMinetZ9ziUQ6T9KdcnWKraoadfTP9cOi5mSvw8pxsSOkEClM-uGhlmmiJi_TVdBYGYRnXe7sGWjdKKNMYhyEU4r6A-Nv_esCm1PNspZL4itdvpAWwCg3buNR7BfwDNjlbuPrQdpwhRGAcnI63cCuZ6Kya7o13ywwunwTclAHmXGjIbzz51majq9_zjokELYk0_6r3VsbtLRrhwwocWLxrM5SFMxTRTuR53976UwCMpJsPx3TFjFbfHz8v0HkF0om9C0CZCToqKbrdf--zsT2cUJNG8KorLgNbbvnzI6CSdv8EdlJWwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5ttG0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTA9AVAYAXAbIXHgocCAASFHB1Yi0yMzkzMzIwNjQ1MDU1MDIyGLKYKg&sigh=sO5OxIsGxoA&vt=1&template_id=5000&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 3BBB 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskNDVB_6vc79VYaDeYAepKOVYNfmXWTZPE0aGAIpSMv7kTfCZ19GDzsmLSt0Z-4mwpEz_l4x4ZG7IVTQ_omkLfrPA5WRfX5h5Hr84d5yWU8NY03e8PVMPWhxYEPINJlRaub9ZaZg&sai=AMfl-YTbJwZo_YzGxZM3pfIBITlZK9PGETqco_cwuDYsjsmibEhxftskut7jAjpOV-OqeQZDWGAeG97DF9ROWHwhT6sNkmW_1LpguGmj3o8HqriNfiZYpFzNZayIffahOBU&sig=Cg0ArKJSzEvqRrkag4HIEAE&id=ampim&o=145,106&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1159&mtos=0,0,1159,1159,1159&tos=0,0,1159,0,0&tfs=266&tls=1425&g=100&h=100&tt=1425&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2769095154

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E26E 0
0 57ms
57ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBW4yNaWFYvLILIXy3gOum6HYDZmc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAh4yEZv-jrE-4AIAqAMBqgT7AU_Q9-EeV-mu2P_oAfO0YBojczcAR9XXUhUHgq-U6gJiUdeRCwtV9_2Gxm9SujfY8LOZBQff4LHUS4OdsavrwdY1eBNdnQRV-9eFqo4zvO_mpjlrFqnBcB_SYjm5zjYWZXxGTfFH5eylP1zITPPuAg7lR5alMeloKQXKuF22_vmBqlh54q6BzlrP6Q51O1pprucWwuK5ngtRWIysAOrN7jH6_1mXrXWBoFAE5aWSTABbhmXMsAKZD6v3h0_lrCC8gzkolSsU5pTSXC3cuqLW-aD2OnXk1Uada--sYQblSNs1trcU3BAs7L_7Om8roONniuEtPhmUWq-e0NDkwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ__cx0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq&sigh=zJy1WTk5f4o&vt=1&template_id=484&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E26E 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubwcgH0AIoiPq7hvNR1Q2jlGNfzN8vm2yWuAMSKB-IPgA8iZt7NUEoxaAuYfTwRJ6dHPQaxHmpRJVdbTZyxK_sdLmM3yuXDJE8iY4ZnccHM2tOolNhi7z3kdlCwjgG66I0E8SrHQ&sai=AMfl-YTPtqJ5rgIPWsDAUCtD-bniPjuU9XdKscFnagNqoaZk-FgtA5MLNmv_SbLKFjnDBTMXWZN6ZklDJg5xOsy1ZdNKvXSK7osuzLDepTnJP7JmhN7Wh-XI8PXkvL9Ry2k&sig=Cg0ArKJSzFc96xB93JKHEAE&id=ampim&o=608,770&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1161&mtos=0,0,1161,1161,1161&tos=0,0,1161,0,0&tfs=261&tls=1422&g=100&h=100&tt=1422&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 95F7 0
0 58ms
58ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CA9CQNaWFYpGfO5T33gOwvYDYC5mc3Ydqp4PWxvYP2dkeEAEgktjfSmCV2oiCmAfIAQmpAnQDR8sNjrE-4AIAqAMBqgT7AU_QyA31_2rqOA_h7tUJSoBdvJzuO7s7fFgc7KQswQZq8T4o-EV7e1HPnKA3DBZa5QMHRibHAGpg-00SYgual_-BdFMUjknIV6C7XzpYdHIwBfR87ct5twwKMF-1N5t65lYtBLHbsxtz0Y0CEFqFSs2B5HQzLKvR8Kd7k3jRHtqgj39pb2WrWet-VgfD7Ot_gkiwrYL6edgv4T-kDBhF9baGUL9CmZCl34cb6bMW0q1ijNcrWQcqpfwB7l-tAasbHUNHvHSs-VVay_GsdNHoy_M7VAeSbAnfD8IFG0WZAYmzeojz4bbxntkI4ZYio6XviSdP_L9sVdMmWOwSwAT98Z2x_QPgBAGgBi6AB6__7MoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ2N0y0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTIzOTMzMjA2NDUwNTUwMjIYspgq&sigh=8zqaFH268UY&vt=1&template_id=484&uach_m=[]
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 95F7 42 B
64 B 62ms
62ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZUXxrFCC-Kja1-Xr4EbrwyzP3P8GRKqSeoIw3JSfkqc8eHh_vduC1XJxPHKNWsREqzbA5Lg2kw8BqSz1M-eqbWJPhWDS3SkSJ2WoWkBDWAP_foiVhYE3H4x2OiMLiSONo6S_35w&sai=AMfl-YRcesS0DbOP6MQptXQVXMm2-8-nrfDTACG2NMLS6GAGfUozJa3WMyeUkNMGutVGlha40_k_AgmUNAbXnAQY4m61DxfvOaP3w1O9oi8UJShbe6_r3zi3UM9iD4qxeUk&sig=Cg0ArKJSzK6HiTEzTu_qEAE&id=ampim&o=608,286&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1111&mtos=0,0,1111,1111,1111&tos=0,0,1111,0,0&tfs=180&tls=1291&g=100&h=100&tt=1291&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=2586217363

