89.184.83.166 Open in urlscan Pro
89.184.83.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://89.184.83.166/
Submission: On January 05 via api (January 5th 2023, 6:10:14 am UTC) from TR — Scanned from DE

Summary HTTP 328 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 52 IPs in 10 countries across 35 domains to perform 328 HTTP transactions. The main IP is 89.184.83.166, located in Ukraine and belongs to MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA. The main domain is 89.184.83.166.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 3rd 2021. Valid for: a year.

This is the only time 89.184.83.166 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
72	89.184.83.166 89.184.83.166	28907 (MIROHOST ...) (MIROHOST Web hosting)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:f015	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
31	146.0.227.109 146.0.227.109	20773 (GODADDY) (GODADDY)
2	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
2 4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	54.171.106.172 54.171.106.172	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
5	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
5	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
5	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
1 8	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	34.249.37.235 34.249.37.235	16509 (AMAZON-02) (AMAZON-02)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
5	2a02:2638:1::1a 2a02:2638:1::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3 3	198.47.127.18 198.47.127.18	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	142.250.201.194 142.250.201.194	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	18.196.254.35 18.196.254.35	16509 (AMAZON-02) (AMAZON-02)
1 1	162.19.141.161 162.19.141.161	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:400e:1b::a	15169 (GOOGLE) (GOOGLE)
11	185.46.149.20 185.46.149.20	44600 (GT-AS) (GT-AS)
1	44.195.196.224 44.195.196.224	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	2a00:1450:400... 2a00:1450:400d:808::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
328	52

72 89.184.83.166 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: 1-ekonomika.ua

89.184.83.166	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:35fc (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

delo.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:f015 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp-eu.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.106.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-106-172.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.249.37.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.18 (United States) 3 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.201.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.254.35 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-254-35.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.141.161 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip161.ip-162-19-141.eu

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:1b::a (Ireland)

ASN15169 (GOOGLE, US)

rr5---sn-5hnednss.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.46.149.20 (Kyiv, Ukraine)

ASN44600 (GT-AS, UA)
PTR: 185-46-149-20.net.gigatrans.ua

content.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.196.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-196-224.compute-1.amazonaws.com

cdn.adm.admixer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 24779 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 174755 inv-nets.admixer.net — Cisco Umbrella Rank: 3328 content.admixer.net — Cisco Umbrella Rank: 133360	499 KB
37	youtube.com www.youtube.com — Cisco Umbrella Rank: 98	2 MB
20	gstatic.com www.gstatic.com fonts.gstatic.com ssl.gstatic.com	477 KB
18	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 static.doubleclick.net — Cisco Umbrella Rank: 393 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 285 cm.g.doubleclick.net — Cisco Umbrella Rank: 321	161 KB
17	google.com apis.google.com — Cisco Umbrella Rank: 163 www.google.com — Cisco Umbrella Rank: 16 accounts.google.com — Cisco Umbrella Rank: 113 adservice.google.com — Cisco Umbrella Rank: 142	254 KB
10	pubmatic.com 5 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 739 image8.pubmatic.com — Cisco Umbrella Rank: 933 image2.pubmatic.com — Cisco Umbrella Rank: 1316 image4.pubmatic.com — Cisco Umbrella Rank: 1480	2 KB
8	googlesyndication.com f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	42 KB
8	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 834 gum.criteo.com — Cisco Umbrella Rank: 446 mug.criteo.com — Cisco Umbrella Rank: 1856	8 KB
8	creativecdn.com 1 redirects prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5452 creativecdn.com — Cisco Umbrella Rank: 658	2 KB
8	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 323	61 KB
7	googlevideo.com rr5---sn-5hnednss.googlevideo.com — Cisco Umbrella Rank: 37361	3 MB
7	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 318	7 KB
5	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 818	15 KB
5	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6213 ghb1.adtelligent.com — Cisco Umbrella Rank: 8603 ghb2.adtelligent.com — Cisco Umbrella Rank: 11118	5 KB
5	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 2287	3 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1583	2 KB
5	adform.net adx.adform.net — Cisco Umbrella Rank: 3427	2 KB
5	piano.io api-esp-eu.piano.io — Cisco Umbrella Rank: 118519	16 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1181 vars.hotjar.com — Cisco Umbrella Rank: 1235 in.hotjar.com — Cisco Umbrella Rank: 2246	73 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	40 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	1 KB
3	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 204	6 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 743	58 KB
2	createjs.com code.createjs.com — Cisco Umbrella Rank: 1929	125 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 105	42 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3658 adservice.google.de — Cisco Umbrella Rank: 5450	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5399	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	112 KB
2	delo.ua 1 redirects delo.ua — Cisco Umbrella Rank: 759667	222 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	102 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 473	518 B
1	admixer.com cdn.adm.admixer.com — Cisco Umbrella Rank: 247662	915 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 3070	336 B
1	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 80910	351 B
328	35

	Domain	Requested by
37	www.youtube.com	89.184.83.166 apis.google.com www.youtube.com
16	inv-nets.admixer.net	cdn.admixer.net 89.184.83.166
15	prebid-inv-eu.admixer.net	89.184.83.166 cdn.admixer.net
11	content.admixer.net	cdn.admixer.net 89.184.83.166
11	cdn.admixer.net	89.184.83.166 cdn.admixer.net prebid-inv-eu.admixer.net
8	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net
8	jnn-pa.googleapis.com	www.youtube.com
8	www.gstatic.com	www.google.com www.youtube.com www.gstatic.com
8	apis.google.com	89.184.83.166 apis.google.com www.youtube.com accounts.google.com
7	rr5---sn-5hnednss.googlevideo.com	www.youtube.com
7	ib.adnxs.com	cdn.admixer.net 89.184.83.166
6	ssl.gstatic.com	accounts.google.com 89.184.83.166
6	fonts.gstatic.com	www.youtube.com www.google.com
6	www.google.com	89.184.83.166 www.gstatic.com www.youtube.com tpc.googlesyndication.com
5	js-agent.newrelic.com	89.184.83.166
5	bidder.criteo.com	cdn.admixer.net
5	g2.gumgum.com	cdn.admixer.net
5	prebid-eu.creativecdn.com	cdn.admixer.net
5	hbopenbid.pubmatic.com	cdn.admixer.net
5	a.teads.tv	cdn.admixer.net
5	adx.adform.net	cdn.admixer.net
5	api-esp-eu.piano.io	89.184.83.166
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	googleads.g.doubleclick.net	2 redirects www.youtube.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com api-esp-eu.piano.io 89.184.83.166
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	image8.pubmatic.com	3 redirects
3	creativecdn.com	1 redirects 89.184.83.166 cdn.admixer.net
3	yt3.ggpht.com	www.youtube.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.admixer.net static.criteo.net
2	code.createjs.com	cdn.admixer.net
2	cm.g.doubleclick.net	2 redirects
2	ghb1.adtelligent.com	cdn.admixer.net
2	ghb.adtelligent.com	cdn.admixer.net
2	i.ytimg.com	www.youtube.com
2	static.doubleclick.net	www.youtube.com
2	accounts.google.com	apis.google.com 89.184.83.166
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	89.184.83.166
2	counter.yadro.ru	1 redirects 89.184.83.166
2	connect.facebook.net	89.184.83.166 connect.facebook.net
2	delo.ua	1 redirects 89.184.83.166
2	www.googletagmanager.com	89.184.83.166
1	mug.criteo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.adm.admixer.com	89.184.83.166
1	ws.rqtrk.eu	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	m.trafmag.com	89.184.83.166
1	ghb2.adtelligent.com	cdn.admixer.net
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.de	89.184.83.166
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
328	61

This site contains links to these domains. Also see Links.

Domain
delo.ua
energo.delo.ua
zza.delo.ua
www.facebook.com
twitter.com
www.instagram.com
bit.ly
www.youtube.com
www.i.ua

Subject Issuer	Validity	Valid
*.delo.ua Sectigo RSA Domain Validation Secure Server CA	`2021-09-03` - `2022-09-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
gumgum.com Amazon	`2022-09-06` - `2023-10-05`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-06` - `2023-03-06`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-12-13` - `2023-02-21`	2 months	crt.sh
*.adm.admixer.com AlphaSSL CA - SHA256 - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://89.184.83.166/
Frame ID: BE51E01129ED4A7C7769996AF746CF17
Requests: 222 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cj7swk3FTZw
Frame ID: EC7EFF4BA32453747C4476FD479E555F
Requests: 22 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 65059A389704D4F8C361AC337B420F68
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 7CD7EB196433F0E177228AC02E45BD2D
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=cq6lynk2wr6z
Frame ID: B2AC66ED8D72E362141DE6E864943EAA
Requests: 5 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 1D755E4C3E9AB7384F6D5102F3BF3E99
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: D9634B2D6FF792667669B371300975E9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A85A953C6A91A63CF0225CC449CA1C84
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
Frame ID: 3E1094F74133AE8E1D2A1F0BE920DB97
Requests: 40 HTTP requests in this frame

Frame: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
Frame ID: 5A5DFC125FC02E67B66F1A57034512CB
Requests: 4 HTTP requests in this frame

Frame: https://f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3016ABB770C576B987AD8C939423378A
Requests: 1 HTTP requests in this frame

Frame: https://code.createjs.com/1.0.0/createjs.min.js
Frame ID: 58775741361C3E7D160D992C8A6CD6DB
Requests: 8 HTTP requests in this frame

Frame: https://code.createjs.com/1.0.0/createjs.min.js
Frame ID: 9832BBBBDB0D723C7DD862D926A55943
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B767BE0C2AEEAD4AD1FA95C7ACAECDA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7A79F6AD445678A7724DE9192A1CB7F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=89.184.83.166
Frame ID: C694978FA8E743D72AC4206ABE2F3F26
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Delo.ua — главный деловой портал Украины

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Gemius (Analytics) Expand

Overall confidence: 30%
Detected patterns

xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

328
Requests

74 %
HTTPS

58 %
IPv6

35
Domains

61
Subdomains

52
IPs

10
Countries

9070 kB
Transfer

18625 kB
Size

43
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://delo.ua/

Search URL Search Domain Scan URL

URL: https://delo.ua/business/top100/

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/
Title: Политика и экономика

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/finance/
Title: Финансы

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/world/
Title: В мире

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/politics/
Title: Политика

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/economy/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://delo.ua/econonomyandpoliticsinukraine/society/
Title: Общество

Search URL Search Domain Scan URL

URL: https://delo.ua/business/
Title: Бизнес

Search URL Search Domain Scan URL

URL: https://delo.ua/business/markets/
Title: Рынки

Search URL Search Domain Scan URL

URL: https://delo.ua/business/companies/
Title: Крупный бизнес

Search URL Search Domain Scan URL

URL: https://delo.ua/business/initiative/
Title: Устойчивое развитие

Search URL Search Domain Scan URL

URL: https://energo.delo.ua/
Title: Энциклопедия энергоэффективности

Search URL Search Domain Scan URL

URL: https://delo.ua/business/rates/
Title: Рейтинги

Search URL Search Domain Scan URL

URL: https://delo.ua/business/news-companies/
Title: Новости компаний

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/
Title: Вне офиса

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/learning/
Title: Образование и карьера

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/leisure/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/health/
Title: ЗОЖ

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/gadgets/
Title: Гаджеты

Search URL Search Domain Scan URL

URL: https://delo.ua/lifestyle/science/
Title: Наука

Search URL Search Domain Scan URL

URL: https://delo.ua/opinions/
Title: Мнения

Search URL Search Domain Scan URL

URL: https://delo.ua/special/
Title: Спецпроекты

Search URL Search Domain Scan URL

URL: https://zza.delo.ua/
Title: ZZA

Search URL Search Domain Scan URL

URL: https://delo.ua/special/bankopad/
Title: Как разворовывались банки

Search URL Search Domain Scan URL

URL: https://delo.ua/special/smartinvest/
Title: SMART INVESTMENTS

Search URL Search Domain Scan URL

URL: https://delo.ua/special/bez-smol-ta-nikotinu/
Title: Без смол та нікотину

Search URL Search Domain Scan URL

URL: https://delo.ua/special/30let/
Title: Преуспеть в 30

Search URL Search Domain Scan URL

URL: https://delo.ua/special/svoyedelo/
Title: Свое дело с Василием Хмельницким

Search URL Search Domain Scan URL

URL: https://delo.ua/special/recruitment-awards/
Title: Всеукраїнська премія рекрутингових кейсів Ukrainian Recruitment Awards

Search URL Search Domain Scan URL

URL: https://delo.ua/special/hrperezagruzka/
Title: HR Перезагрузка

Search URL Search Domain Scan URL

URL: https://delo.ua/special/sustainable-development/
Title: Лідери сталого розвитку

Search URL Search Domain Scan URL

URL: https://delo.ua/special/zemelnaja-reforma/
Title: Земельная реформа

Search URL Search Domain Scan URL

URL: https://delo.ua/special/industry4/
Title: Индустрия 4.0

Search URL Search Domain Scan URL

URL: https://delo.ua/special/investicii-na-vyrost/
Title: Инвестиции на вырост

Search URL Search Domain Scan URL

URL: https://delo.ua/special/new-business-reality/
Title: Переход в обновленную реальность

Search URL Search Domain Scan URL

URL: https://delo.ua/special/good-corporations/
Title: Корпорации добра

Search URL Search Domain Scan URL

URL: https://delo.ua/special/epicentr-podderzhki-biznesa/
Title: Эпицентр поддержки бизнеса

Search URL Search Domain Scan URL

URL: https://delo.ua/special/smallbusiness-vs-coronavirus/
Title: MCБ vs коронакризис: идеи в дело

Search URL Search Domain Scan URL

URL: https://delo.ua/special/5-7-9/
Title: 5,7,9%: Від знань до грошей

Search URL Search Domain Scan URL

URL: https://delo.ua/special/get-business-fest/
Title: Get Business Fest

Search URL Search Domain Scan URL

URL: https://delo.ua/photo/
Title: Фото

Search URL Search Domain Scan URL

URL: https://delo.ua/video/
Title: Видео

Search URL Search Domain Scan URL

URL: https://delo.ua/contacts/#form-team-bottom
Title: письмо в редакцию

Search URL Search Domain Scan URL

URL: https://delo.ua/contacts/
Title: наша команда

Search URL Search Domain Scan URL

URL: https://delo.ua/advertisment/
Title: отдел рекламы

Search URL Search Domain Scan URL

URL: https://www.facebook.com/delo.ua/

Search URL Search Domain Scan URL

URL: https://twitter.com/Delo_ua

Search URL Search Domain Scan URL

URL: https://www.instagram.com/delo.ua_official/

Search URL Search Domain Scan URL

URL: http://bit.ly/2S2JW4E

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCM1hAMz3CA03_xH6H4mD5sQ?sub_confirmation=1

Search URL Search Domain Scan URL

URL: https://delo.ua/business/rates/ceo/
Title: Рейтинг СЕО

Search URL Search Domain Scan URL

URL: https://delo.ua/special/smartinvest
Title: Smart Investments

Search URL Search Domain Scan URL

URL: https://delo.ua/special/30let
Title: Преуспеть в 30

Search URL Search Domain Scan URL

URL: https://delo.ua/privacy-policy/
Title: политика конфиденциальности

Search URL Search Domain Scan URL

URL: http://www.i.ua/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=5SmvR9wCgf4
Title: Online трансляція HR Wisdom Summit

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://delo.ua/delo2017/js/counters/xgemius.js HTTP 301
https://delo.ua/delo2017/js/counters/xgemius.js/

Request Chain 68

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861 HTTP 302
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861

Request Chain 118

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 205

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 214

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 215

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Finv-nets.admixer.net%252Fadxcm.aspx%253Fssp%253D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%2526id%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDc5MEQxQjctODAxRS00OUEwLTg1MkYtOTVGMkIxNTgzRUY5&gdpr=0&gdpr_consent={consent} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDc5MEQxQjctODAxRS00OUEwLTg1MkYtOTVGMkIxNTgzRUY5&gdpr=0&gdpr_consent={consent}&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent} HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent} HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D0790D1B7-801E-49A0-852F-95F2B1583EF9 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=0790D1B7-801E-49A0-852F-95F2B1583EF9

Request Chain 216

https://x.bidswitch.net/sync?ssp=admixer&user_id=87855ff79f644ac6919bbd455c8b4141&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=87855ff79f644ac6919bbd455c8b4141&gdpr=&gdpr_consent=&us_privacy=[usPrivacy] HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admixer&g=1&gdpr_pd=&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=2fba4ef2-448b-4ffb-b9ae-678b5cdf872b&gdpr=&consent=&gdpr_pd=

Request Chain 325

https://gum.criteo.com/sid/json?origin=publishertag&domain=89.184.83.166&sn=ChromeSyncframe&so=0&topUrl=89.184.83.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=BNl8Jnx0YjVadStDU1lBbVJiZmtVL2xzbGRyMUsyM3hWWmt1a1RLZ3FRVlVJNUc5NkpwUCtoYnNCeUFJME1WL3I0VFNkNXNkVWsxOS94TzM2UVAzK1ZaYkFvenVEb1h4R202NVVvNmFHdncvc0tjbHVFUTZ3blBmbGl3Z1ptd3d3YUV4aGpnbUgrR3pSWW5ZSnRzT0JRdFRIS3VlMHB3Z1ZZZ2M4SUg0dTY0QUZJV2lWNlRCYXpaWVFUU1RZamYyaitEckpzZUNZMWp5MTVWTXNXeFdsekgyK3JVTmNlVHdrVXBnTmlpaW5uZG80REhpN0xhZE9JTHk0QjRMWnJWTnZjRFU4b2FPTGRENGs3QUt1ZFMweHFHVlF4UT09fA&cppv=2

