hameleon.xyz Open in urlscan Pro
2a00:f940:2:2:1:1:0:176 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://hameleon.xyz/
Submission: On October 11 via api (October 11th 2023, 9:05:06 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 49 HTTP transactions. The main IP is 2a00:f940:2:2:1:1:0:176, located in Russian Federation and belongs to AS-REG, RU. The main domain is hameleon.xyz.

This is the only time hameleon.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:176	197695 (AS-REG) (AS-REG)
1 1	104.21.59.246 104.21.59.246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.2.200 104.26.2.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.3.200 104.26.3.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
5 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
49	15

18 2a00:f940:2:2:1:1:0:176 (Russian Federation)

ASN197695 (AS-REG, RU)

hameleon.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.59.246 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

partner.incloak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.2.200 (None, )

ASN13335 (CLOUDFLARENET, US)

partner.hidemy.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.200 (None, )

ASN13335 (CLOUDFLARENET, US)

partner.hidemy.name	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	hameleon.xyz hameleon.xyz	1 MB
9	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
8	youtube.com www.youtube.com — Cisco Umbrella Rank: 85	1019 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 237	31 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 static.doubleclick.net — Cisco Umbrella Rank: 304	1 KB
3	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 10154	2 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	70 KB
2	hidemy.name partner.hidemy.name	50 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	54 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	incloak.com 1 redirects partner.incloak.com	741 B
49	13

	Domain	Requested by
18	hameleon.xyz	hameleon.xyz
9	mc.yandex.com	3 redirects hameleon.xyz mc.yandex.ru
8	www.youtube.com	hameleon.xyz www.youtube.com
4	jnn-pa.googleapis.com	www.youtube.com
3	fonts.gstatic.com	www.youtube.com
3	counter.yadro.ru	2 redirects hameleon.xyz
3	mc.yandex.ru	2 redirects hameleon.xyz
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	partner.hidemy.name	hameleon.xyz
1	www.gstatic.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.incloak.com	1 redirects
49	15

This site contains links to these domains. Also see Links.

Domain
hidemy.name

Subject Issuer	Validity	Valid
hidemy.name Cloudflare Inc ECC CA-3	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://hameleon.xyz/
Frame ID: F5AEE7B78E28F149A4D822EE65DB8920
Requests: 28 HTTP requests in this frame

Frame: https://www.youtube.com/embed/XFKjCpHlgIM
Frame ID: DB3D8277E1E4F5025851FD71F6815B90
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Анонимайзер "Хамелеон". Бесплатный анонимайзер ВК (Вконтакте), Одноклассники, Фейсбук, Ютуб.

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Liveinternet (Analytics) Expand

Overall confidence: 100%
Detected patterns

<script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

51 %
HTTPS

69 %
IPv6

13
Domains

15
Subdomains

15
IPs

3
Countries

2358 kB
Transfer

5288 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hidemy.name/ru/vpn/#tag=52f61d6025bdd&bid=b3acf9f0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://partner.incloak.com/accounts/default1/banners/b3acf9f0.png HTTP 301
http://partner.hidemy.name/accounts/default1/banners/b3acf9f0.png

Request Chain 21

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0439%20%u0430%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%u0412%u041A%20%28%u0412%u043A%u043E%u043D%u0442%u0430%u043A%u0442%u0435%29%2C%20%u041E%u0434%u043D%u043E%u043A%u043B%u0430%u0441%u0441%u043D%u0438%u043A%u0438%2C%20%u0424%u0435%u0439%u0441%u0431%u0443%u043A%2C%20%u042E%u0442%u0443%u0431.;0.4657902168488923 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0439%20%u0430%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%u0412%u041A%20%28%u0412%u043A%u043E%u043D%u0442%u0430%u043A%u0442%u0435%29%2C%20%u041E%u0434%u043D%u043E%u043A%u043B%u0430%u0441%u0441%u043D%u0438%u043A%u0438%2C%20%u0424%u0435%u0439%u0441%u0431%u0443%u043A%2C%20%u042E%u0442%u0443%u0431.;0.4657902168488923 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0439%20%u0430%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%u0412%u041A%20%28%u0412%u043A%u043E%u043D%u0442%u0430%u043A%u0442%u0435%29%2C%20%u041E%u0434%u043D%u043E%u043A%u043B%u0430%u0441%u0441%u043D%u0438%u043A%u0438%2C%20%u0424%u0435%u0439%u0441%u0431%u0443%u043A%2C%20%u042E%u0442%u0443%u0431.;0.4657902168488923

