urlscan.io logo urlscan.io
SecurityTrails logo

picrok.com Open in urlscan Pro
172.67.187.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://imghq.xyz/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
Effective URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Submission: On October 29 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 5 countries across 37 domains to perform 111 HTTP transactions. The main IP is 172.67.187.37, located in United States and belongs to CLOUDFLARENET, US. The main domain is picrok.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 6th 2021. Valid for: a year.
This is the only time picrok.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.57.67 13335 (CLOUDFLAR...)
6 172.67.187.37 13335 (CLOUDFLAR...)
1 131.153.42.228 20454 (SSASN2)
2 143.204.101.150 16509 (AMAZON-02)
9 109.206.162.83 50245 (SERVEREL-AS)
2 143.204.98.83 16509 (AMAZON-02)
1 157.240.20.35 32934 (FACEBOOK)
2 142.250.185.205 15169 (GOOGLE)
1 195.181.175.54 60068 (CDN77 ^_^)
4 213.174.135.24 39572 (ADVANCEDH...)
3 104.17.166.186 13335 (CLOUDFLAR...)
1 172.67.218.221 13335 (CLOUDFLAR...)
5 213.174.135.25 39572 (ADVANCEDH...)
3 104.22.14.198 13335 (CLOUDFLAR...)
3 104.17.167.186 13335 (CLOUDFLAR...)
5 162.252.214.5 53334 (TUT-AS)
1 185.200.118.90 9009 (M247)
1 38.132.109.186 9009 (M247)
1 185.200.116.90 9009 (M247)
2 213.133.127.134 24940 (HETZNER-AS)
1 1 162.55.139.130 24940 (HETZNER-AS)
1 1 109.206.163.64 50245 (SERVEREL-AS)
3 104.21.34.6 13335 (CLOUDFLAR...)
1 13.225.20.40 16509 (AMAZON-02)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 216.21.12.16 53334 (TUT-AS)
1 78.46.40.103 24940 (HETZNER-AS)
1 67.27.234.121 3356 (LEVEL3)
1 109.206.161.77 50245 (SERVEREL-AS)
2 142.250.186.36 15169 (GOOGLE)
21 142.250.181.238 15169 (GOOGLE)
1 23.235.244.212 20454 (SSASN2)
3 142.250.185.131 15169 (GOOGLE)
1 5 142.250.184.194 15169 (GOOGLE)
1 142.250.184.230 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
2 142.250.181.225 15169 (GOOGLE)
9 74.125.160.38 15169 (GOOGLE)
3 142.250.185.66 15169 (GOOGLE)
1 142.250.185.86 15169 (GOOGLE)
111 38
1    104.21.57.67 (United States)

ASN13335 (CLOUDFLARENET, US)
imghq.xyz
6    172.67.187.37 (United States)

ASN13335 (CLOUDFLARENET, US)
picrok.com
1    131.153.42.228 (Phoenix, United States)

ASN20454 (SSASN2, US)
d.smopy.com
2    143.204.101.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-150.fra50.r.cloudfront.net
d1ev866ubw90c6.cloudfront.net
9    109.206.162.83 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 83.162.serverel.net
dendranthe4edm7um.com
stagepopkek.com
ilusors.com
2    143.204.98.83 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-83.fra50.r.cloudfront.net
iesboughts.xyz
1    157.240.20.35 (United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
2    142.250.185.205 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f13.1e100.net
accounts.google.com
1    195.181.175.54 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-53.cdn77.com
www.visariomedia.com
4    213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
f00961160c.25391ebf69.com
tn.txxx.tube
3    104.17.166.186 (United States)

ASN13335 (CLOUDFLARENET, US)
c.adsco.re
1    172.67.218.221 (United States)

ASN13335 (CLOUDFLARENET, US)
freychang.fun
5    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
js.wpadmngr.com
js.cabnnr.com
tn.hclips.com
tn.voyeurhit.com
12007250.pix-cdn.org
3    104.22.14.198 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.bncloudfl.com
3    104.17.167.186 (United States)