328 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
89.184.83.166/ 152 KB
37 KB 1277ms
923ms Document
text/html 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 / PHP/7.4.26
Resource Hash: 11d337785006444b0f1d9a128c0cb9f858d43fc5b4e01c375a70a7a9294ffb09

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 05 Jan 2023 06:10:06 GMT
Expires: Thu, 05 Jan 2023 06:10:05 GMT
Last-Modified: Thu, 05 Jan 2023 05:45:36 GMT
Pragma: no-cache
Server: nginx/1.12.2
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.4.26
X-Robots-Tag: noindex, nofollow
X-no-cookie: /static/89.184.83.166/index.html
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

GET
H/1.1 200
OK delo_bootstrap.v21.js Show response
89.184.83.166/assets/js/ 16 KB
5 KB 51ms
50ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4043b430cdb3bfcb0b40d3833904230c7c2a471de20da0af50995fd1ed2168c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 04:21:24 GMT
Server: nginx/1.12.2
ETag: W/"6163bbc4-41d9"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 126ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5812255-8

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02f8f614efe0854ddeba2a05b4756b6d467e94a755b579550e6313ca6d818abc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 158ms
51ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "ec76424fc4148a81"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
997 B 148ms
54ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25f411f5160d0e8b79d3e138181a95ea53fe98290e5c122188024d88321a4f5a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK delo_styles.v176.css
89.184.83.166/assets/css/ 594 KB
79 KB 113ms
62ms Stylesheet
text/css 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 25ad976d86fd6d5797433ffb7fe13ec462a8faa8553bc937a9b7d2117a88f4c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Jun 2021 12:47:30 GMT
Server: nginx/1.12.2
ETag: W/"60dc67e2-9494f"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK logo.svg
89.184.83.166/delo2017/img/delo-redis/ 4 KB
2 KB 421ms
50ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/logo.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ccc2cc65d021d9b0caf7b63114b583d0f88f030aa20993ac639606209a316d0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-f51"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK menu-logo.png
89.184.83.166/delo2017/img/refrash/ 3 KB
4 KB 420ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/menu-logo.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ab28873c8e8d1c2243a8b503355f7dec5849c4c7eea5d7d8f5344444324e2c31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-ca4"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3236
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK _picturesmart-investments45_46_s1.png
89.184.83.166/files/delo_promo_links/images/0/46/ 4 KB
4 KB 464ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/46/_picturesmart-investments45_46_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c01213743d506882073f6d37facbb3613ed04adc8f4d03119e7cec7cae2fcdb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 05 Nov 2021 11:25:47 GMT
Server: nginx/1.12.2
ETag: "618514bb-e92"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3730
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture_smart-investments_45_s1.png
89.184.83.166/files/delo_promo_links/images/0/45/ 3 KB
4 KB 476ms
51ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/45/picture_smart-investments_45_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c9fd93c387faf51b4dba5a4ad0a6ea830d25e6684543e09a4b6b23a6b12c207b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Thu, 21 Oct 2021 07:48:33 GMT
Server: nginx/1.12.2
ETag: "61711b51-ce9"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3305
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK _picturebez-smol-ta-nikotinu43_44_s1.png
89.184.83.166/files/delo_promo_links/images/0/44/ 3 KB
3 KB 266ms
51ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/44/_picturebez-smol-ta-nikotinu43_44_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: af16335bf6b483d1af48346fc533aaac9c13d409bcb0c0947b82ac89b577aa7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Thu, 19 Aug 2021 13:37:42 GMT
Server: nginx/1.12.2
ETag: "611e5ea6-a31"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 2609
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture_bez-smol-ta-nikotinu_43_s1.png
89.184.83.166/files/delo_promo_links/images/0/43/ 5 KB
5 KB 268ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/43/picture_bez-smol-ta-nikotinu_43_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 1b742e99f7879210cdba49ceb11018f3c3b36b35386cf1dc3b2ef479895815da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Wed, 25 Aug 2021 07:07:36 GMT
Server: nginx/1.12.2
ETag: "6125ec38-1214"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4628
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK _picturerecruitment-awards41_42_s1.png
89.184.83.166/files/delo_promo_links/images/0/42/ 5 KB
5 KB 218ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/42/_picturerecruitment-awards41_42_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: cc90ed8bed736bf0d285780c0e7ac790b255911e11d1bb711c0e73400c13bf8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Wed, 28 Jul 2021 19:27:25 GMT
Server: nginx/1.12.2
ETag: "6101af9d-1333"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 4915
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture_industrija-4.0_33_s1.png
89.184.83.166/files/delo_promo_links/images/0/33/ 3 KB
3 KB 265ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/delo_promo_links/images/0/33/picture_industrija-4.0_33_s1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fa60314eac1ac8b1b6a156834a67af2f674d760ad8b36348e379e627dcf62c70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Wed, 24 Mar 2021 07:44:45 GMT
Server: nginx/1.12.2
ETag: "605aeded-c18"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3096
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_ja-protiv-dostrai_388633_s40.jpg
89.184.83.166/files/news/images/3886/33/ 15 KB
15 KB 223ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/33/picture2_ja-protiv-dostrai_388633_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0a78cdfd041c9a17fc239c0e6babb558fba53cfaa95700b2318c8a3ac8f7e698

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 15 Nov 2021 19:57:48 GMT
Server: nginx/1.12.2
ETag: "6192bbbc-3bbe"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 15294
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_vakcinirovannym-u_388641_s40.png
89.184.83.166/files/news/images/3886/41/ 141 KB
142 KB 266ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/41/picture2_vakcinirovannym-u_388641_s40.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4bedf8e2051759eafef8a4c64805d0c66798f02feb371b67b7d310b12f81c83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 15 Nov 2021 19:05:59 GMT
Server: nginx/1.12.2
ETag: "6192af97-235d3"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 144851
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture_c0e40673ca88989fd_1135202_s4.png
89.184.83.166/files/users/images/11352/2/ 70 KB
70 KB 308ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/2/picture_c0e40673ca88989fd_1135202_s4.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 54a60ee7cc9aaf064dae78a7c5d8a1261f6d544f903cb22c6eed904721ff4cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Thu, 11 Nov 2021 17:35:18 GMT
Server: nginx/1.12.2
ETag: "618d5456-117b4"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 71604
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture_f5c7c26cb68e7cfff_1135138_s4.jpg
89.184.83.166/files/users/images/11351/38/ 11 KB
11 KB 256ms
48ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/38/picture_f5c7c26cb68e7cfff_1135138_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 9cdde54f5bb000acacaae3c958ece52fc805ebaa56ebb07aac43f20dc2c54898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 19 Jul 2021 13:24:24 GMT
Server: nginx/1.12.2
ETag: "60f57d08-2a22"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10786
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_v-kieve-otkrylsja_388601_s10.jpg
89.184.83.166/files/news/images/3886/1/ 18 KB
19 KB 214ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/1/picture2_v-kieve-otkrylsja_388601_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: bd9d8c90d126d68422214ec080c47336499601756c5dec6a20b8fd08c0060990

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 15 Nov 2021 09:27:25 GMT
Server: nginx/1.12.2
ETag: "619227fd-4943"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18755
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_koronavirus-v-ukr_366141_s10.png
89.184.83.166/files/news/images/3661/41/ 135 KB
135 KB 274ms
51ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3661/41/picture2_koronavirus-v-ukr_366141_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 973fdb9bac39a0ab7b0e9dec0f7f32f4603a5786a265f7e9e167ec4e56dda947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 15 Nov 2021 17:17:14 GMT
Server: nginx/1.12.2
ETag: "6192961a-21ac3"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 137923
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_ne-kreditom-jedin_388350_s40.jpg
89.184.83.166/files/news/images/3883/50/ 22 KB
22 KB 320ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3883/50/picture2_ne-kreditom-jedin_388350_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c57e393f5d657a93422b59bbd2a261f438262e225ec3a8fb7dd26da598ed7584

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 15 Nov 2021 07:47:51 GMT
Server: nginx/1.12.2
ETag: "619210a7-577e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 22398
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK picture2_prizyvy-ne-vakcin_388577_s10.jpg
89.184.83.166/files/news/images/3885/77/ 17 KB
17 KB 56ms
53ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/77/picture2_prizyvy-ne-vakcin_388577_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: a5769bd2f91e1cb153da6a96c75d536be28d157a6d62c56ecae5c06fa0135366

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Sun, 14 Nov 2021 16:55:32 GMT
Server: nginx/1.12.2
ETag: "61913f84-4310"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 17168
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_cifrovoe-ozero.-z_388521_s40.jpg
89.184.83.166/files/news/images/3885/21/ 29 KB
29 KB 53ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/21/picture2_cifrovoe-ozero.-z_388521_s40.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 57c9dd73905368e6de71c6750472d111ee224d0b293d16192236a2729f51d865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 16:10:52 GMT
Server: nginx/1.12.2
ETag: "618e920c-736d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 29549
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_zachem-kabmin-soz_388533_s10.jpg
89.184.83.166/files/news/images/3885/33/ 17 KB
18 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/33/picture2_zachem-kabmin-soz_388533_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4f150f75e5e901aa4761c94916ec09efd6195bc67c275314ef10fb40f89bc7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 21:18:52 GMT
Server: nginx/1.12.2
ETag: "618eda3c-4525"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 17701
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_torgi-za-elektron_388545_s10.jpg
89.184.83.166/files/news/images/3885/45/ 14 KB
15 KB 51ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3885/45/picture2_torgi-za-elektron_388545_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 26f4fa38bb374ed737f85001726a9e16aa2646a6bd4ba58dab157c0d0277b0c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 16:38:21 GMT
Server: nginx/1.12.2
ETag: "618e987d-39fc"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 14844
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_privlekatelnyj-kv_388468_s10.png
89.184.83.166/files/news/images/3884/68/ 129 KB
129 KB 54ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/68/picture2_privlekatelnyj-kv_388468_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b19a1e5b97b156a53ef43758ebc61cc4a3ea97c49649225633f991a895e1f838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 07:59:13 GMT
Server: nginx/1.12.2
ETag: "618e1ed1-20306"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 131846
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture_c235624d331e36b2a_1135201_s4.jpg
89.184.83.166/files/users/images/11352/1/ 19 KB
19 KB 55ms
54ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/1/picture_c235624d331e36b2a_1135201_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fd4fe5bc4ecdc8918f367345e22fa3a191ea0536e0faf1b73bf3c8fa4aaec96d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Thu, 11 Nov 2021 14:40:21 GMT
Server: nginx/1.12.2
ETag: "618d2b55-4a7e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 19070
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_sejchas-stradajut_388451_s10.png
89.184.83.166/files/news/images/3884/51/ 121 KB
121 KB 55ms
55ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/51/picture2_sejchas-stradajut_388451_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f693c430b149d1dd86d8e293cb2b4652eceff0397b2bda6dcc086c873b6affd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Thu, 11 Nov 2021 12:04:29 GMT
Server: nginx/1.12.2
ETag: "618d06cd-1e210"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 123408
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_vo-mnogih-ukrains_388193_s10.png
89.184.83.166/files/news/images/3881/93/ 145 KB
146 KB 49ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/93/picture2_vo-mnogih-ukrains_388193_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d16867bf82af6c40d1cee5465db20c707aec50aac2fbddbe74015c43cc79cfa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Wed, 10 Nov 2021 16:26:11 GMT
Server: nginx/1.12.2
ETag: "618bf2a3-24546"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 148806
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_jak-rozvivati-biz_388416_s10.jpg
89.184.83.166/files/news/images/3884/16/ 21 KB
22 KB 54ms
53ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3884/16/picture2_jak-rozvivati-biz_388416_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4fac05547f67b240219ad2a04113a090141704abd68631c6ef29669ce9851d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 11:12:50 GMT
Server: nginx/1.12.2
ETag: "618e4c32-5465"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 21605
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_buhuchet-po-cene-_388356_s10.jpg
89.184.83.166/files/news/images/3883/56/ 16 KB
16 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3883/56/picture2_buhuchet-po-cene-_388356_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: eb55690d241b2e8e0ecc7440456d20291e51c8a98920cd45880e406f48edb0a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Tue, 09 Nov 2021 18:17:49 GMT
Server: nginx/1.12.2
ETag: "618abb4d-3faf"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 16303
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_ujti-ot-gaza-bizn_388224_s10.png
89.184.83.166/files/news/images/3882/24/ 123 KB
123 KB 50ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/24/picture2_ujti-ot-gaza-bizn_388224_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 100b510c8f04622669c04d979d7d3d3f5f23a2ab506feb5a66a421c6901e8bee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Tue, 09 Nov 2021 08:13:35 GMT
Server: nginx/1.12.2
ETag: "618a2daf-1ec07"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 125959
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_bolshaja-ploschad_388062_s10.jpg
89.184.83.166/files/news/images/3880/62/ 20 KB
20 KB 54ms
53ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3880/62/picture2_bolshaja-ploschad_388062_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fb549f61771d0a49e89d1cabb8aad1e235d7de55df6d2f18d3c40688c8eea44e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Tue, 09 Nov 2021 07:27:46 GMT
Server: nginx/1.12.2
ETag: "618a22f2-5043"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 20547
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_pochemu-robot-ubo_388197_s10.jpg
89.184.83.166/files/news/images/3881/97/ 26 KB
27 KB 51ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/97/picture2_pochemu-robot-ubo_388197_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 51abcbf7f761a0bd7a496a721524975c973dfd86d293fbec44da8ebdd0c70f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Wed, 10 Nov 2021 09:23:27 GMT
Server: nginx/1.12.2
ETag: "618b8f8f-697e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 27006
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_mdjaimjujaluoafzh_388220_s10.png
89.184.83.166/files/news/images/3882/20/ 165 KB
165 KB 50ms
50ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/20/picture2_mdjaimjujaluoafzh_388220_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2376fbd5427f7255c8e164ee17651a11a14e56901ce0500856fcf7dc51a109e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Wed, 10 Nov 2021 09:23:57 GMT
Server: nginx/1.12.2
ETag: "618b8fad-29263"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 168547
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_kesh-ribejty-v-uk_388228_s10.png
89.184.83.166/files/news/images/3882/28/ 99 KB
99 KB 54ms
54ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3882/28/picture2_kesh-ribejty-v-uk_388228_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b8200ae953d63e0faedabd480c68facb4518654e6d3af037a08a77925012a271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Sun, 07 Nov 2021 19:45:08 GMT
Server: nginx/1.12.2
ETag: "61882cc4-18bcc"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 101324
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_simuljacija-produ_388138_s10.jpg
89.184.83.166/files/news/images/3881/38/ 13 KB
13 KB 51ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/38/picture2_simuljacija-produ_388138_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0d7e8ffd0347d3ec8fe14ec510b892288fadfd08038bf2fa5c8d448b8bab27bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 12 Nov 2021 14:53:48 GMT
Server: nginx/1.12.2
ETag: "618e7ffc-3408"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 13320
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_gosudarstvennye-i_388154_s10.png
89.184.83.166/files/news/images/3881/54/ 104 KB
105 KB 49ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3881/54/picture2_gosudarstvennye-i_388154_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d94f1b6f2b7eabad7de5adb186aeb0573d07a7d79e8d99b6e5fbf254011b9850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Fri, 05 Nov 2021 10:55:36 GMT
Server: nginx/1.12.2
ETag: "61850da8-1a0b0"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 106672
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_v-ukrainu-idut-ko_388645_s10.jpg
89.184.83.166/files/news/images/3886/45/ 21 KB
21 KB 52ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/45/picture2_v-ukrainu-idut-ko_388645_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0176d4b7efa07e00f0111aed2eba384aaffae02bd4b4b14f24e81c7816fa8847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 20:57:45 GMT
Server: nginx/1.12.2
ETag: "6192c9c9-52ab"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 21163
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_naftogaz-dopustil_388643_s10.jpg
89.184.83.166/files/news/images/3886/43/ 18 KB
18 KB 49ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/43/picture2_naftogaz-dopustil_388643_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4c154f99fe5dad7a87e5b35d2af00d2be584e50a881a0d59981c2310f0dbe78c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 19:28:39 GMT
Server: nginx/1.12.2
ETag: "6192b4e7-466e"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18030
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_v-krasnuju-zonu-p_388638_s10.png
89.184.83.166/files/news/images/3886/38/ 144 KB
144 KB 49ms
49ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/38/picture2_v-krasnuju-zonu-p_388638_s10.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2153512e5fa3ec1253db2a15547681b17f9134466b8faeb1ef3e793213fad97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 17:11:08 GMT
Server: nginx/1.12.2
ETag: "619294ac-23e57"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 147031
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_partiju-sluga-nar_388636_s10.jpg
89.184.83.166/files/news/images/3886/36/ 11 KB
11 KB 52ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/36/picture2_partiju-sluga-nar_388636_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 4c57f62a304f9d10babab4b8d3ebc274b5c3dacdedcbb5e19bc92ad6b52162a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 16:52:29 GMT
Server: nginx/1.12.2
ETag: "6192904d-2a06"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10758
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_microsoft-zabloki_388635_s10.jpg
89.184.83.166/files/news/images/3886/35/ 12 KB
12 KB 52ms
51ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/35/picture2_microsoft-zabloki_388635_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 67c7e0bf05da7b24d79b355de597384ba320fb3f7ae2dca0d2552e63908d22e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 16:17:27 GMT
Server: nginx/1.12.2
ETag: "61928817-2e82"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 11906
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_rossija-namerena-_388634_s10.jpg
89.184.83.166/files/news/images/3886/34/ 11 KB
12 KB 50ms
50ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/34/picture2_rossija-namerena-_388634_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 963eb58029e69121c912be7093ad23b8ade26a80d67ab09e87ce8bb714cba08e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 16:20:33 GMT
Server: nginx/1.12.2
ETag: "619288d1-2d6d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 11629
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_minekonomiki-sniz_388632_s10.jpg
89.184.83.166/files/news/images/3886/32/ 16 KB
16 KB 49ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/32/picture2_minekonomiki-sniz_388632_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ae8466dd4772a3ee4fd5ebe687958432611c40f33a4ac8670c3709ad12ea420c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 15:47:41 GMT
Server: nginx/1.12.2
ETag: "6192811d-4002"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 16386
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_vladelec-kernel-v_388631_s10.jpg
89.184.83.166/files/news/images/3886/31/ 12 KB
12 KB 53ms
52ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/31/picture2_vladelec-kernel-v_388631_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 0e0c7a0dbd3427a6c99e5887329a0d3f4e168b30bbf1477af211a6933c453f7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 15:43:31 GMT
Server: nginx/1.12.2
ETag: "61928023-2fe5"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 12261
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_v-ukrainu-idut-mo_388630_s10.jpg
89.184.83.166/files/news/images/3886/30/ 19 KB
20 KB 56ms
55ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/30/picture2_v-ukrainu-idut-mo_388630_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ec4c1586b53ff9b581e654c5f390df522c6077689d46922638070c25efcde88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 15:36:17 GMT
Server: nginx/1.12.2
ETag: "61927e71-4da3"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 19875
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture2_predskazavshij-kr_388629_s10.jpg
89.184.83.166/files/news/images/3886/29/ 18 KB
18 KB 58ms
58ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/news/images/3886/29/picture2_predskazavshij-kr_388629_s10.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f8e9e0f2bfdb93775d1370b2a7df4df165b460a626c9be55ba3c1d97295ab48f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 15 Nov 2021 15:12:29 GMT
Server: nginx/1.12.2
ETag: "619278dd-477d"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18301
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture_9a145d9c7a7de67dc_1135200_s4.jpg
89.184.83.166/files/users/images/11352/0/ 9 KB
10 KB 58ms
58ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11352/0/picture_9a145d9c7a7de67dc_1135200_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 28f05c94d67836beac03027bea2f48d141611b085e12e18088a67e3cfdeef7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Thu, 11 Nov 2021 08:48:26 GMT
Server: nginx/1.12.2
ETag: "618cd8da-246b"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 9323
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture_5a457c03d2c1dee5c_1135199_s4.jpg
89.184.83.166/files/users/images/11351/99/ 14 KB
14 KB 55ms
55ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/99/picture_5a457c03d2c1dee5c_1135199_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: cecf378a0bb6355c852eb2cfe5b23159f61c914f79abe7ee09422ce41fe37cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Wed, 10 Nov 2021 16:12:19 GMT
Server: nginx/1.12.2
ETag: "618bef63-37a1"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 14241
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK picture_5eeab8ea6a99ffad4_1135198_s4.jpg
89.184.83.166/files/users/images/11351/98/ 10 KB
10 KB 49ms
49ms Image
image/jpeg 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/files/users/images/11351/98/picture_5eeab8ea6a99ffad4_1135198_s4.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c42d49ff0f64cf93690bd1c1b07e7cddbb1ae86c3e3a4328c12e2932d89a08b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Wed, 10 Nov 2021 15:11:23 GMT
Server: nginx/1.12.2
ETag: "618be11b-27db"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 10203
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK loading.svg
89.184.83.166/delo/img/ 2 KB
1 KB 49ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo/img/loading.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b17d9c5b043c2813aeeb64c3cf08b318ebab7a1894aa4a77538d2a3c7c4dde46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-9ef"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK logo-fotter.png
89.184.83.166/delo2017/img/refrash/ 4 KB
4 KB 48ms
47ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/logo-fotter.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: a3d21d5a0d84e6a6cdca677e5541eb7345b0181b96dcb0a4b020b013c6797a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-f72"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3954
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H2