Request Chain 28

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10153.8IIMOW1De3hrYOJOXSMfI7vPv06MYLpoObsSbs9U4nJzGqAuYVeULvw5PJ33X5V4.Vcq5-U-Cy7Vpq0z6iwwhjcdqhZU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10153.FRBfSyzP1mYn2C6AqLOMgqLRJGUkgVMXUtkl1F886-yH9AV7ls89xZq-h3jddpL43TYU812_WzryJpcSl2lNbOKifs02xxKqEhnOK9xKRnY%2C.TKoq3Vuf1zVl8FhZzfQz8NFdm0s%2C

Request Chain 30

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 40

https://mc.yandex.com/watch/55046476?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A981600832442%3Ahid%3A361643060%3Az%3A120%3Ai%3A20231011230501%3Aet%3A1697058301%3Ac%3A1%3Arn%3A1041531588%3Arqn%3A1%3Au%3A1697058301262100020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C72%2C76%2C1%2C0%2C0%2C%2C333%2C1%2C%2C%2C%2C550%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697058300220%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697058302%3At%3A%D0%90%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%22%D0%A5%D0%B0%D0%BC%D0%B5%D0%BB%D0%B5%D0%BE%D0%BD%22.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%D0%92%D0%9A%20(%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5)%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%A4%D0%B5%D0%B9%D1%81%D0%B1%D1%83%D0%BA%2C%20%D0%AE%D1%82%D1%83%D0%B1.&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/55046476/1?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A981600832442%3Ahid%3A361643060%3Az%3A120%3Ai%3A20231011230501%3Aet%3A1697058301%3Ac%3A1%3Arn%3A1041531588%3Arqn%3A1%3Au%3A1697058301262100020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C72%2C76%2C1%2C0%2C0%2C%2C333%2C1%2C%2C%2C%2C550%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697058300220%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697058302%3At%3A%D0%90%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%22%D0%A5%D0%B0%D0%BC%D0%B5%D0%BB%D0%B5%D0%BE%D0%BD%22.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%D0%92%D0%9A%20%28%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%29%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%A4%D0%B5%D0%B9%D1%81%D0%B1%D1%83%D0%BA%2C%20%D0%AE%D1%82%D1%83%D0%B1.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Request Chain 45

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10153.AzdgsAedQrsqtRi_Qf2lyU7j6yjY02SxV7Gw2Ds_4YJbmOMdSqaEFTETbfruhHY-.eh72grhOpDng6ncO3CGRvy-8LAQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.xfFFwgkDw2ii1uIb1g8_A-y7yNlSVVRq6SWdazbrL0Z5_aUtZ6eW3xkBMkNKvhiweSSx7Q__tMNA0qM8TegBXIeOQ3FPKlQPMHQuTc9oHWg%2C.fcODyp-uAvOKJ4LCVZbYDAxu2s0%2C

49 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
hameleon.xyz/ 22 KB
8 KB 215ms
76ms Document
text/html 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/7.4.33
Resource Hash: dc7eafbdb426e7c9ab71dec1a3bfb810eab7c63f4f13e886c19e1b13bda013d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 11 Oct 2023 21:05:00 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33

GET
H/1.1 200
OK bootstrap.min.css
hameleon.xyz/vendor/bootstrap/css/ 150 KB
23 KB 78ms
69ms Stylesheet
text/css 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 12:26:08 GMT
Server: nginx
ETag: W/"622de2e0-2565e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3888000
Connection: keep-alive
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK jquery.min.js Show response
hameleon.xyz/vendor/jquery/ 85 KB
30 KB 121ms
59ms Script
application/javascript 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/vendor/jquery/jquery.min.js
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 12:26:07 GMT
Server: nginx
ETag: W/"622de2df-1538f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3888000
Connection: keep-alive
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
hameleon.xyz/vendor/bootstrap/js/ 54 KB
15 KB 119ms
58ms Script
application/javascript 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 12:26:08 GMT
Server: nginx
ETag: W/"622de2e0-d9df"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3888000
Connection: keep-alive
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK style.css
hameleon.xyz/css/ 7 KB
2 KB 116ms
57ms Stylesheet
text/css 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/css/style.css
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5330e295ebf47344564ab2cf0cb3054e5942a554f78feadc0f40ec7641c5a759