ASN13335 (CLOUDFLARENET, US)
6.adsco.re
5    162.252.214.5 (United States)

ASN53334 (TUT-AS, US)
4.adsco.re
adsco.re
1    185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com
9spmjmu2ixhr.l4.adsco.re
1    38.132.109.186 (New York, United States)

ASN9009 (M247, GB)
9spmjmu2ixhr.n4.adsco.re
1    185.200.116.90 (Singapore, Singapore)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com
9spmjmu2ixhr.s4.adsco.re
2    213.133.127.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213-133-127-134.clients.your-server.de
wpunativesh.com
1    162.55.139.130 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.130.139.55.162.clients.your-server.de
rtbbnr.com
1    109.206.163.64 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.163.64.serverel.net
tb.baimgfroggd.site
3    104.21.34.6 (United States)

ASN13335 (CLOUDFLARENET, US)
stream.vast.wtf
1    13.225.20.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-20-40.bru50.r.cloudfront.net
pleastindustress.xyz
1    104.16.86.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    216.21.12.16 (United States)

ASN53334 (TUT-AS, US)
PTR: 216-21-12-16.customer.totaluptime.net
visariomedia.com
1    78.46.40.103 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.103.40.46.78.clients.your-server.de
pxl.tsyndicate.com
1    67.27.234.121 (United States)

ASN3356 (LEVEL3, US)
lcdn.tsyndicate.com
1    109.206.161.77 (Netherlands)

ASN50245 (SERVEREL-AS, NL)
PTR: 109.206.161.77.serverel.net
vs.videonet.online
2    142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net
www.google.com
21    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.youtube.com
1    23.235.244.212 (Phoenix, United States)