404

/
delo.ua/delo2017/js/counters/xgemius.js/
Redirect Chain

https://delo.ua/delo2017/js/counters/xgemius.js
https://delo.ua/delo2017/js/counters/xgemius.js/

0
0

89ms
88ms

Script
text/html

2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://delo.ua/delo2017/js/counters/xgemius.js/
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Server: 2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

x-response-time: 0.015
date: Thu, 05 Jan 2023 06:10:06 GMT
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
server: cloudflare
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://delo.ua/delo2017/js/counters/xgemius.js/
cache-control: max-age=14400
cf-ray: 784a0c872d5c9c0a-FRA

GET
H/1.1 200
OK ru.lang.v1591010330.js Show response
89.184.83.166/frontend/languages/ 9 KB
4 KB 58ms
58ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/frontend/languages/ru.lang.v1591010330.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f972e4acfe8115daf147547986bf67bd74830e4e1b3c43eb94300d9a327adf14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:50 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e41a-2521"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK delo_app.v92.js Show response
89.184.83.166/assets/js/ 569 KB
165 KB 105ms
104ms Script
application/javascript 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/assets/js/delo_app.v92.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ebcc03a80c0f2482958b713ef14fe9bc76a100ce4e92469607806788bdd4b826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 15:32:06 GMT
Server: nginx/1.12.2
ETag: W/"615f12f6-8e237"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 31ms
12ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:42 GMT
server: nginx
etag: W/"6375fd62-2c101"
x-cached-since: 2023-01-05T06:06:06+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Sat, 19 Nov 2022 14:15:07 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
59 KB 51ms
48ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NSST3NJ

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

052ff51beccdf8182f726a777e857df7b4c50174eff6610257d50a6d24da06b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 60133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 30ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 06:10:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yFcek2jgL8vMqlnXVC9YZGGPPm0XHdB82giQkqDuEaVrA2UER6i/k/IdBMME89R4UEqGA1x4UE8YTgkFB3aA2w==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
36ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5812255-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2729
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 07:24:37 GMT

GET
H/1.1 200
OK top100_2019.png
89.184.83.166/delo2017/img/delo-redis/ 7 KB
8 KB 201ms
52ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/top100_2019.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 472c294a89dcde758b37b51698a4cc2f5717b949934665dae2b5c5d6a2ac6c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-1d83"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 7555
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK GothamProNarrow-Medium.ttf
89.184.83.166/delo2017/fonts/GothamProNarrowMedium/ 39 KB
40 KB 91ms
50ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProNarrowMedium/GothamProNarrow-Medium.ttf
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 1d3b5e2512f23c40d71d0c08ee189866d38c753056ec140fbc5cb1a3a8b373b7

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-9de8"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 40424
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK GothamProRegular.woff
89.184.83.166/delo2017/fonts/GothamProRegular/ 23 KB
23 KB 195ms
111ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProRegular/GothamProRegular.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 70e7ea50d23c538692bbd47bcf1f82d46a4f532f14b2c87aab660eeb4f8485e9

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-5a34"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 23092
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK search.svg
89.184.83.166/delo2017/img/delo-redis/ 413 B
750 B 212ms
47ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/search.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 8fbf0cb4fbf892c6adced48d299ad8715fffe44854652445614a69f65953a1e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-19d"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK menu.svg
89.184.83.166/delo2017/img/delo-redis/ 273 B
653 B 218ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/menu.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: b501e04314f4ed8fc971a52a17fc9bab9339de9b9a4f61e82c83fc721e52f371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-111"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK close-white-bold.svg
89.184.83.166/delo2017/img/delo-redis/ 370 B
715 B 216ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/close-white-bold.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 5a00c549909c3e4186f0525545b2f4754c134d57dcf89ea1d94de034dcdc4824

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-172"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK GothamProMedium.woff
89.184.83.166/delo2017/fonts/GothamProMedium/ 24 KB
25 KB 171ms
110ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProMedium/GothamProMedium.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: d3bb6c505b9bc95c4a8e55608f679d0589fb9b54455e23adbdd2d5a7224ff6b7

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-6190"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 24976
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK GothamProBold.woff
89.184.83.166/delo2017/fonts/GothamProBold/ 23 KB
23 KB 172ms
108ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProBold/GothamProBold.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2fb79490e7b334bd4aae1679ec8ca15d1e080b5231346364e8e1700ed05da262

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-5b14"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 23316
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H2 200 cj7swk3FTZw Show response
www.youtube.com/embed/ Frame EC7E 68 KB
29 KB 184ms
89ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cj7swk3FTZw

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eefbb147a3c52e41c1668ad3bdf7a61ededf27e6930643bb5212fb17749da2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861
https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861

104 B
590 B

43ms
43ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 104
Expires: Tue, 04 Jan 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t45.6;r;s1600*1200*24;uhttps%3A//89.184.83.166/;0.06511587919527861
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 04 Jan 2022 21:00:00 GMT

GET
H/1.1 200
OK youtube.svg
89.184.83.166/delo2017/img/delo-redis/ 748 B
982 B 214ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/youtube.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: fa34aadc5bfd96f4a10d635898302472a62a115932326ff26d86d378a5ea4f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-2ec"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK telegram.svg
89.184.83.166/delo2017/img/delo-redis/ 756 B
971 B 213ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/telegram.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 2c0a749efc0b4d387c753b776ade50fc9b525a6536946b25c1e00b3df9a7e1c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-2f4"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK fb.svg
89.184.83.166/delo2017/img/delo-redis/ 369 B
771 B 163ms
48ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/fb.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ba2762cb9490cb7ab39632c895e7f76138e68300b42d1da8d5af681bcc30ab17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-171"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK tw.svg
89.184.83.166/delo2017/img/delo-redis/ 1 KB
1 KB 171ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/tw.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: ed11e5b02ae470c530cc6c5cac37df11eb257f15a1e18686f6ec74d94a11ce64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-47f"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK instagram.svg
89.184.83.166/delo2017/img/delo-redis/ 2 KB
2 KB 207ms
49ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/delo-redis/instagram.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 32b70ab5fc48590df0a00789276a79331f0c3eef1ebca7b0e518d3dd63dab541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-935"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK innerHamburger.svg
89.184.83.166/delo2017/img/newDelo/svg/ 285 B
666 B 170ms
47ms Image
image/svg+xml 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/newDelo/svg/innerHamburger.svg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: c1981fa3cfaed9f5221d75fd22e51a28023bddc837134260e85b3197e6f2e107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: W/"5ed4e419-11d"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK all-news-icon.png
89.184.83.166/delo2017/img/refrash/ 1 KB
1 KB 48ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/all-news-icon.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 803fe9f27b76a391e1f762d984b1fb2a88a39082660856eb8a3f7be0a09e32ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-417"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1047
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H/1.1 200
OK icomoon.ttf
89.184.83.166/delo2017/fonts/ 4 KB
4 KB 98ms
48ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/icomoon.ttf?7cozra
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: e1e3bb3543e3be16e086a3b447c61cf01dd160aad6b5466b93b0891fd5836a4a

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-f8c"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3980
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK icomoon.ttf
89.184.83.166/delo2017/fonts/icomoon2/ 3 KB
4 KB 99ms
50ms Font
application/octet-stream 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/icomoon2/icomoon.ttf?rp50vy
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 12acdb8a2ac7ff6298b619c644f819df8166c16735d3ebaa17a57f649222f5d5

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-df0"
Content-Type: application/octet-stream
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 3568
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H/1.1 200
OK GothamProLight.woff
89.184.83.166/delo2017/fonts/GothamProLight/ 24 KB
25 KB 150ms
53ms Font
font/woff 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://89.184.83.166/delo2017/fonts/GothamProLight/GothamProLight.woff
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 6aba63345a774be90643ddd2fa76dcc3116bb2e1aa6fcb5c72b925420da4fd68

Request headers

Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:06 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-6114"
Content-Type: font/woff
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 24852
Expires: Thu, 05 Jan 2023 06:10:05 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/51428/ Frame 6505 738 B
519 B 12ms
11ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Thu, 05 Jan 2023 06:10:06 GMT
etag: W/"6375fd72-2e2"
expires: Wed, 06 Dec 2023 18:50:09 GMT
last-modified: Thu, 17 Nov 2022 09:22:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-12-05T18:50:09+00:00
x-id: fr5-up-gc31

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/51428/ 23 KB
8 KB 18ms
13ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:56 GMT
server: nginx
etag: W/"6375fd70-5d41"
vary: Accept-Encoding
x-cached-since: 2022-11-28T18:27:54+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 18:27:54 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/51428/ 75 KB
20 KB 18ms
14ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:06 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:47 GMT
server: nginx
etag: W/"6375fd67-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-29T13:09:50+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 30 Nov 2023 13:09:50 GMT

GET
H3 200 1684515781783344 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 25ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1684515781783344?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4286480951a2f877dea5ed5cc89e867f0e5870731c4d9e7c0f129538a90cdd4b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Jan 2023 06:10:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86145
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: in8PWoL4Le1FlucNJkDR/L+EsGN21W+RpgGSsd0qtqBWDkqc1/x4/hn4Lcvhi96KiJYknv/eariDnbTcLBHAbA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-1232730.js Show response
static.hotjar.com/c/ 8 KB
4 KB 65ms
41ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSST3NJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

daa7d0b90d724263a545337797cdc60ed4fed5bf2b024dfc008fd7b52ef8201e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:06 GMT
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
etag: W/8a3401c5bbb97719660294df9c2d6116
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: iUUZEKpylqZjjHKpKFS59tvxwDin-I02hydVM-WUr_bVEA-3tzAqmw==

GET
H2 200 sdk.js Show response
api-esp-eu.piano.io/public/sdk/v04/ 43 KB
14 KB 42ms
20ms Script
application/javascript 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:06 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
age: 514733
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 03 Dec 2022 08:35:00 GMT
server: cloudflare
etag: W/"1bbec-184d71fdd40"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: api-esp-eu-v2.piano.io
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 784a0c88ad72bbe9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 05 Jan 2024 06:10:06 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 22:27:42 GMT

GET
H/1.1 200
OK close-all-news.png
89.184.83.166/delo2017/img/ 1 KB
2 KB 48ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/close-all-news.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: f886ad4d62165edfc981c99b190fe5b789c3e7293ad561523bd59320c89e406c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-521"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 1313
Expires: Thu, 05 Jan 2023 06:10:06 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 123 KB
43 KB 110ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1672332b758b4ed6959d0309e08582342550f015c3f5116121d9fadfa4af96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347904
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43589
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 05:31:42 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 121 KB
41 KB 113ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03c0c8de96c5509603e802b8f9ac8825d0fc79b7f6a39139d10164420fa7d3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 316304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42323
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 14:18:22 GMT

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 7CD7 2 KB
833 B 150ms
75ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1609e5fef8b9eb4be6aafe5728805386cacb518bcb5e1b1e2b28cad2041d7776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 05 Jan 2023 06:10:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 119ms
46ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=492273326&t=pageview&_s=1&dl=https%3A%2F%2F89.184.83.166%2F&ul=en-us&de=UTF-8&dt=Delo.ua%20%E2%80%94%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=100939853&gjid=1857005547&cid=2082480726.1672899007&tid=UA-5812255-8&_gid=931726768.1672899007&_r=1&gtm=2oubu0&z=502493417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame EC7E 360 KB
49 KB 47ms
38ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame EC7E 339 KB
107 KB 87ms
78ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame EC7E 2 MB
597 KB 100ms
90ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611344
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame EC7E 9 KB
3 KB 98ms
89ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 27ms
8ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1684515781783344&ev=PageView&dl=https%3A%2F%2F89.184.83.166%2F&rl=&if=false&ts=1672899006982&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.3.1672899006981.1008784447&it=1672899006776&coo=false&exp=b2&rqm=GET

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Jan 2023 06:10:07 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC7E 15 KB
16 KB 125ms
35ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 409937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC7E 15 KB
15 KB 134ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 200928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 22:21:19 GMT

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 608ms
197ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: a4549e751b1fac0d7954f4df4f4eba0f1c4799264a5d039a26b092f25b196e88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 627ms
215ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=41f0c8ad-aa36-494a-bfb5-7e06fe8248de
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 9d3deafb0a4b47c613b368da3a658bb0412d214d341115a412a86fb9c7bc99f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 611ms
200ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=586cecde-ba4a-45a6-8286-e2895def8b07
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 7f4883e988bed7cc4679dd4b58c3f255bceb8784c99262cca1d82607eeb66181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 609ms
198ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=8dfc6dda-9699-42b7-8fcd-5dd7987df939
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0704ac8b04bd3179874b490582e4129799828e9420522a70eda29d3347635313

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 11 KB
11 KB 617ms
205ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=7a370b14-2698-4686-84e2-8588003f5544
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_bootstrap.v21.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software: nginx /
Resource Hash: 83d51d3f3a30d5822a65006f7bef95bc33f3fd9c28f87af14cff97d0598d98ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:07 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3 200 iframe_api Show response
www.youtube.com/ 992 B
518 B 117ms
116ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 05 Jan 2023 06:10:07 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 54ms
19ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5812255-8&cid=2082480726.1672899007&jid=100939853&gjid=1857005547&_gid=931726768.1672899007&_u=YEBAAUAAAAAAACAAI~&z=624987292

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-subscribe-embed_split_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 7CD7 38 KB
6 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6066
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 10:38:53 GMT