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 16:02:50 GMT
Server: nginx
ETag: W/"6320a9aa-1baf"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3888000
Connection: keep-alive
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK catcorn.png
hameleon.xyz/img/ 9 KB
9 KB 58ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/catcorn.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: d948dfc02a991dd7cff060c3376c448e027e74c6815df20b1892d3a3e1d6a2cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:05 GMT
Server: nginx
ETag: "622de2dd-243d"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9277
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK usevpn.png
hameleon.xyz/img/ 6 KB
6 KB 64ms
53ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/usevpn.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: b0b6c0612904571c7759e7c6918377de5dba91eba3f7d39c24e28a1ef296b3b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:07 GMT
Server: nginx
ETag: "622de2df-1720"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5920
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK hameleon.png
hameleon.xyz/img/ 9 KB
9 KB 64ms
54ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/hameleon.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: fa63870b586e3ec8a96e6c7b34736b0b7c482f76c438965fa9dcbe50fdc9f210

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:05 GMT
Server: nginx
ETag: "622de2dd-2222"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8738
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1

200
OK

b3acf9f0.png
partner.hidemy.name/accounts/default1/banners/
Redirect Chain

http://partner.incloak.com/accounts/default1/banners/b3acf9f0.png
http://partner.hidemy.name/accounts/default1/banners/b3acf9f0.png

49 KB
50 KB

133ms
96ms

Image
image/png

104.26.2.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://partner.hidemy.name/accounts/default1/banners/b3acf9f0.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 104.26.2.200 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9713f29a7c36038725a6741052bde4640354ccd6da4a9964b3b2bb59ef765edc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
CF-Cache-Status: EXPIRED
Last-Modified: Wed, 11 Oct 2023 20:18:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV8HkKzi0RushUZArkMCLgK0wubiX7Hz3eSqKq6Yx2LhFyJ8TlIJ2pOaOpEPggBY2zuCXNGeHeuh%2BFVT0OECHwNINv5fenbBawK9iXO9O6wm8zU1qMc1%2B4AlAqL09TzeMPT9moY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png; charset=binary
Cache-Control: public, max-age=259200
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 814a0f0c7a0165c9-FRA
Content-Length: 50187
Expires: Wed, 11 Oct 2023 21:05:15 GMT

Redirect headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UdvScOZRCNvLoPl%2BdY8wBcCJPc5d3AOC%2B35Z%2BaAzyqpYFL985%2FYRadIDtkOOu7E6vYsQgeF6EJhnUV4APPW0H3%2Bq5nbldSSugl7Uao%2BV98Qd9beRtZv5%2FTqImv6QV7s0R83%2BBz6"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=iso-8859-1
Location: http://partner.hidemy.name/accounts/default1/banners/b3acf9f0.png
Cache-Control: max-age=14400
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 814a0f0bdd5035f4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 imp.php
partner.hidemy.name/scripts/ 42 B
547 B 239ms
145ms Image
image/gif 104.26.3.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.hidemy.name/scripts/imp.php?tag=52f61d6025bdd&bid=b3acf9f0
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.200 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sOcYVC0cDBId9DL%2FKli3KOy36OfMmx7wckHmDvYHI%2Fi64J6MQUZ6irW0NWMYPwZqMIcmw6nNY%2Fq%2FY4bqnzif9gMUAz4%2BDIHvv%2FadhFu64Aj0KXDUmuIbID0kB0HUhX5hQhOxXOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: private, no-cache, no-store, max-age=0
cf-ray: 814a0f0be88e368a-FRA
content-length: 42
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK anonimajzer-vk.png
hameleon.xyz/img/ 101 KB
101 KB 80ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/anonimajzer-vk.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 195a92c6e1848dfbd8bbdd7d9c7ab220f49f89aafb25acba19913f8a61f09d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:04 GMT
Server: nginx
ETag: "622de2dc-193b4"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 103348
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK anonimajzer-odnoklassniki.png
hameleon.xyz/img/ 127 KB
128 KB 83ms
54ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/anonimajzer-odnoklassniki.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: d7f90e989a7c11964ed5ce5eb5d64757904e5f7d42e5a0471a59eedc81e97ee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:04 GMT
Server: nginx
ETag: "622de2dc-1fd0d"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130317
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK anonimajzer-youtube.png
hameleon.xyz/img/ 119 KB
119 KB 94ms
54ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/anonimajzer-youtube.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: ee3268e6fe6adca3c0afb762933fda3d54d1aeb052a9caf132e09662f31ecbcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:04 GMT
Server: nginx
ETag: "622de2dc-1db56"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 121686
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK anonimajzer-facebook.png
hameleon.xyz/img/ 102 KB
102 KB 96ms
58ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/anonimajzer-facebook.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 898cce0b35951f1530923759224092bb336189950a1e583afba3ae57a706d882