ASN20454 (SSASN2, US)
d.maldini.xyz
3    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
www.gstatic.com
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
static.doubleclick.net
1    142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net
yt3.ggpht.com
2    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
9    74.125.160.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s13-in-f6.1e100.net
r1---sn-4g5lznes.googlevideo.com
3    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.185.86 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f22.1e100.net
i.ytimg.com
Apex Domain
Subdomains		 Transfer
21 youtube.com
www.youtube.com
791 KB
14 adsco.re
c.adsco.re
6.adsco.re
4.adsco.re
adsco.re
9spmjmu2ixhr.l4.adsco.re
9spmjmu2ixhr.n4.adsco.re
9spmjmu2ixhr.s4.adsco.re
72 KB
9 googlevideo.com
r1---sn-4g5lznes.googlevideo.com
895 KB
6 doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
2 KB
6 stagepopkek.com
stagepopkek.com
100 KB
6 picrok.com
picrok.com
81 KB
5 googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
38 KB
4 google.com
accounts.google.com
www.google.com
14 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
33 KB
3 vast.wtf
stream.vast.wtf
8 KB
3 bncloudfl.com
cdn.bncloudfl.com
113 KB
3 25391ebf69.com
f00961160c.25391ebf69.com
37 KB
2 tsyndicate.com
pxl.tsyndicate.com
lcdn.tsyndicate.com
66 KB
2 wpunativesh.com
wpunativesh.com
7 KB
2 visariomedia.com
www.visariomedia.com
visariomedia.com
10 KB
2 iesboughts.xyz
iesboughts.xyz
2 KB
2 dendranthe4edm7um.com
dendranthe4edm7um.com
29 KB
2 cloudfront.net
d1ev866ubw90c6.cloudfront.net
53 KB
1 ytimg.com
i.ytimg.com
17 KB
1 ggpht.com
yt3.ggpht.com
3 KB
1 maldini.xyz
d.maldini.xyz
413 B
1 pix-cdn.org
12007250.pix-cdn.org
21 KB
1 videonet.online
vs.videonet.online
228 B
1 voyeurhit.com
tn.voyeurhit.com
14 KB
1 hclips.com
tn.hclips.com
25 KB
1 txxx.tube
tn.txxx.tube
17 KB
1 jsdelivr.net
cdn.jsdelivr.net
21 KB
1 pleastindustress.xyz
pleastindustress.xyz
368 B
1 baimgfroggd.site
tb.baimgfroggd.site
603 B
1 rtbbnr.com
rtbbnr.com
295 B
1 cabnnr.com
js.cabnnr.com
16 KB
1 ilusors.com
ilusors.com
190 B
1 wpadmngr.com
js.wpadmngr.com
239 B
1 freychang.fun
freychang.fun
711 B
1 facebook.com
www.facebook.com
1 smopy.com
d.smopy.com
12 KB
1 imghq.xyz
imghq.xyz
599 B
111 37
Domain Requested by
21 www.youtube.com www.google.com
www.youtube.com
9 r1---sn-4g5lznes.googlevideo.com www.youtube.com
6 stagepopkek.com picrok.com
stagepopkek.com
6 picrok.com picrok.com
5 googleads.g.doubleclick.net 1 redirects www.youtube.com
3 pagead2.googlesyndication.com tpc.googlesyndication.com
3 stream.vast.wtf js.cabnnr.com
cdn.jsdelivr.net
3 4.adsco.re picrok.com
c.adsco.re
3 6.adsco.re picrok.com
c.adsco.re
3 cdn.bncloudfl.com picrok.com
stagepopkek.com
3 c.adsco.re www.visariomedia.com
c.adsco.re
3 f00961160c.25391ebf69.com picrok.com
f00961160c.25391ebf69.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 tpc.googlesyndication.com www.youtube.com
tpc.googlesyndication.com
2 www.google.com stream.vast.wtf
www.youtube.com
2 wpunativesh.com f00961160c.25391ebf69.com
2 adsco.re c.adsco.re
2 accounts.google.com picrok.com
2 iesboughts.xyz d1ev866ubw90c6.cloudfront.net
2 dendranthe4edm7um.com picrok.com
dendranthe4edm7um.com
2 d1ev866ubw90c6.cloudfront.net picrok.com
iesboughts.xyz
1 i.ytimg.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 d.maldini.xyz
1 12007250.pix-cdn.org stream.vast.wtf
1 vs.videonet.online stream.vast.wtf
1 tn.voyeurhit.com
1 tn.hclips.com
1 tn.txxx.tube
1 lcdn.tsyndicate.com
1 pxl.tsyndicate.com
1 visariomedia.com www.visariomedia.com
1 cdn.jsdelivr.net stream.vast.wtf
1 pleastindustress.xyz
1 tb.baimgfroggd.site 1 redirects
1 rtbbnr.com 1 redirects
1 js.cabnnr.com f00961160c.25391ebf69.com
1 9spmjmu2ixhr.s4.adsco.re c.adsco.re
1 9spmjmu2ixhr.n4.adsco.re c.adsco.re
1 9spmjmu2ixhr.l4.adsco.re c.adsco.re
1 ilusors.com dendranthe4edm7um.com
1 js.wpadmngr.com f00961160c.25391ebf69.com
1 freychang.fun d1ev866ubw90c6.cloudfront.net
1 www.visariomedia.com picrok.com
1 www.facebook.com picrok.com
1 d.smopy.com picrok.com
1 imghq.xyz 1 redirects
111 49

This site contains links to these domains. Also see Links.