GET
H3 200 www-subscribe-embed_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 7CD7 252 KB
72 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&layout=default&count=hidden&origin=https%3A%2F%2F89.184.83.166&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502274
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73785
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 10:38:53 GMT

GET
H3 200 118 Show response
api-esp-eu.piano.io/publisher/fusion/lucid/data/ 472 B
842 B 61ms
40ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/118?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f883ae84c1ccd334c227997a3cc86f571d68e4bf712413058f4bbc63c7ad93

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"1d8-yH1Gw0PQE0sSZHhibCd2SqLoLys"
access-control-max-age: 36000
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 784a0c8b1f7e996f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 118
api-esp-eu.piano.io/publisher/fusion/lucid/data/ Frame 0
0 58ms
37ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/publisher/fusion/lucid/data/118?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://89.184.83.166
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a0c8abb4f909d-FRA
date: Thu, 05 Jan 2023 06:10:07 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 14ms
7ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 1202582
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UWQXr86wFRxFfeOYjUYyf59sEQyYNnwLXL4Zxf2UpgRcpFb6UeVGqw==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B2AC 7 KB
1 KB 135ms
54ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=cq6lynk2wr6z

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9c1d1179b013869eed0a88ec75b0151b8a4d3815acb6986533c5a24bbb3b9364

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GfkZzFhEYi697U2y9_BwQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 1051
content-security-policy: script-src 'report-sample' 'nonce-GfkZzFhEYi697U2y9_BwQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:07 GMT
expires: Thu, 05 Jan 2023 06:10:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 8 KB
3 KB 587ms
194ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7915972885595794&cpv=aa92cd73-29ce-5893-a316-304001a09116&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2221ccaff5-29eb-a0e0-c0d7-35912e91458f%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252F89.184.83.166%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2288fcf8cd-08b0-bf5d-4be8-5397d9b59f35%22%2C%22tagid%22%3A%2281fc4af8-1714-40ee-a7ed-4e7acdc56013%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_81fc4af8171440eea7ed4e7acdc56013_zone_5922_sect_822_site_809%22%2C%22pos%22%3A0%2C%22inView%22%3A0%7D%2C%22i%22%3A%22invents%22%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c9c09f66d7be1f776bd556d9052806719cd16f543e93441d27551df72d57a43b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 2715
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 8 KB
3 KB 599ms
202ms Script
application/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7600289773176601&cpv=aa92cd73-29ce-5893-a316-304001a09116&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22596d79f7-0d66-3aab-f234-cf4c789f570f%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252F89.184.83.166%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22ce748e89-4f13-2df3-a533-cc4874decd3d%22%2C%22tagid%22%3A%227643a12b-a173-4c9e-90bc-338ed2e42c90%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_7643a12ba1734c9e90bc338ed2e42c90_zone_27319_sect_822_site_809%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%2C%7B%22id%22%3A%220113a1a1-cf3f-ad75-45dd-1117af879a4a%22%2C%22tagid%22%3A%228357f430-2b48-4c59-b4ab-3e3f923a8bce%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_8357f4302b484c59b4ab3e3f923a8bce_zone_30421_sect_822_site_809%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22i%22%3A%22inv-nets%22%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c188871d28a1309c3d593207c6e791f6361852daae1d925d1ccd27e45fc82c72

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 2721
X-Xss-Protection: 0

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 1D75 566 B
904 B 191ms
85ms Document
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_1?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b77a69c29f7f58d57744b3f8f73d3c86824b306cea425dd71292663a7ec1009f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-f0DqBB9bNhW8QSdvFMa9sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-f0DqBB9bNhW8QSdvFMa9sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 06:10:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 70ms
48ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5812255-8&cid=2082480726.1672899007&jid=100939853&_u=YEBAAUAAAAAAACAAI~&z=1913157491

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 188ms
71ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5812255-8&cid=2082480726.1672899007&jid=100939853&_u=YEBAAUAAAAAAACAAI~&z=1913157491

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame D963 2 KB
1 KB 32ms
8ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232730.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2856485
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 04:42:02 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: W7CE67L9z1b6baCynMCPC7Fb2W5p2if__SMp5HrvhJ8cdtUOWbMbbA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 subscribe_button_branded_lozenge.png
www.youtube.com/s/subscriptions/subscribe_embed/img/ Frame 7CD7 156 B
179 B 36ms
36ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:55:10 GMT
x-content-type-options: nosniff
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
server: sffe
age: 198897
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 02 Jan 2024 22:55:10 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame EC7E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

128ms
48ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bb74183b0b39ae7c185d3d352fd875509d861bc9a2988e920c53fd42423f32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:07 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EC7E 29 B
587 B 170ms
47ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:19 GMT
x-content-type-options: nosniff
age: 48
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:24:19 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api-esp-eu.piano.io
URL: https://api-esp-eu.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2730
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 07:24:37 GMT

POST
H3 200 40 Show response
api-esp-eu.piano.io/tracker/lucid/visit/ 65 B
543 B 42ms
42ms XHR
application/json 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2F89.184.83.166%2F&visitor=ddnuyyuf7rjyiwuv

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/assets/js/delo_app.v92.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cb94323cb455529ab1a562227c6d6a75626d3f3c6ef1e9384d1593cf7fde14

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-q/ehcpo6GrI2WlC+Ar08FFx6d3s"
access-control-max-age: 36000
vary: X-HTTP-Method-Override
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 784a0c8c58e6996f-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 40
api-esp-eu.piano.io/tracker/lucid/visit/ Frame 0
0 31ms
31ms Preflight 2606:4700::6810:f015
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp-eu.piano.io/tracker/lucid/visit/40?story_url=https%3A%2F%2F89.184.83.166%2F&visitor=ddnuyyuf7rjyiwuv

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:f015 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://89.184.83.166
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://89.184.83.166
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 784a0c8c2c1e909d-FRA
date: Thu, 05 Jan 2023 06:10:07 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 127ms
43ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC7E 66 KB
30 KB 129ms
55ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b038b52e0d8a48ea1c9c119d9e1482852c0c5947c1ae1a71c8933c26f89268e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31045
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame EC7E 119 KB
36 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37321
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
H3 200 G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js Show response
www.google.com/js/th/ Frame EC7E 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 01:58:23 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame EC7E 26 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
DATA 200
OK truncated
/ Frame EC7E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EC7E 2 KB
2 KB 167ms
48ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:06 GMT
x-content-type-options: nosniff
age: 2641
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1747
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 04:10:39 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/cj7swk3FTZw/ Frame EC7E 34 KB
35 KB 123ms
38ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/cj7swk3FTZw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce3fc33f1b59e6a46497652cf9b1b9c4935046702f204da30a9bc9859ff43d52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:58:58 GMT
x-content-type-options: nosniff
age: 4269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35256
x-xss-protection: 0
server: sffe
etag: "1635674323"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 06:58:58 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EC7E 10 KB
10 KB 110ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cj7swk3FTZw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 21:29:26 GMT
x-content-type-options: nosniff
age: 204041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 02 Jan 2024 21:29:26 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B2AC 52 KB
24 KB 117ms
40ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfoSogaAAAAAHPZ9-Z_kIvAVJeIq7et9O1ed6s8&co=aHR0cHM6Ly84OS4xODQuODMuMTY2OjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=cq6lynk2wr6z

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 13:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 13:16:23 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame B2AC 407 KB
163 KB 134ms
58ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 22:27:42 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/ 184 KB
62 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:30:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62997
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 04:30:26 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 7CD7 126 KB
42 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 01:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 01:58:02 GMT

POST
H3 204 cspreport
accounts.google.com/o/ Frame 1D75 0
20 B 120ms
46ms Other
text/html 2a00:1450:4001:82a::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/cspreport

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--EzEm7j7XXUIkNr5EDmWdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:07 GMT
content-security-policy: script-src 'report-sample' 'nonce--EzEm7j7XXUIkNr5EDmWdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport, require-trusted-types-for 'script';report-uri /o/cspreport
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1832714284-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 1D75 10 KB
5 KB 131ms
38ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1832714284-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2F89.184.83.166&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 07:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253941
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4294
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 19:08:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="federated-signon-mpm-access"
vary: Accept-Encoding
report-to: {"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 07:37:46 GMT

GET
H3 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 1D75 17 KB
7 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 06:10:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6901
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "c75ce447b1f6d98e"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Jan 2023 06:10:07 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A85A 0
18 B 23ms
10ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://89.184.83.166
Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://89.184.83.166
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:07 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 52ms
18ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46085336-14&cid=2082480726.1672899007&jid=1554231332&gjid=1706815336&_gid=931726768.1672899007&_u=ACCAgEABCAAAAEAAI~&z=1045779214

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 06:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 36ms
35ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=492273326&t=pageview&_s=1&dl=https%3A%2F%2F89.184.83.166%2F&ul=en-us&de=UTF-8&dt=Delo.ua%20%E2%80%94%20%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D0%BB%D0%BE%D0%B2%D0%BE%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D1%8B&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABCAAAAAAAI~&jid=1554231332&gjid=1706815336&cid=2082480726.1672899007&tid=UA-46085336-14&_gid=931726768.1672899007&z=1183693081

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 04:38:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5492
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5SmvR9wCgf4 Show response
www.youtube.com/embed/ Frame 3E10 67 KB
27 KB 76ms
74ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52b8d2de809d1038e13129c62940477dc56c38ad07072fe839a112bc5b67a453

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:07 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK close-modal-small.png
89.184.83.166/delo2017/img/refrash/ 168 B
600 B 51ms
48ms Image
image/png 89.184.83.166
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://89.184.83.166/delo2017/img/refrash/close-modal-small.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/assets/css/delo_styles.v176.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.184.83.166 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: 1-ekonomika.ua
Software: nginx/1.12.2 /
Resource Hash: 394dce7e4c301cef115be471e7994b635771915e34057f5c0eeff510a1e23436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/assets/css/delo_styles.v176.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:07 GMT
Last-Modified: Mon, 01 Jun 2020 11:18:49 GMT
Server: nginx/1.12.2
ETag: "5ed4e419-a8"
Content-Type: image/png
Cache-Control: no-cache, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 168
Expires: Thu, 05 Jan 2023 06:10:06 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1232730/ 148 B
322 B 97ms
34ms XHR
application/json 54.171.106.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1232730/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.106.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-106-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EC7E 4 KB
2 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:07 GMT

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 305 KB
114 KB 23ms
9ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 300e6fffe3f6d8727dcd71853fed1cf0321ffa78494a9a3df7fe0b0c745f2d6d

Request headers

Referer: https://89.184.83.166/
Origin: https://89.184.83.166
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc16
date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
last-modified: Fri, 25 Nov 2022 13:28:02 GMT
server: nginx
etag: W/"6380c2e2-4c2e8"
vary: Accept-Encoding
x-cached-since: 2022-11-25T13:40:05+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Sun, 26 Nov 2023 13:40:05 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 561 B
516 B 7ms
7ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=a406899d-9949-4407-9ef4-92b1538e927d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
last-modified: Mon, 17 Jan 2022 12:25:34 GMT
server: nginx
etag: W/"61e5603e-231"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:28:33+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Wed, 29 Nov 2023 16:28:33 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 50ms
50ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:07 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame EC7E 90 B
134 B 47ms
46ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97268521aec760c4a0b224bf07f6fd2d4d547c1948d40105a9e898663e68d353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H3 204 generate_204
www.youtube.com/ Frame EC7E 0
10 B 36ms
36ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?hW77Sw
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cj7swk3FTZw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/e5f6cbd5/ Frame 3E10 360 KB
49 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49906
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/ Frame 3E10 339 KB
107 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109069
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 3E10 2 MB
597 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121529
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611344
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/ Frame 3E10 9 KB
3 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:26 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 1D75 54 KB
19 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 03:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19257
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 03:29:29 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E10 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 409937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3E10 15 KB
15 KB 43ms
42ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 22:21:19 GMT
x-content-type-options: nosniff
age: 200928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 22:21:19 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B2AC 2 KB
2 KB 39ms
39ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 556198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 05 Jan 2023 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B2AC 15 KB
15 KB 47ms
47ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 409937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 12:17:50 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame EC7E 52 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 06 Jan 2023 01:58:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 154ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27560
x-xss-protection: 0
server: sffe
etag: "1442 / 766 of 1000 / last-modified: 1672873566"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 05 Jan 2023 06:10:08 GMT

GET
H3 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ 27 KB
9 KB 41ms
36ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_2?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 16:52:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307045
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9143
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 16:52:42 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 156ms
88ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
389 B 95ms
65ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 60ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 50ms
14ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e711dbb69056cb603a97ca78d056e0f1f879c25eb637c963c0f4adbe95d327c8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: d2e1df54-c096-4a2b-a4b5-bb5fb60ecd3a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 60ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
731 B 247ms
45ms XHR
application/json 34.249.37.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672899008058&to=0&aun=admixer_e565a1528b2843e19f7151988766fba0_zone_25842_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fdelo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.37.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 02df4925b4c30e297c8e77cc306cf1b1d04ae4e976be60ac50cf67408d13bc38

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 84ms
46ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 8bcff72eaf8dc966f6d4c9fa1a32b5c74dabb90ce5cf1f44ac273b2df593b306

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 802

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 49ms
17ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=5888428159&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 202ms
202ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 47ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 196ms
196ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 131ms
83ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 238ms
47ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 7bcc90008afba9f780894e08c0dc17c267bcb721e035a8e3b401c422d539ca62

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 47ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 44ms
15ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

63d03491f10c3a5505820ed3506127c409bfd2ebf7dad71e4f8d2e6ab48a1052

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: 26798db3-97a1-4cb7-9c7b-7a8081c3017d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
389 B 51ms
41ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 38ms
15ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=90227042243&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
732 B 230ms
43ms XHR
application/json 34.249.37.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672899008073&to=0&aun=admixer_e5e08653cbc34e16b9b08ae617db50b8_zone_25843_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fdelo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.37.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8d3b9c4398eeacaf32c66007285a066d9eea8149e7281646511bca4f7c25e11e

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 386ms
194ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 44ms
15ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6d91918f429198067f0b35deb428650399532fd2593c649d3ec036f36749bf55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: d4ed5f46-f364-4871-a908-0bf3136a2b8f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
733 B 226ms
44ms XHR
application/json 34.249.37.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672899008078&to=0&aun=admixer_025aad06c1084acf8ccfd365c5329fee_zone_25844_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fdelo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.37.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f568230c04284554157c289a61885eb6fdfed3ea7e0768fc82cc6ec6169ed881

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 KB
1 KB 228ms
47ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 292b834e0639b060c72ad1277bd443084c1a66f46b8292be72bac687e38484b7

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 830

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
389 B 64ms
63ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 28ms
16ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=69213319315&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 111ms
78ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 30ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
176 B 31ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H3 200 subscribe_embed Show response
www.youtube.com/ Frame 5A5D 604 B
296 B 82ms
72ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17963f9e749ff9a6126bfe4a5f65e016d7d4043d0e62936e9ca7c2e229d2ec94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Thu, 05 Jan 2023 06:10:08 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 border_3.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 113ms
39ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 126619
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jan 2024 18:59:49 GMT

GET
H3 200 spacer.gif
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 43 B
65 B 112ms
39ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 18:59:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 126619
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jan 2024 18:59:49 GMT

GET
H3 200 bubbleSprite_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 318 B
341 B 111ms
40ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 05:32:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 88646
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 318
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 05:32:42 GMT

GET
H3 200 bubbleDropR_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 116 B
139 B 109ms
38ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:12:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 122234
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 03 Jan 2024 20:12:54 GMT

GET
H3 200 bubbleDropB_3.png
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/ 117 B
140 B 109ms
38ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 16:04:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
age: 50726
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 Jan 2024 16:04:42 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 91ms
91ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
389 B 59ms
58ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 16ms
16ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=98680537842&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 16ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 52ms
45ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 255cae36e18b3e56d4a4c7aca943e0d494a29cf4f1db3f675db78bcef8d12c74

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 790

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 329ms
199ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
732 B 167ms
45ms XHR
application/json 34.249.37.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672899008139&to=0&aun=admixer_13d1dd05df8c4e289bbc2fb234b5f48a_zone_41878_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250%2C300x300&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fdelo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.37.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e703aac9099b3f4eafa13355c6719546c21ac18917039f17c8c0713e645f6751

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 14ms
14ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

394a2e32a68e50487e359d5aa6fb28b6a53a682e5d7b8b48548747347860959c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: 6d68ba67-c69f-4fa0-9a1f-ecf5c5af8a5c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3E10
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

49ms
48ms

XHR
application/json

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f67c26619d5e6c0227873e70897e746097e0d7377ff69d2c191b5fb755a42500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 05 Jan 2023 06:10:08 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3E10 29 B
54 B 157ms
55ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:09:19 GMT
x-content-type-options: nosniff
age: 49
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Jan 2023 06:24:19 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/51428/ 28 KB
11 KB 9ms
8ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:01 GMT
server: nginx
etag: W/"6375fd75-702f"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:58:10+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 16:58:10 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/51428/ 42 KB
18 KB 11ms
10ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-a793"
vary: Accept-Encoding
x-cached-since: 2022-12-13T04:26:48+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 14 Dec 2023 04:26:47 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/51428/ 13 KB
5 KB 9ms
9ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:54 GMT
server: nginx
etag: W/"6375fd6e-326c"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:28:04+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 16:28:04 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/51428/ 11 KB
4 KB 10ms
9ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:53 GMT
server: nginx
etag: W/"6375fd6d-2a79"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:28:04+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 16:28:04 GMT