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:04 GMT
Server: nginx
ETag: "622de2dc-19870"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104560
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK blog.png
hameleon.xyz/img/ 3 KB
4 KB 71ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/blog.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3fe781a41cdd8d68e20d6d36def936e02498cd070dc3363ed09c6df0223f8ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:05 GMT
Server: nginx
ETag: "622de2dd-d7f"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3455
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK anonimajzer-hameleon.png
hameleon.xyz/img/ 114 KB
114 KB 55ms
54ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/anonimajzer-hameleon.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: f70bc44f7e3dbc2b0e2b1fcfda553760e98ec9a7007a34fc8f9d06ab3d663ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:04 GMT
Server: nginx
ETag: "622de2dc-1c710"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116496
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK vk-cherez-anonimajzer.png
hameleon.xyz/img/ 108 KB
108 KB 55ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/vk-cherez-anonimajzer.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5cff76a1a90209294435cf70315cf2977630a3f27a6ec7d070a6edf6094f8702

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:07 GMT
Server: nginx
ETag: "622de2df-1af46"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110406
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK blokirovka-obhod-cherez-anonimajzer.png
hameleon.xyz/img/ 272 KB
272 KB 55ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/blokirovka-obhod-cherez-anonimajzer.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4eff77b4852fac8f040d2deafd4b34662c02a0e2094e55b1501d12f91624eb95

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:05 GMT
Server: nginx
ETag: "622de2dd-4402d"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 278573
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
hameleon.xyz/vendor/bootstrap/js/ 75 KB
21 KB 62ms
58ms Script
application/javascript 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: http://hameleon.xyz/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 13 Mar 2022 12:26:08 GMT
Server: nginx
ETag: W/"622de2e0-12a14"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3888000
Connection: keep-alive
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H2 200 XFKjCpHlgIM Show response
www.youtube.com/embed/ Frame DB3D 91 KB
40 KB 305ms
144ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/XFKjCpHlgIM

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

199ebd3d9db7f1804ff4dcd7d30516e83543753841cfb2e194669864b98e9dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://hameleon.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 11 Oct 2023 21:05:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 315ms
151ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Wed, 11 Oct 2023 22:05:00 GMT

GET
H/1.1 200
OK checkpoint.png
hameleon.xyz/img/ 659 B
962 B 72ms
55ms Image
image/png 2a00:f940:2:2:1:1:0:176
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://hameleon.xyz/img/checkpoint.png
Requested by: Host: hameleon.xyz
URL: http://hameleon.xyz/css/style.css
Protocol: HTTP/1.1
Server: 2a00:f940:2:2:1:1:0:176 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2fe735fb3c40c8069dc328b221c62a11e392bb839d346c16278a33521bb3eaa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Wed, 11 Oct 2023 21:05:00 GMT
Last-Modified: Sun, 13 Mar 2022 12:26:05 GMT
Server: nginx
ETag: "622de2dd-293"
Content-Type: image/png
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 659
Expires: Sat, 25 Nov 2023 21:05:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%...
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%...

43 B
528 B

67ms
67ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0439%20%u0430%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%u0412%u041A%20%28%u0412%u043A%u043E%u043D%u0442%u0430%u043A%u0442%u0435%29%2C%20%u041E%u0434%u043D%u043E%u043A%u043B%u0430%u0441%u0441%u043D%u0438%u043A%u0438%2C%20%u0424%u0435%u0439%u0441%u0431%u0443%u043A%2C%20%u042E%u0442%u0443%u0431.;0.4657902168488923