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 May 2022 02:02:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8443 16 B
232 B 103ms
103ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 May 2022 02:02:31 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8443 16 B
232 B 106ms
106ms Fetch
application/json 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-130-126.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 19 May 2022 02:02:31 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 63ms
63ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022051201&jk=1151118136475979&bg=!6Oul66_NAAZL3OSAa9w7ACkAdvg8WsPZM0teiRdeCy0YvWU4Bq17YeaBeKIlAYcL7PtQC6UHDmbT9wIAAABGUgAAAAJoAQcKAF0-XHDdsqvtPySIYe34wBXlzrnXfkOhcym4p-5Tkn-zweKxywVLotCZ_j3nK6KkV-XlMbcN2STvhqYeCtTItlwzM4iahpFqGfVdjj8GZ76_kcIc7Sd1oyFpG1PyR8qZAqllj_TafPzjlnP34CAXpRjP1NxXS5TnG6WtZvZeDCylPVBZ68AVg8HiGnnp7bUOGxj74B5bvlqMV1E1MZHnewSb561CwZS8zMizvUCgZwI0QhvRD8WiKiIjL6lzzAwHLmZ4j3gJKPe55tfu_BG2YjnNTwVushx2jCsRixVixysfYIotu5HvaqmuPufI_nl8cHQeaszCzBmH5u7y3yJ6_UToyVsufwPv2XViy0Kdr6wWZWRHBTGcyYWJyd66SPnqiYbZy4giU6ZuDSmRTPrork24GtFyRRuwj1mkroiw29YuX6qNXyXmbUN_Gqk0T6DZ52Hucxy8EPlMWBg8ccQ8R5qsoAmmn5y0v6Hp5hcDDVd6Iy2vHHJtcyQQPXUWarGutVYYOGHzcUEnwMlMap5Cu4WA40w-pDPGvv8AXMdSgIxtUbgROZdqso8J1Ce5_idr5nYloicJmgdFVwFEtK67VO55nzspUQoP1LjmK6NzVyrDbr9AFEomTMDy5XQ29FlARQigZQNNH7S5n10A11XqkOmgYC-uuJ--VRVomQQqEvtDesKhNpuh8Od0pwHKCNU0FqTxQ7G61oTFPrCMeofNIBno74kE3Ln384jtUwB5TJSSZUnP0lsStFoOGWn-Gt8QCHSEWr659eAYxnO_xgog_9HhzPCYKBdIHtw5jhHxy9RXQ6m6LnOsiPFh7GVZP0RdVoLSMhhyUgPsjcwQJrLeTVBpWvz6tJuCq7Y49-dotup0FHai-SVhWGPUHZsHoEnrflxdWldPWyOrjPjjN5AhNXXN1rpCxjMSLWP4z5lxkPX9iq9vjIWMU2Q7IZqnM3H3qyh7I4oMpkRYUC7Zvpy1mV3TdPsYl5QbNnTdUIyN-KGcv17L_XquOYo5xEVjYjrOjc1RhtKU74NuY-o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ytssub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 157ms
46ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 May 2022 02:02:31 GMT
server: nginx