GET
H2 200 f744d5275c14e0b3b41a.b.js Show response
cdn.admixer.net/scripts3/51428/ 216 KB
75 KB 11ms
10ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:23:02 GMT
server: nginx
etag: W/"6375fd76-360b6"
vary: Accept-Encoding
x-cached-since: 2022-11-28T16:28:06+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 16:28:06 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 0
592 B 14ms
13ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=87855ff79f644ac6919bbd455c8b4141

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: 2c6624ea-f88c-495f-910c-0bd4e0808d70
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 130ms
33ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=87855ff79f644ac6919bbd455c8b4141
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

20ms
20ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT, Thu, 05 Jan 2023 06:10:08 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Thu, 05 Jan 2023 06:10:08 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://image8.pubmatic.com/AdServer/ImgSync?p=160846&gdpr={gdpr}&gdpr_consent={consent}&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D160846%26pmc%3DPM_PMC%26pr%3Dhttps%253A...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDc5MEQxQjctODAxRS00OUEwLTg1MkYtOTVGMkIxNTgzRUY5&gdpr=0&gdpr_consent={consent}
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDc5MEQxQjctODAxRS00OUEwLTg1MkYtOTVGMkIxNTgzRUY5&gdpr=0&gdpr_consent={consent}&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent={consent}
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent={consent}
https://image4.pubmatic.com/AdServer/SPug?partnerID=160846&pmc=1&pr=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D8B7CB874-411E-4307-9BD3-661F1CB0A0E6%26id%3D0790D1B7-801E-49A0-852F-95F2B...
https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=0790D1B7-801E-49A0-852F-95F2B1583EF9

43 B
463 B

199ms
199ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=0790D1B7-801E-49A0-852F-95F2B1583EF9

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=8B7CB874-411E-4307-9BD3-661F1CB0A0E6&id=0790D1B7-801E-49A0-852F-95F2B1583EF9
date: Thu, 05 Jan 2023 06:10:07 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admixer&user_id=87855ff79f644ac6919bbd455c8b4141&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=87855ff79f644ac6919bbd455c8b4141&gdpr=&gdpr_consent=&us_privacy=[usPrivacy]
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=2fba4ef2-448b-4ffb-b9ae-678b5cdf872b&gdpr=&consent=&gdpr_pd=

43 B
463 B

202ms
200ms

Image
image/gif

146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=2fba4ef2-448b-4ffb-b9ae-678b5cdf872b&gdpr=&consent=&gdpr_pd=

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: //inv-nets.admixer.net/bs/cm.aspx?id=2fba4ef2-448b-4ffb-b9ae-678b5cdf872b&gdpr=&consent=&gdpr_pd=
date: Thu, 05 Jan 2023 06:10:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 45ms
45ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3E10 66 KB
30 KB 73ms
72ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4deaabeabf60c9607099c6706595c0780618f1e26c016626c428c3f376db32d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30887
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 3E10 59 KB
22 KB 108ms
108ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ae3d1b52f9b468516f252fe7c6281de5ed1f40188eb2cda93547f358b9276a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22918
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:08 GMT

GET
H3 200 G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js Show response
www.google.com/js/th/ Frame 3E10 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 01:58:23 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 3E10 26 KB
8 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8390
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
DATA 200
OK truncated
/ Frame 3E10 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3E10 2 KB
2 KB 155ms
47ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:06 GMT
x-content-type-options: nosniff
age: 2642
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1747
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Nov 2022 04:10:39 GMT

GET
DATA 200
OK truncated
/ Frame 3E10 272 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 326a1475047fc55e20e7b309cca2afbbaa10de6facd8acca827939a617732d44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 119ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 22:32:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 04 Jan 2024 22:32:18 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 35 B
59 B 146ms
73ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43ab97e177e8b7e7417405c76411af0cff03307b9474e65b1d8d0e7c153d4fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 314ms
195ms XHR
text/javascript 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Server: nginx
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: https://89.184.83.166
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 17ms
15ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 85ms
84ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 47ms
47ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 78a44c5cab82009186fe04080b14fc5ddbbb19c3ed226d47b8546039378f456d

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 800

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 146 B
1 KB 17ms
16ms XHR
application/json 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1a7b4873d91ec0c4a2b1e98ad6a0dfa3ec3d6c827cd347b46c0f101fb9d857b1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: 5017a49b-ca34-434b-b1e9-214fca536ebc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://89.184.83.166
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 146
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 267 B
555 B 39ms
38ms XHR
application/json 34.249.37.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1672899008348&to=0&aun=admixer_062b91b42556471cb34e20f350880e09_zone_2313_sect_822_site_809&t=a4mvchf9&pi=3&maxw=300&maxh=600&si=325575&bf=300x600%2C300x250%2C300x300&schain=1.0%2C1!admixer.com%2C8c9403df-6eda-4a0a-afb0-be7b68ca005d%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F89.184.83.166%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.8.0%22%7D&ogu=https%3A%2F%2Fdelo.ua%2F&ns=10240
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.37.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-37-235.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4fb65c710f2f94db7557a79667b8a1901f4a4fa5f9af23611445a36352ec64b

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://89.184.83.166
date: Thu, 05 Jan 2023 06:10:08 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
389 B 46ms
46ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,adfBidAdapter,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,adtelligentBidAdapter,criteoBidAdapter,currency,gumgumBidAdapter,intersectionRtdProvider,mc_hook,oftmediaBidAdapter,pubmaticBidAdapter,rtbhouseBidAdapter,schain,teadsBidAdapter&ipm=&dev=true&rnd=268435462&hash=560019533
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://89.184.83.166
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 16ms
16ms XHR
text/plain 2a02:2638:1::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.8.0&cb=60512162541&lsavail=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 05 Jan 2023 06:10:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://89.184.83.166
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 984ms
389ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 999ms
400ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 www-subscribe-embed-card_v0.css
www.youtube.com/s/subscriptions/subscribe_embed/css/ Frame 5A5D 9 KB
2 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2482
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2447
x-xss-protection: 0
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 05:28:46 GMT

GET
H3 200 www-subscribe-embed-card_v0.js Show response
www.youtube.com/s/subscriptions/subscribe_embed/js/ Frame 5A5D 149 KB
44 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UCM1hAMz3CA03_xH6H4mD5sQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.ylZHJEOsguo.O%2Fd%3D1%2Frs%3DAHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:38:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44975
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 30 Dec 2023 10:38:53 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 3E10 90 B
134 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b01ae07d576508924e94bcb64077b32ea92447c567b52af5ed0bbdc79a30d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 43ms
43ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 05 Jan 2023 06:10:08 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 3E10 0
22 B 44ms
44ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=134&afmt=251&cpn=Uvayua1N7YHjvOYl&el=embedded&ns=yt&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24280571%2C24292955%2C24406621%2C24409252%2C24415864%2C24416290%2C24416440%2C24434209%2C24437729%2C24439360%2C24441239&cl=499069944&seq=1&docid=5SmvR9wCgf4&ei=wGm2Y47DDtaH6dsP2Yuh4As&event=streamingstats&plid=AAXxfich9jXu3oV_&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.282:B,0.282:B&cmt=0.010:0.000,0.282:0.000&afs=0.282:251::i&vfs=0.282:134:134::r&view=0.282:558:255&bwe=0.282:130000&bat=0.282:1:1&vis=0.282:0&bh=0.282:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 268 KB
269 KB 113ms
38ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672920608&ei=wGm2Y47DDtaH6dsP2Yuh4As&ip=2a03%3A1b20%3A6%3Af011%3A%3A6e&id=o-APwLWzpRX9TMnqQTuZIOXYpjXp_0QuNpIOFFdegxKhtx&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=mj&mm=31%2C26&mn=sn-5hnednss%2Csn-5goeenes&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=2831250&spc=zIddbF2SDkAc5X8LHN5oDTviv83uA3c&vprv=1&mime=video%2Fmp4&ns=-XtsROSj6HLWVKR-P3nsROMK&gir=yes&clen=1064215806&otfp=1&dur=34408.866&lmt=1632933565058233&mt=1672898481&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7216222&n=oK-LLbtAdJuClQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIhAKxGMoKGnnf42FrdzJFGs8FuaxhnsfNAMLanOPg7M9smAiBn5RfAQrgn1FfEXdg82GoUo9CkgDqdLtb658FO4wK0hA%3D%3D&alr=yes&sig=AOq0QJ8wRgIhALGuKjL6UVUrwjj3uKkhdzP5fmRcLTLyvWlztCtrtOdrAiEAqnG0GXOCw-1po2QQ5bk1I5i8CJfsIKBBIgSh9MrA930%3D&cpn=Uvayua1N7YHjvOYl&cver=1.20230102.00.00&range=0-274769&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fd6f037fbc41fe391a7ad687f696e6fbdbb41c06200c6a44b06df350b1a28dad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 274770
Last-Modified: Wed, 29 Sep 2021 16:39:25 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H/1.1 200
OK videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 126 KB
127 KB 122ms
48ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672920608&ei=wGm2Y47DDtaH6dsP2Yuh4As&ip=2a03%3A1b20%3A6%3Af011%3A%3A6e&id=o-APwLWzpRX9TMnqQTuZIOXYpjXp_0QuNpIOFFdegxKhtx&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C26&mn=sn-5hnednss%2Csn-5goeenes&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=2831250&spc=zIddbF2SDkAc5X8LHN5oDTviv83uA3c&vprv=1&mime=audio%2Fwebm&ns=-XtsROSj6HLWVKR-P3nsROMK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672898481&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=oK-LLbtAdJuClQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgPU2ZY4qENbMvySzVbFlyPtRBXguo7ichPxdfw89AycoCIGZfuAd-_b6AcRR7y1TbWfskwReS6vwK1r4CqLAgT1jx&alr=yes&sig=AOq0QJ8wRQIgfelEqVX9Q86_6p8_1OJPr0l1oq1RvI5pe_GWEsPCeTcCIQDL4WVLUAFEMV3Vv0UX4LQAmKdG1JP20l4w4nKO84eSCQ%3D%3D&cpn=Uvayua1N7YHjvOYl&cver=1.20230102.00.00&range=0-129402&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

cab812c86d39e38d417144183925c88585ab0fbd46fd84d42f1626d9e9117440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 129403
Last-Modified: Wed, 29 Sep 2021 17:52:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 05 Jan 2023 06:10:08 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 3E10 119 KB
36 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:24:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37321
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:24:38 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 3E10 32 KB
9 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdecdf4fa55074c210b949cfb4e85db24ca0b9fd93d2f44c3056b7b5ffdda243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:26:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8963
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:26:45 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/ Frame 3E10 68 KB
20 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131bf96ca53ca4c2f4a7e7574c3ef7567f90a136167f98d047c1bab0d6eda2cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 03 Jan 2023 20:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 121402
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20384
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 03 Jan 2024 20:26:46 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 3E10 33 KB
6 KB 296ms
296ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

c4db4bdc4a8c806de4f42f318597230243d5eab142c8f697ce35df525e1dae73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230102.00.00
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6047
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 1003ms
401ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 584ms
584ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzjAmqmdYWCo2F70l

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK 69b710a2-711f-4b98-ada3-5b34fed0b45c.html Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ 3 KB
2 KB 173ms
40ms XHR
text/html 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/69b710a2-711f-4b98-ada3-5b34fed0b45c.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 728c5b013e45bce8cf574f6b7d73d212a440f4e994835127628d0d11a4a7c3ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-da7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H2 200 cm-notify
creativecdn.com/ 42 B
243 B 24ms
19ms Image
image/gif 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 05 Jan 2023 06:10:08 GMT, Thu, 05 Jan 2023 06:10:08 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 09a55ba6-821c-4ea6-b0e2-c177b740af46.html Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ 3 KB
2 KB 170ms
41ms XHR
text/html 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/09a55ba6-821c-4ea6-b0e2-c177b740af46.html
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: e2ba64ef4c127560ce44129d8a8b60c04a038048d778e475521d9f6011847be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-c16"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H2 200 aa.js
cdn.adm.admixer.com/s/adm/ 915 B
915 B 317ms
105ms Image
application/javascript 44.195.196.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.adm.admixer.com/s/adm/aa.js?cb=[cachebuster]
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.196.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-196-224.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK setuid
ib.adnxs.com/ 0
592 B 27ms
25ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=533&code=87855ff79f644ac6919bbd455c8b4141

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 05 Jan 2023 06:10:08 GMT
AN-X-Request-Uuid: daf4ec34-114b-4827-adee-6ec277cf60e8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 675ms
674ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=87855ff79f644ac6919bbd455c8b4141&zone=81FC4AF8-1714-40EE-A7ED-4E7ACDC56013&device=28&rule=B3EE7590-EEF5-42FE-B559-1BF4ED8EB144&requestId=5f131f17-f73d-4db5-b9a0-5a4716b4e5e7&hp=502794149&page=89.184.83.166%2F&ts=638084958080368276&ap=MA%3D%3D&asign=1974783493&sync=3%2C88&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=8C9403DF-6EDA-4A0A-AFB0-BE7B68CA005D&inst=ADS-EU-5&pxl=0&pvid=4bd33a31-9b1c-456d-b62e-52b874d7f79e&ip=185.213.155.166&item=C7398ADC-AE52-4992-980D-691036DDD74E&crid=C7398ADC-AE52-4992-980D-691036DDD74E&profile=B3EE7590-EEF5-42FE-B559-1BF4ED8EB144&isopt=0&adv=Ekonomika&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fmarketing2023.mmr.ua%2F%3Futm_source%3Dcatfish_delo%26utm_medium%3Dbanner%26utm_campaign%3Dcatfish_delo_desktop&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 675ms
675ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=DE%2FHE%2F2925533&am-uid=87855ff79f644ac6919bbd455c8b4141&zone=8357F430-2B48-4C59-B4AB-3E3F923A8BCE&device=28&rule=32BC111C-C386-451B-9F93-5C39CD7E6290&requestId=7d593ec6-4946-4e6a-8b01-0b02b850bff5&hp=502794149&page=89.184.83.166%2F&ts=638084958080501345&ap=MA%3D%3D&asign=152906068&sync=88%2C3&bt=3&carr=31173+Services+AB&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=8C9403DF-6EDA-4A0A-AFB0-BE7B68CA005D&inst=ADS-EU-5&pxl=0&pvid=609782f7-2256-41a0-82f0-6c70ae86447e&ip=185.213.155.166&item=73AA91C3-1EE2-4C16-8CCC-03F3A6E6B97F&crid=73AA91C3-1EE2-4C16-8CCC-03F3A6E6B97F&size=1200x60&profile=32BC111C-C386-451B-9F93-5C39CD7E6290&isopt=0&adv=Ekonomika&dsp=Local&dmp_pr=MA%3D%3D&dstUrl=https%3A%2F%2Fdelo.ua%2Fuk%2Fdonate%2F&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: 89.184.83.166
URL: https://89.184.83.166/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/ Frame 5A5D 126 KB
42 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.ylZHJEOsguo.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8pkjVD5D2Liisn6U69GtDkc_fqFA/cb=gapi.loaded_0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 01:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 360726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42491
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 01 Jan 2024 01:58:02 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 3E10 0
11 B 39ms
39ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?Qi74hA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 124ms
44ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=89.184.83.166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 677 B
380 B 76ms
73ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2097897197727682&correlator=682739000738320&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=1&adks=1311067019&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672899008734&lmt=1672897536&dlt=1672899006399&idt=2208&adxs=635&adys=3614&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=2082480726.1672899007&ga_sid=1672899009&ga_hid=492273326&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d41702a8a00f2100072307bf64864d111b2036f8341d62da46311636e975e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 351
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3016 6 KB
3 KB 148ms
45ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:08 GMT
expires: Fri, 05 Jan 2024 06:10:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 67 KB
67 KB 31ms
15ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672920608&ei=wGm2Y47DDtaH6dsP2Yuh4As&ip=2a03%3A1b20%3A6%3Af011%3A%3A6e&id=o-APwLWzpRX9TMnqQTuZIOXYpjXp_0QuNpIOFFdegxKhtx&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C26&mn=sn-5hnednss%2Csn-5goeenes&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=2831250&spc=zIddbF2SDkAc5X8LHN5oDTviv83uA3c&vprv=1&mime=audio%2Fwebm&ns=-XtsROSj6HLWVKR-P3nsROMK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672898481&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=oK-LLbtAdJuClQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgPU2ZY4qENbMvySzVbFlyPtRBXguo7ichPxdfw89AycoCIGZfuAd-_b6AcRR7y1TbWfskwReS6vwK1r4CqLAgT1jx&alr=yes&sig=AOq0QJ8wRQIgfelEqVX9Q86_6p8_1OJPr0l1oq1RvI5pe_GWEsPCeTcCIQDL4WVLUAFEMV3Vv0UX4LQAmKdG1JP20l4w4nKO84eSCQ%3D%3D&cpn=Uvayua1N7YHjvOYl&cver=1.20230102.00.00&range=129403-198400&rn=3&rbuf=3921&pot=D8r-9isOF0mTysbfXHupi9RbdbXKsIDhp3qzxU-TrOjukcsM1o3c1MViVC2kx8ax8pxu4nrP8d7tiXSRpzgknCpZ9T-8V1D6BLK3iJNAok54qyvZjmtKc5prDA6eYlkq1mbArSs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9fa82a4d6807bb0592da46aefc1e66c463a05823759867c21362054c2942d9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 06:10:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68998
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 972ms
585ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 532 B
301 B 74ms
74ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2097897197727682&correlator=722687534009309&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300&ifi=2&adks=2493172272&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672899008770&lmt=1672897536&dlt=1672899006399&idt=2208&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2082480726.1672899007&ga_sid=1672899009&ga_hid=492273326&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74074051fc932cd82e8e6275fab28abf20202ea7811ff0385435d098d33d16eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 532 B
307 B 70ms
70ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2097897197727682&correlator=314160395394093&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_hb_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x300&ifi=3&adks=2970253951&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672899008780&lmt=1672897536&dlt=1672899006399&idt=2208&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2082480726.1672899007&ga_sid=1672899009&ga_hid=492273326&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f679de601d846d13702d68e10552ff862f25ac788bcab61221147c0d0eb8b198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3E10 4 KB
2 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:08 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 540 B
310 B 74ms
74ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2097897197727682&correlator=154422200230739&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=4&adks=114677092&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672899008793&lmt=1672897536&dlt=1672899006399&idt=2208&adxs=635&adys=1870&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=2082480726.1672899007&ga_sid=1672899009&ga_hid=492273326&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62527fc70658a07d880fe259fc2bc74b745cae15edc0511fb276b9bafa7c5745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 540 B
310 B 74ms
74ms XHR
text/plain 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2097897197727682&correlator=969174856821441&eid=31070233%2C44780792&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=29636627%3A22563808739%2Cdelo.ua_300x600_content_hb_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&adks=2748236754&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672899008799&lmt=1672897536&dlt=1672899006399&idt=2208&adxs=1000&adys=2739&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F89.184.83.166%2F&frm=20&vis=1&psz=0x-1&msz=325x-1&fws=4&ohw=1114&ga_vid=2082480726.1672899007&ga_sid=1672899009&ga_hid=492273326&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ee361b03553757b47cd09354b7b141bd6b1d22cddf84c2866dfc6e401c27cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://89.184.83.166
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 5877 236 KB
63 KB 62ms
20ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:25:08 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame 5877 28 KB
4 KB 160ms
40ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/body.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-6f34"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H/1.1 200
OK script.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame 5877 824 B
803 B 166ms
39ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/script.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 9832 236 KB
63 KB 55ms
21ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:08 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:25:08 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ Frame 9832 73 KB
8 KB 160ms
41ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/body.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/51428/f744d5275c14e0b3b41a.b.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-1229f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H3 200 featured_channel.jpg
i.ytimg.com/an/M1hAMz3CA03_xH6H4mD5sQ/ Frame 3E10 7 KB
7 KB 110ms
36ms Image
image/jpeg 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/M1hAMz3CA03_xH6H4mD5sQ/featured_channel.jpg?v=56cae361