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 21:05:01 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 11 Oct 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Oct 2023 21:05:01 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//hameleon.xyz/;h%u0410%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%22%u0425%u0430%u043C%u0435%u043B%u0435%u043E%u043D%22.%20%u0411%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u044B%u0439%20%u0430%u043D%u043E%u043D%u0438%u043C%u0430%u0439%u0437%u0435%u0440%20%u0412%u041A%20%28%u0412%u043A%u043E%u043D%u0442%u0430%u043A%u0442%u0435%29%2C%20%u041E%u0434%u043D%u043E%u043A%u043B%u0430%u0441%u0441%u043D%u0438%u043A%u0438%2C%20%u0424%u0435%u0439%u0441%u0431%u0443%u043A%2C%20%u042E%u0442%u0443%u0431.;0.4657902168488923
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 11 Oct 2022 21:00:00 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/5279ebfe/ Frame DB3D 378 KB
48 KB 68ms
67ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 20:35:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48960
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Oct 2024 20:35:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB3D 15 KB
16 KB 199ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 06:47:09 GMT
x-content-type-options: nosniff
age: 397072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 06 Oct 2024 06:47:09 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB3D 15 KB
15 KB 214ms
64ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:26:35 GMT
x-content-type-options: nosniff
age: 517106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 21:26:35 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame DB3D 54 KB
17 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e246896268f64df82e2d476b0f5697525ff8f3dd9e2a424efe3fdb5086b21050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17030
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:07 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/ Frame DB3D 317 KB
95 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e37eef60c8569790974dc21de14333f21105cecae00e1926a7e282f099c8d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 20:11:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97098
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Oct 2024 20:11:17 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame DB3D 2 MB
786 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5980f339ecf49b7e034e5c2efe0fe4a3a7f49c8be1b788d4d000e1f519c8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 221754
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804675
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:07 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10153.8IIMOW1De3hrYOJOXSMfI7vPv06MYLpoObsSbs9U4nJzGqAuYVeULvw5PJ33X5V4.Vcq5-U-Cy7Vpq0z6iwwhjcdqhZU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10153.FRBfSyzP1mYn2C6AqLOMgqLRJGUkgVMXUtkl1F886-yH9AV7ls89xZq-h3jddpL43TYU812_WzryJpcSl2lNbOKifs02xxKqEhnOK9xKRnY%2C.TKoq3Vuf1zVl8FhZzfQz8NFdm0s%2C

43 B
67 B

76ms
76ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10153.FRBfSyzP1mYn2C6AqLOMgqLRJGUkgVMXUtkl1F886-yH9AV7ls89xZq-h3jddpL43TYU812_WzryJpcSl2lNbOKifs02xxKqEhnOK9xKRnY%2C.TKoq3Vuf1zVl8FhZzfQz8NFdm0s%2C

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10153.FRBfSyzP1mYn2C6AqLOMgqLRJGUkgVMXUtkl1F886-yH9AV7ls89xZq-h3jddpL43TYU812_WzryJpcSl2lNbOKifs02xxKqEhnOK9xKRnY%2C.TKoq3Vuf1zVl8FhZzfQz8NFdm0s%2C
date: Wed, 11 Oct 2023 21:05:01 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
185 B 78ms
77ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 11 Oct 2023 22:05:01 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame DB3D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

65ms
64ms

XHR
application/json

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46207e5117305d03390faa6de2303ed3fc91d67c53ab3a5f9298d9e07441e545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 11 Oct 2023 21:05:01 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DB3D 29 B
495 B 179ms
57ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:00:32 GMT
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Oct 2023 21:15:32 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 187ms
64ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 21:05:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DB3D 68 KB
31 KB 74ms
73ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

be9054d1b31315d3995e30b9fe79e36a1be2dc505d42de6e2f25b4443adb04c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31710
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/ Frame DB3D 116 KB
33 KB 60ms
57ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a917be15f33caca7feb38eb3568d482941ca594a08add89b9dc08c61ca0b7297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 07:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33693
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 08 Oct 2024 07:29:45 GMT

GET
H2 200 gYyzGmVBC5c2gm4Oa0LVCSBwQeYGb_qLDEd6eFuxJaI.js Show response
www.google.com/js/th/ Frame DB3D 37 KB
15 KB 185ms
57ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/gYyzGmVBC5c2gm4Oa0LVCSBwQeYGb_qLDEd6eFuxJaI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

818cb31a65410b9736826e0e6b42d509207041e6066ffa8b0c477a785bb125a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 05:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14547
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 05:22:11 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/XFKjCpHlgIM/ Frame DB3D 54 KB
54 KB 246ms
123ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/XFKjCpHlgIM/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a803b8081f40a9d1095a3aed692b64b8052376402d9b1cf263f99744c728c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
x-content-type-options: nosniff
server: sffe
etag: "1554042746"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55330
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 11 Oct 2023 23:05:01 GMT