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 148ms
46ms Preflight 34.254.130.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 19 May 2022 02:02:31 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ytssub.com/	1970-01-20 03:08:52	Name: XSRF-TOKEN Value: eyJpdiI6IjJzNGRCXC9EZ3U3bGRNcTdlK3hkeWlnPT0iLCJ2YWx1ZSI6InhoTzRmNHVlZ1lDM1ErcEJcL29heWF0UjJTUmV5UkRJeENVRE55WDFKKzlxN25hXC9HVWpxSHpDRHJWdExZRnNrVyIsIm1hYyI6ImM0MmZhNTc4YmIyMDc5NmEzNjViMmM4NDQ5OWY2MjEzOWE5ZTM5M2Y3NzMyNWYwYTE4YjZiMzA1ZGI2MjJlY2QifQ%3D%3D
ytssub.com/	1970-01-20 03:08:52	Name: laravel_session Value: eyJpdiI6IjlETGV1VEJyWU5IaFh1NmQwOU1wSHc9PSIsInZhbHVlIjoiamJCbjdMWXZtSGU4OVExY2xFUVZPZFBxOFBmMElSNzBwN25ibXVrZTNQSHZ3SnN5UWpDdG11V3BYR0x0WmxwRSIsIm1hYyI6ImE4YWIwMWQ5YzQxMGU0NTc2MzAxMzI1MDViMmY0ODE3Mjc5NTk0MjJiZDZhYjUyYWM5YzYwMzMzNzg0ZGZiNTIifQ%3D%3D
.ytssub.com/	1970-01-20 20:39:57	Name: _ga Value: GA1.2.1016148110.1652925749
.ytssub.com/	1970-01-20 03:10:12	Name: _gid Value: GA1.2.1680989576.1652925749
.ytssub.com/	1970-01-20 03:08:45	Name: _gat_gtag_UA_152048891_1 Value: 1
ytssub.com/	1970-01-20 12:39:00	Name: __atuvc Value: 1%7C20
ytssub.com/	1970-01-20 03:08:47	Name: __atuvs Value: 6285a5357fb7c772000
.addthis.com/	1970-01-20 12:39:00	Name: uvc Value: 1%7C20
.addthis.com/	1970-01-20 12:39:00	Name: loc Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
.doubleclick.net/	1970-01-20 12:30:21	Name: IDE Value: AHWqTUngiCpIDRvAZoprhOnz3NzsMTkBIkF1_Nt7z9XzZcObZuSD0Ipg42JXJVbR
.openx.net/	1970-01-20 11:54:21	Name: i Value: 1e19f29c-89ba-4369-8dc2-857d298d9c2a\|1652925749
.adnxs.com/	1970-01-20 05:18:21	Name: uuid2 Value: 1429593230784647147
.criteo.com/	1970-01-20 12:30:21	Name: uid Value: 724ea456-80d9-4da1-9c58-3c2ae7832c1b
.casalemedia.com/	1970-01-20 11:54:21	Name: CMID Value: YoWlNXRgOOovxCBN0IjzHQAA
.casalemedia.com/	1970-01-20 05:18:21	Name: CMPS Value: 5201
.casalemedia.com/	1970-01-20 05:18:21	Name: CMPRO Value: 1121
.casalemedia.com/	1970-01-20 03:10:12	Name: CMST Value: YoWlNWKFpTUA
.adnxs.com/	1970-01-20 05:18:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilgg4`Vr!]tbPl1M>e)ZlrFUfJ+tGXxomI4m5[[I_(sFwU+vUBxM2__IneaaUhuj$)CD3If)y3KL9D3I?+.sjOJQ
.doubleclick.net/	1970-01-20 03:08:46	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-20 11:54:21	Name: CMRUM3 Value: 2d6285a5352760CAESEM0fMKamrGDa2jPokboc2tc
.ytssub.com/	1970-01-20 12:30:21	Name: cto_bundle Value: S4afMV8zR0hOaXRIc0NFOHVYTGQ2JTJCMFRkUUhJZ2hXT0ljSG53enhCRDBoR0x4M3NHcHlIUFpWMmhWS2V0Tmk4TDM3c3hPOVdnNFMlMkZPVjdKNmVabDRoWkRkdU10Uzl2RjU3VVdlRE9hdEpGNlFUaUJpTVJlUFBoZzFZJTJCNmluNzYyJTJGV2IwN2dxSUI2cDVqT0lSMTZOQVlIRWNSdyUzRCUzRA
.redintelligence.net/	1970-01-20 05:18:21	Name: 8lcfmzhxc8d6_uid Value: 70e24ea9f9674df7
.ytssub.com/	1970-01-20 12:30:21	Name: __gads Value: ID=4bd0e7d9be9c39bc-22bfbc1c99cd0045:T=1652925748:S=ALNI_MYZVaW1tKklCBdwzXTuTcTUcc4DNA
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aiuolz00k0nz3rgq2rldkuwn
pb.media01.eu/	1970-01-20 20:41:24	Name: DTU Value: 80C358687EE4F9A873EE3571314C29AE