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a756a22eee9196f8b9494d9a4402f2cdc8a0b545573a1b74782e1dc25bcda62f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:58:59 GMT
x-content-type-options: nosniff
age: 4269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7424
x-xss-protection: 0
server: sffe
etag: "1456137057"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Jan 2023 06:58:59 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 200ms
200ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary21m8jBWYbIVPoAKw

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3E10 2 KB
2 KB 47ms
47ms Image
image/jpeg 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu-swZk4bYRrfj4ik5oJhmqcsYGpjrEzr0JbmE41=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e15cd918b097c42e691e1a5d5baaaf28f6955e8388dd202c2e87d36ba56ea9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 04:47:17 GMT
x-content-type-options: nosniff
age: 4971
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2495
x-xss-protection: 0
server: fife
etag: "v10d"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 30 Nov 2022 08:02:36 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 466 KB
466 KB 15ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0b372e9ae12ab421df42a5af985323cae37ba308cdd5e6dd3312ff8b32834226

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 06:10:08 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 477172
last-modified: Wed, 29 Sep 2021 16:39:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 193ms
193ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryRRIVJnlzBItiDrTW

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
240 B 200ms
200ms Ping
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywtItppVOH3u5jmgz

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 582ms
193ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
0

POST
H/1.1 204
No Content hb_analytics.aspx Show response
prebid-inv-eu.admixer.net/ 0
240 B 597ms
200ms XHR
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://89.184.83.166
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame 5877 28 KB
4 KB 75ms
40ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/body.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-6f34"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/108/ Frame 3E10 52 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/108/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 01:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15164
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 00:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 06 Jan 2023 01:58:24 GMT

GET
H/1.1 200
OK body.js Show response
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/ Frame 9832 73 KB
8 KB 73ms
42ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/body.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:08 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: W/"62583d7f-1229f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:08 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 182 KB
182 KB 14ms
14ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672920608&ei=wGm2Y47DDtaH6dsP2Yuh4As&ip=2a03%3A1b20%3A6%3Af011%3A%3A6e&id=o-APwLWzpRX9TMnqQTuZIOXYpjXp_0QuNpIOFFdegxKhtx&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C26&mn=sn-5hnednss%2Csn-5goeenes&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=2831250&spc=zIddbF2SDkAc5X8LHN5oDTviv83uA3c&vprv=1&mime=audio%2Fwebm&ns=-XtsROSj6HLWVKR-P3nsROMK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672898481&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=oK-LLbtAdJuClQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgPU2ZY4qENbMvySzVbFlyPtRBXguo7ichPxdfw89AycoCIGZfuAd-_b6AcRR7y1TbWfskwReS6vwK1r4CqLAgT1jx&alr=yes&sig=AOq0QJ8wRQIgfelEqVX9Q86_6p8_1OJPr0l1oq1RvI5pe_GWEsPCeTcCIQDL4WVLUAFEMV3Vv0UX4LQAmKdG1JP20l4w4nKO84eSCQ%3D%3D&cpn=Uvayua1N7YHjvOYl&cver=1.20230102.00.00&range=198401-384335&rn=5&rbuf=8049&pot=D8r-9isOF0mTysbfXHupi9RbdbXKsIDhp3qzxU-TrOjukcsM1o3c1MViVC2kx8ax8pxu4nrP8d7tiXSRpzgknCpZ9T-8V1D6BLK3iJNAok54qyvZjmtKc5prDA6eYlkq1mbArSs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f68765c84ec95b1ff4d5777d234430b6b429ba32a153c57ca1190259195f3591

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 06:10:08 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 185935
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 06:10:08 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3E10 28 B
57 B 52ms
50ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672899009000
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008024&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:09 GMT

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame 3E10 0
21 B 44ms
44ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=Uvayua1N7YHjvOYl&ver=2&cmt=0.034&fmt=134&fs=0&rt=0.793&euri=https%3A%2F%2F89.184.83.166%2F&lact=826&cl=499069944&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=34408.901&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24280571%2C24292955%2C24406621%2C24409252%2C24415864%2C24416290%2C24416440%2C24434209%2C24437729%2C24439360%2C24441239&rtn=4&afmt=251&size=558%3A255&inview=1&muted=1&docid=5SmvR9wCgf4&ei=wGm2Y47DDtaH6dsP2Yuh4As&plid=AAXxfich9jXu3oV_&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&of=_fbfDd1dKjjDm6E6gf28_Q&vm=CAQQARgCOjJBTzY4R1pFWHFxYXkxb1BsYkVSakJzODBJLWU3bVlfbThhMzBaWGJBbGROVER6MXNFQWJUQVBta0tESUZxUzVEd2FyUXVLZGEtZ2JTRmNqNVpHd0ZQN2RPdXh0QkR2RmJGZVp4cXJxRU9xTF9iQkNvcjFTYW5pWHZGR05CRjRDSTM3UWFnTlRvaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:09 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame 3E10 0
23 B 44ms
44ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=5SmvR9wCgf4&cpn=Uvayua1N7YHjvOYl&ei=wGm2Y47DDtaH6dsP2Yuh4As&ptk=youtube_single&oid=L3rdz6zNy7O3wJRk1u6-lg&pltype=contentugc

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:09 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK script.js Show response
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/ Frame 5877 824 B
803 B 39ms
39ms Script
application/javascript 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/script.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: W/"63983c1f-338"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://89.184.83.166
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Expires: Sat, 06 Jan 2024 06:10:09 GMT

GET
H/1.1 200
OK body_atlas_1.png
content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/images/ Frame 9832 15 KB
16 KB 42ms
41ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/73aa91c3-1ee2-4c16-8ccc-03f3a6e6b97f/09a55ba6-821c-4ea6-b0e2-c177b740af46/images/body_atlas_1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 69b1b7cde8c4b5102d2ee01ff980537500461e4f37daee08b7a9a685ba92f6fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 14 Apr 2022 15:27:59 GMT
Server: nginx
ETag: "62583d7f-3c71"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15473
Expires: Sat, 06 Jan 2024 06:10:09 GMT

GET
H/1.1 200
OK lan-f.jpg
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/ Frame 5877 15 KB
16 KB 40ms
39ms Image
image/jpeg 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/lan-f.jpg
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: 6b5a58bed7abc5256ab007e13f9d3ff04b3316c21e4ed098bd1809d766d3d73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: "63983c1f-3d14"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15636
Expires: Sat, 06 Jan 2024 06:10:09 GMT

GET
H/1.1 200
OK body_atlas_1.png
content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/ Frame 5877 56 KB
56 KB 80ms
80ms Image
image/png 185.46.149.20
GT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.admixer.net/test1/c7398adc-ae52-4992-980d-691036ddd74e/69b710a2-711f-4b98-ada3-5b34fed0b45c/images/body_atlas_1.png
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 185.46.149.20 Kyiv, Ukraine, ASN44600 (GT-AS, UA),
Reverse DNS: 185-46-149-20.net.gigatrans.ua
Software: nginx /
Resource Hash: a79ad31ca964c992bd2c085dde8e3980c64e9447ce49d26e8a20bfa18adb5cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 13 Dec 2022 08:47:27 GMT
Server: nginx
ETag: "63983c1f-dec1"
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
Cache-Control: max-age=31622400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57025
Expires: Sat, 06 Jan 2024 06:10:09 GMT

GET
DATA 200
OK truncated
/ Frame 5877 589 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 75ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 06:10:09 GMT
x-amz-request-id: 0VBX1BWD3S1A6V8P
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: pQ+jrNPUFKPfQ/gTJNpVZPsTUUUaoqSYT/RmuqthVo7lBwjCJux4bnlWYYDOD5Amd//bd70XbV0=
x-served-by: cache-hhn-etou8220096-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1672899009.328301,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6567

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 210ms
92ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e758cf84048b193538fea8d5f86c0c2becab66ddcfb2ec212d6801b7de38d5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11117
x-xss-protection: 0

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 7ms
6ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 06:10:09 GMT
x-amz-request-id: RRKTSGB1GZCRV89T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: 4l8iY1Ay2BHNb7bAAyZxHOGToVbGcN6NeFSHhghIiVqS7k6LFqaFdOqdUnsrfIawKvLFJTqoZdc=
x-served-by: cache-hhn-etou8220096-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672899009.343344,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6513

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 8ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 06:10:09 GMT
x-amz-request-id: RRKWZFQQ82P9RYZP
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: uHhi53JMteirXrk4bE2zQ2rfInN8pgMnDTKzRkPSovJM5y5AVhKYCmSakQr/ADpTIHYCwno/iPU=
x-served-by: cache-hhn-etou8220096-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672899009.343706,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6497

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 9ms
8ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 06:10:09 GMT
x-amz-request-id: RRKJK0718AC26354
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: l8ESbNTyyn/P6dzRQLIojLa2rg4VwhS8fdNMFOt9gg/d/4/Kp0bjEjLMX+zdfv6F8ScooaaycLs=
x-served-by: cache-hhn-etou8220096-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672899009.343786,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6498

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 1 KB
836 B 8ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: 89.184.83.166
URL: https://89.184.83.166/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 05 Jan 2023 06:10:09 GMT
x-amz-request-id: RRKZW6YW5QXSXTC9
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 2hx6bADpueBAuZxvc4FgrJAgB75cBAbWtyO/2W1dg52zl/c4Dh4x5VSG4Lno06GEGXD2M/AJ6wU=
x-served-by: cache-hhn-etou8220096-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1672899009.343789,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 6493

GET
H/1.1 200
OK 06fd25c80d Show response
bam.nr-data.net/1/ 49 B
518 B 269ms
240ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/06fd25c80d?a=262957204&v=1220.PROD&to=blxXZhMDDxZSWxYKWFcWYEAITQgLV10aTUdRSQ%3D%3D&rst=4236&ck=0&s=0b329e9ae2497b38&ref=https://89.184.83.166/&ap=807&be=1310&fe=2826&dc=557&perf=%7B%22timing%22:%7B%22of%22:1672899005119,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:47,%22ce%22:355,%22rq%22:355,%22rp%22:1278,%22rpe%22:1280,%22dl%22:1280,%22di%22:1866,%22ds%22:1866,%22de%22:1967,%22dc%22:4136,%22l%22:4136,%22le%22:4142%7D,%22navigation%22:%7B%7D%7D&fp=1496&fcp=1496&at=QhtUEFsZHBg%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:09 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 784a0c98ab4c6958-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 409ms
144ms Script
text/javascript 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:10:09 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 200ms
199ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8357f430-2b48-4c59-b4ab-3e3f923a8bce

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 201ms
201ms Image
text/plain 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=7643a12b-a173-4c9e-90bc-338ed2e42c90

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 05 Jan 2023 06:10:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EC7E 28 B
57 B 51ms
50ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672899009866
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cj7swk3FTZw
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtPcTZzRS1SR1owZyi-09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899007261&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C340%2C191&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 06:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B76 13 KB
5 KB 144ms
47ms Document
text/html 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 31264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 Jan 2023 21:29:06 GMT
expires: Thu, 04 Jan 2024 21:29:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C7A7 783 B
536 B 52ms
48ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01487994c82222a1482c0817bae45e6804e1e521e4039c404bd21f26e5cf43d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gd9YWUFF94AxiB-bbjmbNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-Gd9YWUFF94AxiB-bbjmbNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:10 GMT
expires: Thu, 05 Jan 2023 06:10:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 201ms
200ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:10 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7A7 0
0 184ms
80ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=2097897197727682&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 200ms
199ms Image
image/gif 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 06:10:10 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B76 36 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 09:25:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16068
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 09:25:46 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0B76 0
10 B 54ms
53ms Image
text/plain 2a00:1450:400d:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?A5FpLw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:808::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=2097897197727682&bg=!V1SlVBDNAAYDMoyoIzI7ACkAdvg8WgvI0rQh17FFVeC1DEZYDKYsS6Envr-dvNp8SETc-3RYODrkaAIAAABsUgAAAAJoAQcKAF9jXoE8ByYgqToAOg5bTuBJYIknlFa5a_03Y2Zye2-R5EZ2FzYsAWojm9XpiB9_wr8CjKp19iErbvOYPBAVVTFuLLiod1gK639tPzyflAOrtsOT-bO74CBkDCibJ4-fmpkCr2uNfV9OBYwZ9HSPWuaUhPBzvgucbEODik_xfoLbNG8d9ktqVIGbysVslBl_Tt0nnE7FijRCkvPHB4RKWNxBvmZc7Y8NWbmevnL6bs4sKR_QzyPwjfY8EfCFqCfveKsz23Eiq_Aj3-Dt9G3rIrmLzJW0xr9DFryZzW6mFKHKDPRHi9O9oXFZGANDSmUtA2HCddk5z8v1mRy_s1OcCwI5mOk38GxiMcZHSaWfHqzAwIy3s1q0EWq5VbSz2U5hnbdWntIU2hW5z1YGlH8BcxNoh5Lyzq5xln_z4xnSeSBEBcOdkde62QvdZ8GDThPvYmZo3eHaTg_fvwfZy5a0SIlNCX8GWCiPRs4O0KzHhGnwmJO2_OUMOEAOVQ7okwW6024MiAMSVp3PXMF8AfaEu8IQORsh4d1xkA9ONpwiD_Ie8YpM-jDJCqlzLVoYBC_Dlw_3s2AzZ-ubDESXHqIcEoupQBCFH11xcF67Nvdssx8VXz27ZS8NkcX9w5lZY7awcVVTMMUvOsNe64npsO_WvFfis0YrvGrOrHG7jKAog6ydMholC0A-qUsJj0fCdd1HfcU8bw63pNOamRmWZ5ZbYxyW1IeCWpLkrOm9f4JZGjQYqLh8lsXEGelDcLqYpz4EUi2KTciSI_1QKEdi8Z_OjBjrGQ0QAdSKFlIoUvPgXFiDFhPvdnPIG3BRC2RWirKAa4n-lSZdqRdLksRqCogfqP1SUoWw8eJmGsNCShwMeC5t_ulrNipKe6cELj1y-AqEO-YA6fZ2_Xn7stW_I6yWaio1tnTEX0r9JD4p0vYJLpZrhf9yvBpumuVw7pFk8zw0salek-x-UTmD_2JyLalkYcRmcAK1MwKp7AUEHLDmcC86A7Y796XOt0UfTPKfiZn_0ETn8X6ut7juklsKQOyDOuQMyg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 71ms
31ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Jan 2023 06:10:11 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3E10 28 B
57 B 52ms
51ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time: 1672899011140
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008024&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 05 Jan 2023 06:10:11 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C694 15 KB
6 KB 47ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=89.184.83.166

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://89.184.83.166/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 06:10:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 764220
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 50ms
18ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://89.184.83.166/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 06:10:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 06 Jan 2023 06:10:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C694
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=89.184.83.166&sn=ChromeSyncframe&so=0&topUrl=89.184.83.166&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=BNl8Jnx0YjVadStDU1lBbVJiZmtVL2xzbGRyMUsyM3hWWmt1a1RLZ3FRVlVJNUc5NkpwUCtoYnNCeUFJME1WL3I0VFNkNXNkVWsxOS94TzM2UVAzK1ZaYkFvenVEb1h4R202NVVvNmFHdncvc0tjbHVFUTZ3blBmbGl3Z1...