GET
DATA 200
OK truncated
/ Frame DB3D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKaQ3Ssupc1wEhNdGwx0Jwl5nJOQlM0CkDkC9oY4=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DB3D 1 KB
2 KB 184ms
57ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKaQ3Ssupc1wEhNdGwx0Jwl5nJOQlM0CkDkC9oY4=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dd53c876bc41f2a3b65d2f6972f83a401a523f52f2fa07c066d9b5217a4218d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 20:42:25 GMT
x-content-type-options: nosniff
age: 1356
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1255
x-xss-protection: 0
server: fife
etag: "v15"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 12 Oct 2023 20:42:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DB3D 10 KB
10 KB 60ms
59ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 23:08:51 GMT
x-content-type-options: nosniff
age: 424570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 23:08:51 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/55046476/
Redirect Chain

https://mc.yandex.com/watch/55046476?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/55046476/1?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3A...

454 B
564 B

82ms
82ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/55046476/1?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A981600832442%3Ahid%3A361643060%3Az%3A120%3Ai%3A20231011230501%3Aet%3A1697058301%3Ac%3A1%3Arn%3A1041531588%3Arqn%3A1%3Au%3A1697058301262100020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C72%2C76%2C1%2C0%2C0%2C%2C333%2C1%2C%2C%2C%2C550%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697058300220%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697058302%3At%3A%D0%90%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%22%D0%A5%D0%B0%D0%BC%D0%B5%D0%BB%D0%B5%D0%BE%D0%BD%22.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%D0%92%D0%9A%20%28%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%29%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%A4%D0%B5%D0%B9%D1%81%D0%B1%D1%83%D0%BA%2C%20%D0%AE%D1%82%D1%83%D0%B1.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9cacd7bb467a4d27061cc11fc640054b8e42e33a76cced3c69d55c045c422ede

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 21:05:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 11-Oct-2023 21:05:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: http://hameleon.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 454
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 21:05:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Oct 2023 21:05:01 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11-Oct-2023 21:05:01 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/55046476/1?wmode=7&page-url=http%3A%2F%2Fhameleon.xyz%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A564%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A981600832442%3Ahid%3A361643060%3Az%3A120%3Ai%3A20231011230501%3Aet%3A1697058301%3Ac%3A1%3Arn%3A1041531588%3Arqn%3A1%3Au%3A1697058301262100020%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A56%2C72%2C76%2C1%2C0%2C0%2C%2C333%2C1%2C%2C%2C%2C550%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1697058300220%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697058302%3At%3A%D0%90%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%22%D0%A5%D0%B0%D0%BC%D0%B5%D0%BB%D0%B5%D0%BE%D0%BD%22.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B0%D0%BD%D0%BE%D0%BD%D0%B8%D0%BC%D0%B0%D0%B9%D0%B7%D0%B5%D1%80%20%D0%92%D0%9A%20%28%D0%92%D0%BA%D0%BE%D0%BD%D1%82%D0%B0%D0%BA%D1%82%D0%B5%29%2C%20%D0%9E%D0%B4%D0%BD%D0%BE%D0%BA%D0%BB%D0%B0%D1%81%D1%81%D0%BD%D0%B8%D0%BA%D0%B8%2C%20%D0%A4%D0%B5%D0%B9%D1%81%D0%B1%D1%83%D0%BA%2C%20%D0%AE%D1%82%D1%83%D0%B1.&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: http://hameleon.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 21:05:01 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DB3D 4 KB
2 KB 213ms
91ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 11 Oct 2023 21:05:01 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame DB3D 0
10 B 58ms
57ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?atntJQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/XFKjCpHlgIM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 64ms
64ms Preflight
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 11 Oct 2023 21:05:01 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DB3D 90 B
134 B 68ms
67ms XHR
application/json+protobuf 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb23a42814d7347df54dd6382a20f6b32c10c8ddaf47871fa7edbc57a9049ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 11 Oct 2023 21:05:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10153.AzdgsAedQrsqtRi_Qf2lyU7j6yjY02SxV7Gw2Ds_4YJbmOMdSqaEFTETbfruhHY-.eh72grhOpDng6ncO3CGRvy-8LAQ%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.xfFFwgkDw2ii1uIb1g8_A-y7yNlSVVRq6SWdazbrL0Z5_aUtZ6eW3xkBMkNKvhiweSSx7Q__tMNA0qM8TegBXIeOQ3FPKlQPMHQuTc9oHWg%2C.fcODyp-uAvOKJ4LCV...