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ytssub.com/images/misc/bg-blue-main.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012204292129000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-server.eu
adservice.google.com
adservice.google.de
analytics.webgains.io
api-public.addthis.com
api.webgains.io
cdn.ampproject.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
d5672354452c5a8eb88b88010d2b68aa.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90007.redintelligence.net
ib.adnxs.com
id.sharedid.org
m.addthis.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pb.media01.eu
pv.medialead.de
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
static.criteo.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
v1.addthisedge.com
widgets.pinterest.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
ytssub.com
z.moatads.com
s7.addthis.com
104.111.242.245
104.75.88.126
138.201.63.157
138.201.64.38
142.250.185.194
142.250.185.98
142.250.186.130
143.204.215.49
145.239.193.130
151.101.0.84
178.250.0.157
185.33.220.240
23.35.236.247
23.35.237.151
2606:4700:3034::ac43:9656
2606:4700::6811:180e
2a00:1450:4001:801::2006
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:829::2008
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::200a
2a02:2638:1::13
2a02:2638::3
34.102.146.192
34.120.107.143
34.254.130.126
35.244.159.8
44.242.7.192
46.236.35.87
54.76.176.197
88.198.250.30
01daf3b8698d015cc383c44a03ec26471a5cf8f383cc2d9ff11f075eabab9dc1
0351eef55e48244d3adae2b701dc82e6696074e872889aa2b4587448a2339671
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0ad07687471649fc2cf910bcd4f37248bb6220f54570c5b617ea2023cfe349f6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
151ca0dbdad0610cbb5b206a106dd32b5a5915325c96ec690652e0e47abf8465
1abd20bfe5d4666bccca16bff7dd85a5d6b741003aee6c53b1614eca4897e458
1c8a9b87bb44ec77b0df5b351771b1ae60051d8a4f91abd4f4b36d20aa68fb68
1e6c9fc2a4332fdc7993b65f9c4c1a96752d42afa1e68c0c7e170b167aa4fe76
1f1527d23868213f4581614237b9a22cb5f923531cf5b92a4e3b4461596c5c85
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24780db5b19cbd638164d4d05dd16f8e2ad5bf5ee35a4fdf921b53ef892b843a
267a83092a5fd6ec5fb746bce12d440abd37f1d649c072f653e17d0c800eb647
277b166c3c59f12e659bdf64d131dc21a35b32f658b79f4ba134d00d76960e76
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
302dc1d6a476fea2d5835e1e98b48c3e19c0488858e857a223fdbfc06806ebb5
3210f4851273d7ce69e5b3acccdf92c7ea245f9f13754dd3f17bb42e045d25c3
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35d962f44b1208c783395315f2793914f30a7df4aed795e62885e30675532830
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3643c4ebcb19a6b5ccb667ed329cbdbb20072fc76bedcc567da15258f420f8f8
36c4e870c9c3ec6c668ad3e4cedd3252154f886fa0f3030f180085e347c4a7e1
3789cc490de1aad22728975239abbdebabcc9923925a44290bfef93a8b18b5df
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3b68ece11e18e840d78d42f063bc053073ec4cad8bb37fd9f3b52605dbea4317
3c9672893bc65b97f2d4650cd8ccbcdccbe27914f8f2153f51be39488fe7a313
3e3a848e094f7a78c726bd285cce7b6513533259676d3aad8630ff6bad5822df
3f7929b5ffd1e316803abbbe466e4d6f8a42d8d7141944bd1741301c0e2e98f8
42bd99c9d9c85bebd6419be0bc7cab4bbdd98f3743d9c0bf7e3e62cd627cb581
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44a6b0f9ff9be0aa5f27179086b505fa3d6bdea8a98b8199ce3e450aad7870db
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a041b72e4046fef4b103e03e6fdf1116bb5798d68ad328f6f2c956e736848d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2749717849e891c2faba458124eb99da4a1bee97dccd459d021903a5bd68da
4f9db17ec9afed07a095a3c581881c1f34d4d183b1d7ec26a991137b4b77bffc
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5b8282e83f576ae9f1a82b6324c558571444a0fa196bd3337a5d219c0e503f26
5cfec01d1f8003eb15069f4a63ce5b8cefc765d2724460540735e4b0226e9b5c