422 B
664 B

57ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BNl8Jnx0YjVadStDU1lBbVJiZmtVL2xzbGRyMUsyM3hWWmt1a1RLZ3FRVlVJNUc5NkpwUCtoYnNCeUFJME1WL3I0VFNkNXNkVWsxOS94TzM2UVAzK1ZaYkFvenVEb1h4R202NVVvNmFHdncvc0tjbHVFUTZ3blBmbGl3Z1ptd3d3YUV4aGpnbUgrR3pSWW5ZSnRzT0JRdFRIS3VlMHB3Z1ZZZ2M4SUg0dTY0QUZJV2lWNlRCYXpaWVFUU1RZamYyaitEckpzZUNZMWp5MTVWTXNXeFdsekgyK3JVTmNlVHdrVXBnTmlpaW5uZG80REhpN0xhZE9JTHk0QjRMWnJWTnZjRFU4b2FPTGRENGs3QUt1ZFMweHFHVlF4UT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

484d8381da148a887b566d079248b375cde0554ce19f4adc02ee0d85fd170063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2041090
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:10 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=BNl8Jnx0YjVadStDU1lBbVJiZmtVL2xzbGRyMUsyM3hWWmt1a1RLZ3FRVlVJNUc5NkpwUCtoYnNCeUFJME1WL3I0VFNkNXNkVWsxOS94TzM2UVAzK1ZaYkFvenVEb1h4R202NVVvNmFHdncvc0tjbHVFUTZ3blBmbGl3Z1ptd3d3YUV4aGpnbUgrR3pSWW5ZSnRzT0JRdFRIS3VlMHB3Z1ZZZ2M4SUg0dTY0QUZJV2lWNlRCYXpaWVFUU1RZamYyaitEckpzZUNZMWp5MTVWTXNXeFdsekgyK3JVTmNlVHdrVXBnTmlpaW5uZG80REhpN0xhZE9JTHk0QjRMWnJWTnZjRFU4b2FPTGRENGs3QUt1ZFMweHFHVlF4UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 535372
content-length: 0
expires: 0

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
531 B 200ms
200ms XHR
application/json 146.0.227.109
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=8c9403df-6eda-4a0a-afb0-be7b68ca005d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

3845fc6f0be3613f4b0513c2201780612cde5eba789a35feceb24babbe61ae51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://89.184.83.166/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 05 Jan 2023 06:10:11 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://89.184.83.166
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame 3E10 0
21 B 44ms
43ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=Uvayua1N7YHjvOYl&ver=2&cmt=3.242&fmt=134&fs=0&rt=4&euri=https%3A%2F%2F89.184.83.166%2F&lact=4033&cl=499069944&state=playing&volume=100%2C100&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&splay=1&hl=de_DE&cr=DE&len=34408.901&rtn=14&afmt=251&idpj=-7&ldpj=-8&rti=4&size=558%3A255&inview=1&st=0%2C0.072&et=0.034%2C3.242&muted=1%2C1&docid=5SmvR9wCgf4&ei=wGm2Y47DDtaH6dsP2Yuh4As&plid=AAXxfich9jXu3oV_&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&of=_fbfDd1dKjjDm6E6gf28_Q&vm=CAQQARgCOjJBTzY4R1pFWHFxYXkxb1BsYkVSakJzODBJLWU3bVlfbThhMzBaWGJBbGROVER6MXNFQWJUQVBta0tESUZxUzVEd2FyUXVLZGEtZ2JTRmNqNVpHd0ZQN2RPdXh0QkR2RmJGZVp4cXJxRU9xTF9iQkNvcjFTYW5pWHZGR05CRjRDSTM3UWFnTlRvaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:12 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 3E10 0
23 B 55ms
54ms XHR
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=Uvayua1N7YHjvOYl&ver=2&cmt=4.558&fmt=134&fs=0&rt=5.315&euri=https%3A%2F%2F89.184.83.166%2F&lact=5348&cl=499069944&mos=1&volume=100&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20230102.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&splay=1&hl=de_DE&cr=DE&len=34408.901&fexp=23983296%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24280571%2C24292955%2C24406621%2C24409252%2C24415864%2C24416290%2C24416440%2C24434209%2C24437729%2C24439360%2C24441239&afmt=251&muted=1&docid=5SmvR9wCgf4&ei=wGm2Y47DDtaH6dsP2Yuh4As&plid=AAXxfich9jXu3oV_&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F5SmvR9wCgf4%3Fautoplay%3Dtrue%26enablejsapi%3D1%26origin%3Dhttps%253A%252F%252F89.184.83.166%26widgetid%3D1&of=_fbfDd1dKjjDm6E6gf28_Q&vm=CAQQARgCOjJBTzY4R1pFWHFxYXkxb1BsYkVSakJzODBJLWU3bVlfbThhMzBaWGJBbGROVER6MXNFQWJUQVBta0tESUZxUzVEd2FyUXVLZGEtZ2JTRmNqNVpHd0ZQN2RPdXh0QkR2RmJGZVp4cXJxRU9xTF9iQkNvcjFTYW5pWHZGR05CRjRDSTM3UWFnTlRvaAE

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5SmvR9wCgf4?autoplay=true&enablejsapi=1&origin=https%3A%2F%2F89.184.83.166&widgetid=1
X-YouTube-Client-Version: 1.20230102.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsxbDBKcUk2SkN2NCi_09mdBg%3D%3D
X-YouTube-Ad-Signals: dt=1672899008106&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C558%2C255&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 06:10:13 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 320 KB
320 KB 16ms
15ms Fetch
audio/webm 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr5---sn-5hnednss.googlevideo.com/videoplayback?expire=1672920608&ei=wGm2Y47DDtaH6dsP2Yuh4As&ip=2a03%3A1b20%3A6%3Af011%3A%3A6e&id=o-APwLWzpRX9TMnqQTuZIOXYpjXp_0QuNpIOFFdegxKhtx&itag=251&source=youtube&requiressl=yes&mh=mj&mm=31%2C26&mn=sn-5hnednss%2Csn-5goeenes&ms=au%2Conr&mv=m&mvi=5&pl=48&initcwndbps=2831250&spc=zIddbF2SDkAc5X8LHN5oDTviv83uA3c&vprv=1&mime=audio%2Fwebm&ns=-XtsROSj6HLWVKR-P3nsROMK&gir=yes&clen=493160999&otfp=1&dur=34408.901&lmt=1632937930182785&mt=1672898481&fvip=4&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=7211222&n=oK-LLbtAdJuClQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgPU2ZY4qENbMvySzVbFlyPtRBXguo7ichPxdfw89AycoCIGZfuAd-_b6AcRR7y1TbWfskwReS6vwK1r4CqLAgT1jx&alr=yes&sig=AOq0QJ8wRQIgfelEqVX9Q86_6p8_1OJPr0l1oq1RvI5pe_GWEsPCeTcCIQDL4WVLUAFEMV3Vv0UX4LQAmKdG1JP20l4w4nKO84eSCQ%3D%3D&cpn=Uvayua1N7YHjvOYl&cver=1.20230102.00.00&range=384336-711774&rn=6&rbuf=14174&pot=D8r-9isOF0mTysbfXHupi9RbdbXKsIDhp3qzxU-TrOjukcsM1o3c1MViVC2kx8ax8pxu4nrP8d7tiXSRpzgknCpZ9T-8V1D6BLK3iJNAok54qyvZjmtKc5prDA6eYlkq1mbArSs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e87fe5613828f74cb0baea1258a4ab1496b6922f66489408ded1a2a390166976

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 06:10:14 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327439
last-modified: Wed, 29 Sep 2021 17:52:10 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 06:10:14 GMT

POST
H3 200 videoplayback Show response
rr5---sn-5hnednss.googlevideo.com/ Frame 3E10 1 MB
1 MB 15ms
15ms Fetch
video/mp4 2a00:1450:400e:1b::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

0cd1ba9c54876a63086e34ab513b855eb65254665d22b3b9e6913e7679df968d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol: quic
date: Thu, 05 Jan 2023 06:10:14 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345624
last-modified: Wed, 29 Sep 2021 16:39:25 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 05 Jan 2023 06:10:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Domain: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.admixer.net/bs	1970-01-20 10:51:15	Name: am-uid Value: 87855ff79f644ac6919bbd455c8b4141
89.184.83.166/	1970-01-20 17:14:17	Name: sess_id Value: 8702b0e02684480361381cdec3ac30d8
89.184.83.166/	1969-12-31 23:59:59	Name: Value: store.test
.yadro.ru/	1970-01-20 17:26:42	Name: FTID Value: 1Zjcc-1YO68T1Zjcc-003D1c
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: N6yHOIi5CME
.piano.io/	1970-01-20 08:41:40	Name: __cf_bm Value: P5UjHELlvl6OBe61EQORWuhPxzq761P87MEefBoRNlk-1672899006-0-AfIR3+14G4MysvZZBAYQEH3JEgguTbCp+IXEK+8/cJbKy5YhmmBJXCx4hyOSm8bz9ChliVZSAVGWEmtM1ohnUAI=
.yadro.ru/	1970-01-20 17:26:42	Name: VID Value: 15krkx1hHbOT1Zjcc-003D25
89.184.83.166/	1970-01-20 18:17:39	Name: _ga Value: GA1.1.2082480726.1672899007
89.184.83.166/	1970-01-20 08:43:05	Name: _gid Value: GA1.1.931726768.1672899007
89.184.83.166/	1970-01-20 08:41:39	Name: _gat_gtag_UA_5812255_8 Value: 1
89.184.83.166/	1970-01-20 10:51:15	Name: _fbp Value: fb.3.1672899006981.1008784447
.youtube.com/	1970-01-20 13:00:51	Name: DEVICE_INFO Value: ChxOekU0TlRBME5qVXlOVGd5TlRVME16Z3pNdz09EL/T2Z0GGL/T2Z0G
89.184.83.166/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1672899007377%2C%22visitNumber%22%3A1%7D
89.184.83.166/	1970-01-20 17:27:15	Name: pnespsdk_visitor Value: ddnuyyuf7rjyiwuv
89.184.83.166/	1970-01-20 08:41:39	Name: _gat Value: 1
89.184.83.166/	1970-01-20 17:27:15	Name: _hjSessionUser_1232730 Value: eyJpZCI6ImIxNjhlODQzLTMzNDMtNWVmYy1iYTMwLTE0ZGZmM2Q5ODk1MCIsImNyZWF0ZWQiOjE2NzI4OTkwMDc1OTgsImV4aXN0aW5nIjpmYWxzZX0=
89.184.83.166/	1970-01-20 08:41:40	Name: _hjFirstSeen Value: 1
89.184.83.166/	1970-01-20 08:41:39	Name: _hjIncludedInSessionSample Value: 1
89.184.83.166/	1970-01-20 08:41:40	Name: _hjSession_1232730 Value: eyJpZCI6IjcxYTg1YWMyLTAzODAtNGQ1OS1hZDc4LTYyYjEwZjdlMDFkMyIsImNyZWF0ZWQiOjE2NzI4OTkwMDc2NjYsImluU2FtcGxlIjp0cnVlfQ==
89.184.83.166/	1970-01-20 08:41:39	Name: _hjIncludedInPageviewSample Value: 1
89.184.83.166/	1970-01-20 08:41:40	Name: _hjAbsoluteSessionInProgress Value: 0
89.184.83.166/	1970-01-20 09:24:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.admixer.net/	1970-01-20 10:51:15	Name: am-uid Value: 87855ff79f644ac6919bbd455c8b4141
.adnxs.com/	1970-01-20 10:51:15	Name: uuid2 Value: 2749769942752067035
89.184.83.166/	1970-01-20 08:51:43	Name: am-uid Value: 87855ff79f644ac6919bbd455c8b4141
.creativecdn.com/	1970-01-20 17:27:15	Name: u Value: GCP18mkUkto94YKBulNf
.creativecdn.com/	1970-01-20 17:27:15	Name: ts Value: 1672899008
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid Value: 2fba4ef2-448b-4ffb-b9ae-678b5cdf872b
.bidswitch.net/	1970-01-20 17:27:15	Name: c Value: 1672899008
.bidswitch.net/	1970-01-20 17:27:15	Name: tuuid_lu Value: 1672899008
.pubmatic.com/	1970-01-20 08:43:05	Name: KTPCACOOKIE Value: YES
.gumgum.com/	1970-01-20 17:27:15	Name: cs Value: true
.gumgum.com/	1970-01-20 09:24:51	Name: loc Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdwXgciFy314eCa8DRCNeggGXhiT-f7JeZzLddO_-ZeqByeQVcyafU09Z_Dn94038kpcRXAVFOf9dw
.pubmatic.com/	1970-01-20 10:51:15	Name: SyncRTB3 Value: 1674086400%3A220
.pubmatic.com/	1970-01-20 17:27:15	Name: KADUSERCOOKIE Value: 0790D1B7-801E-49A0-852F-95F2B1583EF9
.adnxs.com/	1970-01-20 10:51:15	Name: icu Value: ChkIgqSAARAKGAMgAygDMMDT2Z0GOANAA0gDEMDT2Z0GGAI.
.rqtrk.eu/	1970-01-20 08:51:43	Name: browser_id Value: 1:b2349412-de9b-4f88-8765-eaadce971642
.doubleclick.net/	1970-01-20 18:03:15	Name: IDE Value: AHWqTUmeKHZhgGgXEJW_Uyz4oHpv0piBG9xFN_s6I3B6S2H9Yre4KO4bVE92NGfftfw
.pubmatic.com/	1970-01-20 08:43:05	Name: pi Value: 160846:3
.pubmatic.com/	1970-01-20 10:51:15	Name: chkChromeAb67Sec Value: 2
.criteo.com/	1970-01-20 18:03:15	Name: uid Value: f29ee005-f592-44f6-9b46-84c7a83f524a
89.184.83.166/	1970-01-20 18:03:15	Name: cto_bundle Value: -hEdqV9UJTJCV0JxUVV6QmVsQ1IyR1RoMmVyZTBORk9IM2xBMjhZM1p3U3BlUkc2VW1TMjdGRzI2MW03dlJ0VTVoMTZmM0dGQXVRTmt0ZDAlMkJyU090TU9WWGptRUxXR1lmWHJ4V1VmJTJCSmJUMFFWazNubHhtc1F5Q0lWTEpCZVJ2ZEp0ZDY2Z1psSFhoWkhxQ2RmU3dyTVgxeU5ld0ElM0QlM0Q
89.184.83.166/	1970-01-20 09:24:51	Name: admixerId Value: 87855ff79f644ac6919bbd455c8b4141