43 B
79 B

75ms
75ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.xfFFwgkDw2ii1uIb1g8_A-y7yNlSVVRq6SWdazbrL0Z5_aUtZ6eW3xkBMkNKvhiweSSx7Q__tMNA0qM8TegBXIeOQ3FPKlQPMHQuTc9oHWg%2C.fcODyp-uAvOKJ4LCVZbYDAxu2s0%2C

Requested by

Host: hameleon.xyz
URL: http://hameleon.xyz/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://hameleon.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:05:02 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10153.xfFFwgkDw2ii1uIb1g8_A-y7yNlSVVRq6SWdazbrL0Z5_aUtZ6eW3xkBMkNKvhiweSSx7Q__tMNA0qM8TegBXIeOQ3FPKlQPMHQuTc9oHWg%2C.fcODyp-uAvOKJ4LCVZbYDAxu2s0%2C
date: Wed, 11 Oct 2023 21:05:02 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DB3D 28 B
54 B 77ms
74ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/5279ebfe/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Goog-Request-Time: 1697058303460
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/XFKjCpHlgIM
X-YouTube-Client-Version: 1.20231008.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtPUTdwejJTXy05SSj8m5ypBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1697058301253&flash=0&frm=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1078%2C636&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 11 Oct 2023 21:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 11 Oct 2023 21:05:03 GMT

POST
H2 200 55046476 Show response
mc.yandex.com/webvisor/ 43 B
145 B 157ms
157ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55046476?wv-part=1&wmode=0&wv-hit=361643060&page-url=http%3A%2F%2Fhameleon.xyz%2F&rn=880700028&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1697058304%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231011230504%3Au%3A1697058301262100020%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697058304&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hameleon.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 21:05:04 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11-Oct-2023 21:05:04 GMT
content-type: image/gif
access-control-allow-origin: http://hameleon.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 21:05:04 GMT