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61dddc1203ed2ce7ca732ec6c56907ce208cf6397ee915561a4f984c9b05e4a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d79786b2e3091e835388cee676d31a06285b3d45763825b31d15e998c0c3960
7056ed2b35c9d6a13f5b65cbce0f28e96fdac5e9eb49f31faba9d62ce7c8c9ab
742106aba0be6db1086baa20c675ca18298baf0eecf4f0ad7a99111be6796446
79dbc00f9ae9cb4014517a12ead67f018cb4d7b77f0bffe01610528aecb1b8d6
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7c60a01ee9b2ec329b243aa85286a93bf0dbc7e899a6dba1d98600fdfb119a92
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7e34e3650444be4442224a77990a95d0ba66457124adf9e73df76e8134110d1c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
839d612094d249b2a61350df1c5a9bafd943738d63b9133d7fc9fb1cc9520f70
8438fcae135714383f2e8b95e9a173d7dae352e433c16c07ab158e6c88c489d0
849bf84d3b5bf1b4f3be082d7f47134ab3051fc70f6a756823969f10640e89f5
8843735b976ac4826b42e28a06040baf7fa3d18538980283ba3a5717fb980072
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac610caf44e65485454faa10ce0e688d99f5f605cec1caddfdfb4ef07664112
8d31e71cab9f649f2163699a4a7d6b7bafe49b0713ddaeaee3788c98e3452394
918e1cfa104cf2ad2942fd66030698b8bd602ded209a4fd35552e210e59b5931
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9d15e8ec7d41303c5d94c3e0afac4baf60e30a210dd1e22c30094a2d41e3c23f
9d9095c25f5663901783868e1cd2994842dcbb4967ff5d0f0d3b9409b67675c9
9ea21905a7edfa4ceda705f977891d5e100f9709318836cfacbab47ad3321ff1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05fdfb3e658a59c3b08dc4d5787cf76826988866a1be0bac3710c7753640d1f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3112294a67cbad63e064f6112bf8b4e4c31e8a4300fb70ea7e2cb4a687f80ed
a33fb3093d78187e45de05fc478cccdfca797ce462c443d06fe641de605b9d34
a365a7e32ce97af977d8af302287db4e9e66b9c8a5b1a61f2128c61b5645cf12
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8bd9840fc1278d1e6bc8d8e7447a58037f808b55f435c556798f3db7357be84
aa75b1e1154ce8aac24730f7b337fe17ca65eb9eb8e93372346f9f24cac882ea
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a7ac0898fd7a6fd95d42b9cea999c26c350f2d8d1b3bcc6ad9dde04ce6890f
bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c994d02092af0c3ef07eaf2a098bfc748a3a214e39db2f6d646d4b2997226f64
cbe83b387d5c248b1f2152de44ca8043857ebe6ce8f15902b7bd1b86c0362bcb
ce5a4f82a3d0819a3d0c46a6945830605abf591b26a8e24751175651abdbdbc8
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d28892d03c60b4c046ba53410f788d2c082d8f23063643189a09b54c69af45db
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d990339d29ae16678c71d24356bc338142a54d6ddad1091773aaed49c8eaa1fc
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
e2bed74f256f5e731f2b2bb66cebc43963153aa0720808f163497aea15c69d4a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4046316198c138a9f256711ef96fe2a5e55701a5ce5d73af4fa5db41cfa57ea
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4f511a7202d71ad645a8842c8bcefb6f33504a7d472dea8e6f71bed07950d99
ed641ce65f6faa41d79b74a28d64a47f665aba41010deb5dfddb19790abc84ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15fe24a817ccfdd3419936240770d66d8b6dd3c5da2746a012d66c1583c4509
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f68ae1134eee76eaf108643cc934f0ee5d54b85f07bf646197e34f3d5e277874
f7488094b86d48ed98982e50360a1989c2cf0e94961fca88b6a4e071dfe44c2f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f97b10a726f3dee8838075065cbb5830bdc589f2c364e3582e1822c7b4f69286
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

ytssub.com Open in urlscan Pro 2606:4700:3034::ac43:9656 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

93 %HTTPS

44 %IPv6

31 Domains

44 Subdomains

39 IPs

6 Countries

1774 kBTransfer

4612 kBSize

25 Cookies

2 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ytssub.com Open in urlscan Pro
2606:4700:3034::ac43:9656 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

93 %
HTTPS

44 %
IPv6

31
Domains

44
Subdomains

39
IPs

6
Countries

1774 kB
Transfer

4612 kB
Size

25
Cookies

161 HTTP transactions
12 data transactions