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://delo.ua/delo2017/js/counters/xgemius.js/ Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
other	warning	URL: https://www.youtube.com/s/player/e5f6cbd5/www-widgetapi.vflset/www-widgetapi.js(Line 1115) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
accounts.google.com
adservice.google.com
adservice.google.de
adx.adform.net
api-esp-eu.piano.io
apis.google.com
bam.nr-data.net
bidder.criteo.com
cdn.adm.admixer.com
cdn.admixer.net
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
content.admixer.net
counter.yadro.ru
creativecdn.com
delo.ua
f1a8e2c158f6218065b2956bf9f05438.safeframe.googlesyndication.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
in.hotjar.com
inv-nets.admixer.net
jnn-pa.googleapis.com
js-agent.newrelic.com
m.trafmag.com
mug.criteo.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-inv-eu.admixer.net
rr5---sn-5hnednss.googlevideo.com
script.hotjar.com
securepubads.g.doubleclick.net
ssl.gstatic.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
prebid-inv-eu.admixer.net
13.32.27.21
142.250.201.194
143.204.215.118
146.0.227.109
151.101.130.137
162.19.141.161
162.247.241.14
178.250.0.157
18.196.254.35
185.184.8.90
185.46.149.20
185.64.189.112
185.64.190.80
185.89.211.132
193.200.65.6
198.47.127.18
198.47.127.20
2.18.232.7
2606:4700:10::6816:35fc
2606:4700::6810:f015
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200d
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400d:806::2001
2a00:1450:400d:808::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2006
2a00:1450:400e:1b::a
2a00:1450:4025:401::9d
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638::3
2a02:26f0:3500:11::215:14cb
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::62
2a0c:5c81:5142::2
34.249.37.235
37.157.3.30
44.195.196.224
54.171.106.172
88.212.202.52
89.184.83.166
0065aab22bd5cc349bbc0e722467bbd4017ff4556525e079291ad929f43efb25
01487994c82222a1482c0817bae45e6804e1e521e4039c404bd21f26e5cf43d0
0149da2dcca03d3a4c8ab3e8796ec25b4700f46d2a1bec1c59cdb2f6daa7cf98
0176d4b7efa07e00f0111aed2eba384aaffae02bd4b4b14f24e81c7816fa8847
02df4925b4c30e297c8e77cc306cf1b1d04ae4e976be60ac50cf67408d13bc38
02f8f614efe0854ddeba2a05b4756b6d467e94a755b579550e6313ca6d818abc
03c0c8de96c5509603e802b8f9ac8825d0fc79b7f6a39139d10164420fa7d3d9
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
052ff51beccdf8182f726a777e857df7b4c50174eff6610257d50a6d24da06b4
0704ac8b04bd3179874b490582e4129799828e9420522a70eda29d3347635313
0a78cdfd041c9a17fc239c0e6babb558fba53cfaa95700b2318c8a3ac8f7e698
0b372e9ae12ab421df42a5af985323cae37ba308cdd5e6dd3312ff8b32834226
0cd1ba9c54876a63086e34ab513b855eb65254665d22b3b9e6913e7679df968d
0d173137e6d7fab67e8e696fea473731e28fed08d552de686256d0d9dfa21275
0d7e8ffd0347d3ec8fe14ec510b892288fadfd08038bf2fa5c8d448b8bab27bc
0e0c7a0dbd3427a6c99e5887329a0d3f4e168b30bbf1477af211a6933c453f7e
0fb909ee0b1ec7f6d945d3fc4f02c42ec4f5db329491ad7fb9f6e8f7fde518cc
100b510c8f04622669c04d979d7d3d3f5f23a2ab506feb5a66a421c6901e8bee
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
11d337785006444b0f1d9a128c0cb9f858d43fc5b4e01c375a70a7a9294ffb09
12acdb8a2ac7ff6298b619c644f819df8166c16735d3ebaa17a57f649222f5d5
131bf96ca53ca4c2f4a7e7574c3ef7567f90a136167f98d047c1bab0d6eda2cb
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
14cb94323cb455529ab1a562227c6d6a75626d3f3c6ef1e9384d1593cf7fde14
1573bafec5bb8db271b8188dbd5c18cade84864cb2d01d8d61b3d5d6ef6a6f04
1609e5fef8b9eb4be6aafe5728805386cacb518bcb5e1b1e2b28cad2041d7776
17963f9e749ff9a6126bfe4a5f65e016d7d4043d0e62936e9ca7c2e229d2ec94
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a7b4873d91ec0c4a2b1e98ad6a0dfa3ec3d6c827cd347b46c0f101fb9d857b1
1b742e99f7879210cdba49ceb11018f3c3b36b35386cf1dc3b2ef479895815da
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bec22d0a46b2239935880ce9f8e0015532f67f68a2ced5cf7a0dfc001377783
1d3b5e2512f23c40d71d0c08ee189866d38c753056ec140fbc5cb1a3a8b373b7
1d41702a8a00f2100072307bf64864d111b2036f8341d62da46311636e975e0f
2153512e5fa3ec1253db2a15547681b17f9134466b8faeb1ef3e793213fad97e
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
2376fbd5427f7255c8e164ee17651a11a14e56901ce0500856fcf7dc51a109e5
255cae36e18b3e56d4a4c7aca943e0d494a29cf4f1db3f675db78bcef8d12c74
25ad976d86fd6d5797433ffb7fe13ec462a8faa8553bc937a9b7d2117a88f4c8
25f411f5160d0e8b79d3e138181a95ea53fe98290e5c122188024d88321a4f5a
26f4fa38bb374ed737f85001726a9e16aa2646a6bd4ba58dab157c0d0277b0c6
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
28f05c94d67836beac03027bea2f48d141611b085e12e18088a67e3cfdeef7b3
292b834e0639b060c72ad1277bd443084c1a66f46b8292be72bac687e38484b7
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2c0a749efc0b4d387c753b776ade50fc9b525a6536946b25c1e00b3df9a7e1c0
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2fb79490e7b334bd4aae1679ec8ca15d1e080b5231346364e8e1700ed05da262
300e6fffe3f6d8727dcd71853fed1cf0321ffa78494a9a3df7fe0b0c745f2d6d
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
326a1475047fc55e20e7b309cca2afbbaa10de6facd8acca827939a617732d44
32b70ab5fc48590df0a00789276a79331f0c3eef1ebca7b0e518d3dd63dab541
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
3845fc6f0be3613f4b0513c2201780612cde5eba789a35feceb24babbe61ae51
394a2e32a68e50487e359d5aa6fb28b6a53a682e5d7b8b48548747347860959c
394dce7e4c301cef115be471e7994b635771915e34057f5c0eeff510a1e23436
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4043b430cdb3bfcb0b40d3833904230c7c2a471de20da0af50995fd1ed2168c8
411f21278180f62617f63716ff8a7db529f1f322e1dd4edc6723989c7fbe1a29
4286480951a2f877dea5ed5cc89e867f0e5870731c4d9e7c0f129538a90cdd4b
43ab97e177e8b7e7417405c76411af0cff03307b9474e65b1d8d0e7c153d4fcf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
472c294a89dcde758b37b51698a4cc2f5717b949934665dae2b5c5d6a2ac6c0d
482b4ad2aca72e665c29835c477165576200217a153ade81694f9a795f0558a0
484d8381da148a887b566d079248b375cde0554ce19f4adc02ee0d85fd170063
4982fd9fe7a4adea31ea09520794d2d6ed31f097cd41020dce0ec1937a6fc668
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4bedf8e2051759eafef8a4c64805d0c66798f02feb371b67b7d310b12f81c83e
4c154f99fe5dad7a87e5b35d2af00d2be584e50a881a0d59981c2310f0dbe78c
4c57f62a304f9d10babab4b8d3ebc274b5c3dacdedcbb5e19bc92ad6b52162a1
4deaabeabf60c9607099c6706595c0780618f1e26c016626c428c3f376db32d7
4ee361b03553757b47cd09354b7b141bd6b1d22cddf84c2866dfc6e401c27cc8
4f150f75e5e901aa4761c94916ec09efd6195bc67c275314ef10fb40f89bc7fd
4fac05547f67b240219ad2a04113a090141704abd68631c6ef29669ce9851d28
51abcbf7f761a0bd7a496a721524975c973dfd86d293fbec44da8ebdd0c70f9b
52b8d2de809d1038e13129c62940477dc56c38ad07072fe839a112bc5b67a453
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
54a60ee7cc9aaf064dae78a7c5d8a1261f6d544f903cb22c6eed904721ff4cae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57c9dd73905368e6de71c6750472d111ee224d0b293d16192236a2729f51d865
5a00c549909c3e4186f0525545b2f4754c134d57dcf89ea1d94de034dcdc4824
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62527fc70658a07d880fe259fc2bc74b745cae15edc0511fb276b9bafa7c5745
63d03491f10c3a5505820ed3506127c409bfd2ebf7dad71e4f8d2e6ab48a1052
67c7e0bf05da7b24d79b355de597384ba320fb3f7ae2dca0d2552e63908d22e8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
69b1b7cde8c4b5102d2ee01ff980537500461e4f37daee08b7a9a685ba92f6fc
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aba63345a774be90643ddd2fa76dcc3116bb2e1aa6fcb5c72b925420da4fd68
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b038b52e0d8a48ea1c9c119d9e1482852c0c5947c1ae1a71c8933c26f89268e
6b5a58bed7abc5256ab007e13f9d3ff04b3316c21e4ed098bd1809d766d3d73f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb74183b0b39ae7c185d3d352fd875509d861bc9a2988e920c53fd42423f32e
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6d91918f429198067f0b35deb428650399532fd2593c649d3ec036f36749bf55
70e7ea50d23c538692bbd47bcf1f82d46a4f532f14b2c87aab660eeb4f8485e9
728c5b013e45bce8cf574f6b7d73d212a440f4e994835127628d0d11a4a7c3ee
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74074051fc932cd82e8e6275fab28abf20202ea7811ff0385435d098d33d16eb
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
78a44c5cab82009186fe04080b14fc5ddbbb19c3ed226d47b8546039378f456d
7bcc90008afba9f780894e08c0dc17c267bcb721e035a8e3b401c422d539ca62
7c1ed20a3a66178e281109e3bf99dd278456eeea71357c6562ebb61aa0c269fe
7dc2f5e7cae7a1e20249f7624c440a190bdc76f3a11ac17e6676cc5acd8eedb4
7f4883e988bed7cc4679dd4b58c3f255bceb8784c99262cca1d82607eeb66181
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
803fe9f27b76a391e1f762d984b1fb2a88a39082660856eb8a3f7be0a09e32ee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d51d3f3a30d5822a65006f7bef95bc33f3fd9c28f87af14cff97d0598d98ca
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f00f62bb8aefd6e52812573503401805369c9334e4fcad98e231e5bb7f4256
8b01ae07d576508924e94bcb64077b32ea92447c567b52af5ed0bbdc79a30d75
8bcff72eaf8dc966f6d4c9fa1a32b5c74dabb90ce5cf1f44ac273b2df593b306
8d3b9c4398eeacaf32c66007285a066d9eea8149e7281646511bca4f7c25e11e
8fbf0cb4fbf892c6adced48d299ad8715fffe44854652445614a69f65953a1e3
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
95f883ae84c1ccd334c227997a3cc86f571d68e4bf712413058f4bbc63c7ad93
963eb58029e69121c912be7093ad23b8ade26a80d67ab09e87ce8bb714cba08e
97268521aec760c4a0b224bf07f6fd2d4d547c1948d40105a9e898663e68d353
973fdb9bac39a0ab7b0e9dec0f7f32f4603a5786a265f7e9e167ec4e56dda947
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
9c1d1179b013869eed0a88ec75b0151b8a4d3815acb6986533c5a24bbb3b9364
9cdde54f5bb000acacaae3c958ece52fc805ebaa56ebb07aac43f20dc2c54898
9d3deafb0a4b47c613b368da3a658bb0412d214d341115a412a86fb9c7bc99f4
9fa82a4d6807bb0592da46aefc1e66c463a05823759867c21362054c2942d9c0
a174ce3d0e66cfea95ba4288c928291b37bd679f3044ac1a7f4dc3958036be11
a3d21d5a0d84e6a6cdca677e5541eb7345b0181b96dcb0a4b020b013c6797a21
a4549e751b1fac0d7954f4df4f4eba0f1c4799264a5d039a26b092f25b196e88
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5769bd2f91e1cb153da6a96c75d536be28d157a6d62c56ecae5c06fa0135366
a72a95f45380c28a3d910c4f43c02ce7992a1ba853f410f9f53a45f18433470b
a756a22eee9196f8b9494d9a4402f2cdc8a0b545573a1b74782e1dc25bcda62f
a79ad31ca964c992bd2c085dde8e3980c64e9447ce49d26e8a20bfa18adb5cce
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa775b93bf75fb6c93c261cad367ba79069a1536e6139213af0b65cfccd43b51
ab28873c8e8d1c2243a8b503355f7dec5849c4c7eea5d7d8f5344444324e2c31
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
ac3a5ec9e9c5897a10256c95f5fe5e7041ca9368b63cbef90b251b168c9f6ad6
ae3d1b52f9b468516f252fe7c6281de5ed1f40188eb2cda93547f358b9276a8e
ae8466dd4772a3ee4fd5ebe687958432611c40f33a4ac8670c3709ad12ea420c
aea719c98c9b1a0ed5150b00837be7ef3feb2598dbc23b4ca08b223dd6112fa6
af16335bf6b483d1af48346fc533aaac9c13d409bcb0c0947b82ac89b577aa7e
b17d9c5b043c2813aeeb64c3cf08b318ebab7a1894aa4a77538d2a3c7c4dde46
b19a1e5b97b156a53ef43758ebc61cc4a3ea97c49649225633f991a895e1f838
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b501e04314f4ed8fc971a52a17fc9bab9339de9b9a4f61e82c83fc721e52f371
b77a69c29f7f58d57744b3f8f73d3c86824b306cea425dd71292663a7ec1009f
b8200ae953d63e0faedabd480c68facb4518654e6d3af037a08a77925012a271
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
ba2762cb9490cb7ab39632c895e7f76138e68300b42d1da8d5af681bcc30ab17
bd9d8c90d126d68422214ec080c47336499601756c5dec6a20b8fd08c0060990
bdecdf4fa55074c210b949cfb4e85db24ca0b9fd93d2f44c3056b7b5ffdda243
bf9bd542074c807245624ae2ee63906fdfc582c42c286dc2380402d758c0cb96
c01213743d506882073f6d37facbb3613ed04adc8f4d03119e7cec7cae2fcdb7
c188871d28a1309c3d593207c6e791f6361852daae1d925d1ccd27e45fc82c72
c1981fa3cfaed9f5221d75fd22e51a28023bddc837134260e85b3197e6f2e107
c42d49ff0f64cf93690bd1c1b07e7cddbb1ae86c3e3a4328c12e2932d89a08b0
c4db4bdc4a8c806de4f42f318597230243d5eab142c8f697ce35df525e1dae73
c4fb65c710f2f94db7557a79667b8a1901f4a4fa5f9af23611445a36352ec64b
c57e393f5d657a93422b59bbd2a261f438262e225ec3a8fb7dd26da598ed7584
c713fb732f360a58e509b20768ec60bd4450970b390c8d3f36fcf41fc2eb6ada
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9c09f66d7be1f776bd556d9052806719cd16f543e93441d27551df72d57a43b
c9fd93c387faf51b4dba5a4ad0a6ea830d25e6684543e09a4b6b23a6b12c207b
cab812c86d39e38d417144183925c88585ab0fbd46fd84d42f1626d9e9117440
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cc90ed8bed736bf0d285780c0e7ac790b255911e11d1bb711c0e73400c13bf8d
ccc2cc65d021d9b0caf7b63114b583d0f88f030aa20993ac639606209a316d0f
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
ce3fc33f1b59e6a46497652cf9b1b9c4935046702f204da30a9bc9859ff43d52
cecf378a0bb6355c852eb2cfe5b23159f61c914f79abe7ee09422ce41fe37cbc
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d16867bf82af6c40d1cee5465db20c707aec50aac2fbddbe74015c43cc79cfa3
d3bb6c505b9bc95c4a8e55608f679d0589fb9b54455e23adbdd2d5a7224ff6b7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d94f1b6f2b7eabad7de5adb186aeb0573d07a7d79e8d99b6e5fbf254011b9850
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa7d0b90d724263a545337797cdc60ed4fed5bf2b024dfc008fd7b52ef8201e
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e15cd918b097c42e691e1a5d5baaaf28f6955e8388dd202c2e87d36ba56ea9ec
e1672332b758b4ed6959d0309e08582342550f015c3f5116121d9fadfa4af96b
e1e3bb3543e3be16e086a3b447c61cf01dd160aad6b5466b93b0891fd5836a4a
e2ba64ef4c127560ce44129d8a8b60c04a038048d778e475521d9f6011847be6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e533aa8b1cd8002c05dfd711e18ac03974ddaad1cd915004fd9b5c3aac50e377
e7032d2bd1215f0d0661e27163bcf1800b246f4bd2a48a9ac079df1ea0be42eb
e703aac9099b3f4eafa13355c6719546c21ac18917039f17c8c0713e645f6751
e711dbb69056cb603a97ca78d056e0f1f879c25eb637c963c0f4adbe95d327c8
e758cf84048b193538fea8d5f86c0c2becab66ddcfb2ec212d6801b7de38d5fe
e87fe5613828f74cb0baea1258a4ab1496b6922f66489408ded1a2a390166976
eb55690d241b2e8e0ecc7440456d20291e51c8a98920cd45880e406f48edb0a2
ebcc03a80c0f2482958b713ef14fe9bc76a100ce4e92469607806788bdd4b826
ec4c1586b53ff9b581e654c5f390df522c6077689d46922638070c25efcde88e
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed11e5b02ae470c530cc6c5cac37df11eb257f15a1e18686f6ec74d94a11ce64
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
eda5d5b702579e91e3fbaf5639ec7b66a1ecfd36f85c7c83066bbf78ace70aaf
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eefbb147a3c52e41c1668ad3bdf7a61ededf27e6930643bb5212fb17749da2aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f568230c04284554157c289a61885eb6fdfed3ea7e0768fc82cc6ec6169ed881
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f679de601d846d13702d68e10552ff862f25ac788bcab61221147c0d0eb8b198
f67c26619d5e6c0227873e70897e746097e0d7377ff69d2c191b5fb755a42500
f68765c84ec95b1ff4d5777d234430b6b429ba32a153c57ca1190259195f3591
f693c430b149d1dd86d8e293cb2b4652eceff0397b2bda6dcc086c873b6affd5
f886ad4d62165edfc981c99b190fe5b789c3e7293ad561523bd59320c89e406c
f8e9e0f2bfdb93775d1370b2a7df4df165b460a626c9be55ba3c1d97295ab48f
f972e4acfe8115daf147547986bf67bd74830e4e1b3c43eb94300d9a327adf14
fa34aadc5bfd96f4a10d635898302472a62a115932326ff26d86d378a5ea4f36
fa60314eac1ac8b1b6a156834a67af2f674d760ad8b36348e379e627dcf62c70
fb549f61771d0a49e89d1cabb8aad1e235d7de55df6d2f18d3c40688c8eea44e
fbee5785a5aaaa8181186d891828b948c7c9c9c488dbce4e8050e0d6dd257ecf
fd4fe5bc4ecdc8918f367345e22fa3a191ea0536e0faf1b73bf3c8fa4aaec96d
fd6f037fbc41fe391a7ad687f696e6fbdbb41c06200c6a44b06df350b1a28dad
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2

89.184.83.166 Open in urlscan Pro 89.184.83.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

328 Requests

74 %HTTPS

58 %IPv6

35 Domains

61 Subdomains

52 IPs

10 Countries

9070 kBTransfer

18625 kBSize

43 Cookies

57 Outgoing links

Redirected requests

328 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

89.184.83.166 Open in urlscan Pro
89.184.83.166 Public Scan

Screenshot
Live screenshot

Full Image

328
Requests

74 %
HTTPS

58 %
IPv6

35
Domains

61
Subdomains

52
IPs

10
Countries

9070 kB
Transfer

18625 kB
Size

43
Cookies

328 HTTP transactions
4 data transactions