POST
H2 200 55046476 Show response
mc.yandex.com/webvisor/ 43 B
73 B 82ms
82ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/55046476?wv-part=1&wmode=0&wv-hit=361643060&page-url=http%3A%2F%2Fhameleon.xyz%2F&rn=986771279&wv-type=3&browser-info=we%3A1%3Aet%3A1697058305%3Aw%3A1600x1200%3Av%3A1135%3Az%3A120%3Ai%3A20231011230504%3Au%3A1697058301262100020%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1697058305&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: http://hameleon.xyz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 11 Oct 2023 21:05:04 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 11-Oct-2023 21:05:04 GMT
content-type: image/gif
access-control-allow-origin: http://hameleon.xyz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 11-Oct-2023 21:05:04 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZXtBZJRbJQg
.youtube.com/	1970-01-20 19:43:30	Name: VISITOR_INFO1_LIVE Value: OQ7pz2S_-9I
.yadro.ru/	1970-01-21 00:09:54	Name: FTID Value: 1b9mtz3Yw78f1b9mtz002Ey3
.yadro.ru/	1970-01-21 00:09:54	Name: VID Value: 091omL0nE48f1b9mtz002EyR
.hameleon.xyz/	1970-01-21 00:09:54	Name: _ym_uid Value: 1697058301262100020
.hameleon.xyz/	1970-01-21 00:09:54	Name: _ym_d Value: 1697058301
.mc.yandex.com/	1970-01-20 15:24:18	Name: sync_cookie_csrf Value: 945250919fake
.hameleon.xyz/	1970-01-20 15:25:30	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 15:24:18	Name: sync_cookie_csrf Value: 3145466213fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1929294811697058301
.yandex.com/	1970-01-21 01:00:18	Name: i Value: IJUk9RUgL1PgrUzkcxZlCsQLk2ry7MiGYHsS2k3TxzcPP4u7gWcyFOoWbDI0elPys5kZgVl6XMevT0kiRaGxCdZjjKU=
.yandex.com/	1970-01-21 01:00:18	Name: yandexuid Value: 91228291697058301
.yandex.com/	1970-01-21 00:09:54	Name: yuidss Value: 91228291697058301
.yandex.com/	1970-01-21 00:09:54	Name: ymex Value: 1728594301.yrts.1697058301#1728594301.yrtsi.1697058301
.hameleon.xyz/	1970-01-20 15:24:20	Name: _ym_visorc Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
fonts.gstatic.com
googleads.g.doubleclick.net
hameleon.xyz
i.ytimg.com
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
partner.hidemy.name
partner.incloak.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.21.59.246
104.26.2.200
104.26.3.200
2a00:1450:4001:801::2016
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:f940:2:2:1:1:0:176
2a02:6b8::1:119
88.212.201.204
88.212.202.52
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
195a92c6e1848dfbd8bbdd7d9c7ab220f49f89aafb25acba19913f8a61f09d9f
199ebd3d9db7f1804ff4dcd7d30516e83543753841cfb2e194669864b98e9dda
1e37eef60c8569790974dc21de14333f21105cecae00e1926a7e282f099c8d89
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2fe735fb3c40c8069dc328b221c62a11e392bb839d346c16278a33521bb3eaa8
3126158d682bafa50bffd7907d0bcecadebf82cc5be9da70235cea3390db2c2b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fe781a41cdd8d68e20d6d36def936e02498cd070dc3363ed09c6df0223f8ac9
46207e5117305d03390faa6de2303ed3fc91d67c53ab3a5f9298d9e07441e545
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4eff77b4852fac8f040d2deafd4b34662c02a0e2094e55b1501d12f91624eb95
4f5980f339ecf49b7e034e5c2efe0fe4a3a7f49c8be1b788d4d000e1f519c8bc
5330e295ebf47344564ab2cf0cb3054e5942a554f78feadc0f40ec7641c5a759
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cff76a1a90209294435cf70315cf2977630a3f27a6ec7d070a6edf6094f8702
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
818cb31a65410b9736826e0e6b42d509207041e6066ffa8b0c477a785bb125a2
898cce0b35951f1530923759224092bb336189950a1e583afba3ae57a706d882
92223235bd2c02fa3eae38898c1fb05886c7261be48bc661939babfc0c2c59bc
9713f29a7c36038725a6741052bde4640354ccd6da4a9964b3b2bb59ef765edc
9cacd7bb467a4d27061cc11fc640054b8e42e33a76cced3c69d55c045c422ede
a917be15f33caca7feb38eb3568d482941ca594a08add89b9dc08c61ca0b7297
b0b6c0612904571c7759e7c6918377de5dba91eba3f7d39c24e28a1ef296b3b7
be9054d1b31315d3995e30b9fe79e36a1be2dc505d42de6e2f25b4443adb04c2
cb23a42814d7347df54dd6382a20f6b32c10c8ddaf47871fa7edbc57a9049ab4
d2a803b8081f40a9d1095a3aed692b64b8052376402d9b1cf263f99744c728c6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7f90e989a7c11964ed5ce5eb5d64757904e5f7d42e5a0471a59eedc81e97ee4
d948dfc02a991dd7cff060c3376c448e027e74c6815df20b1892d3a3e1d6a2cb
dc7eafbdb426e7c9ab71dec1a3bfb810eab7c63f4f13e886c19e1b13bda013d3
dd53c876bc41f2a3b65d2f6972f83a401a523f52f2fa07c066d9b5217a4218d3
e246896268f64df82e2d476b0f5697525ff8f3dd9e2a424efe3fdb5086b21050
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee3268e6fe6adca3c0afb762933fda3d54d1aeb052a9caf132e09662f31ecbcf
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f70bc44f7e3dbc2b0e2b1fcfda553760e98ec9a7007a34fc8f9d06ab3d663ada
fa63870b586e3ec8a96e6c7b34736b0b7c482f76c438965fa9dcbe50fdc9f210

hameleon.xyz Open in urlscan Pro 2a00:f940:2:2:1:1:0:176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

51 %HTTPS

69 %IPv6

13 Domains

15 Subdomains

15 IPs

3 Countries

2358 kBTransfer

5288 kBSize

15 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hameleon.xyz Open in urlscan Pro
2a00:f940:2:2:1:1:0:176 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

51 %
HTTPS

69 %
IPv6

13
Domains

15
Subdomains

15
IPs

3
Countries

2358 kB
Transfer

5288 kB
Size

15
Cookies

49 HTTP transactions
1 data transactions