Domain
adsco.re
wpunativesh.com
videotxxx.com
videohclips.com
videovoyeurhit.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-06 -
2022-10-05		 a year crt.sh
d.smopy.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
dendranthe4edm7um.com
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
stagepopkek.com
R3		 2021-10-01 -
2021-12-30		 3 months crt.sh
iesboughts.xyz
Amazon		 2021-10-19 -
2022-11-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-08 -
2021-11-06		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
1178321474.rsc.cdn77.org
R3		 2021-08-22 -
2021-11-20		 3 months crt.sh
f00961160c.25391ebf69.com
R3		 2021-09-29 -
2021-12-28		 3 months crt.sh
*.adsco.re
Sectigo RSA Organization Validation Secure Server CA		 2021-09-06 -
2022-09-28		 a year crt.sh
js.wpadmngr.com
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
ilusors.com
R3		 2021-09-18 -
2021-12-17		 3 months crt.sh
*.l4.adsco.re
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.n4.adsco.re
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.s4.adsco.re
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
js.cabnnr.com
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
native.wpu.sh
R3		 2021-10-06 -
2022-01-04		 3 months crt.sh
pleastindustress.xyz
Amazon		 2021-09-01 -
2022-09-30		 a year crt.sh
visariomedia.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-19 -
2022-07-22		 2 years crt.sh
tsyndicate.com
R3		 2021-10-13 -
2022-01-11		 3 months crt.sh
lcdn.tsyndicate.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-26 -
2022-03-29		 a year crt.sh
tn.txxx.tube
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
tn.hclips.com
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
tn.voyeurhit.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
vs.videonet.online
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
12007250.pix-cdn.org
R3		 2021-10-02 -
2021-12-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
maldini.xyz
R3		 2021-10-07 -
2022-01-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-10-19 -
2021-12-28		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Frame ID: 203629502516F9D1572AC327E9CC571E
Requests: 46 HTTP requests in this frame

Frame: https://iesboughts.xyz/MlVrSmVTNwgnWlNoCWwQQDlWb1d0cFkMAQMwHXJTBCAJPVwCNl1kBl46Hi4DQDoFPktcMB9vV3QHPw4zAAY/KRNlPQw8JnY9CA8LYxcOLR10MBwYFGoiPicyZiIiDTFGYSAmUVUaPSEVaAYmIDJlJSkOJgIeDQgoUx4tIRdxEyo5MmFtIhhXCwIgDAF+MzkPUWAHACMmWzEoDB90ByAcPHQfBxgUYxcPejJbGzsCHGQ3JxgndxEcAAxwAyV9JwAHKAIcVgEieix0NyocXWUiITknaiIuGAhRHQobPAI3KhxdYz1TJCRqMjoYNEEGDS0wfTMcBAl3EEYYUGQ/EwwiWy0qATNRMSIPK0IXEQhdcB0YKDdqbTgsAmQwIiZdBgIpOhZwBFMbN3o5CQAzBgEJCzMKAAMHFGoWJikwASYjBlQCECEmCkIQLhs1djsAKDdfNi8vAmgaMT0vBhAuGFBgFloeI0ghDis0USINCzcFElscQAATLh4Oe3MBOQpcJVYlF30zABwVXDA7Hw9c
Frame ID: 0458E478DE125D91489A5C0C95B73A6E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/5c7/63a/492/5c763a492225ad61f153f519aef868e4606be6fc.gif
Frame ID: EC7B37D404A6B392901DB76B062C33F8
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/5c7/63a/492/5c763a492225ad61f153f519aef868e4606be6fc.gif
Frame ID: 92DC420E9A6C44B0EEDD01747F91BC72
Requests: 3 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: 86027C9DD37CD839828FB81DECD1117B
Requests: 4 HTTP requests in this frame

Frame: https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Frame ID: DB279A7A3BF759D879D163F9C3606E8D
Requests: 5 HTTP requests in this frame

Frame: https://stream.vast.wtf/files/youtube/vpaid.js
Frame ID: 642219D4BBB17756F8AA4F88662D5BD5
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Frame ID: 6CAA5B08FDDF3897467E40120DE86AF9
Requests: 47 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 278A8B482AF50D6AD3DED534A7BD3294
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

picrok.com - Earn money by sharing images

Page URL History Show full URLs

  1. https://imghq.xyz/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html HTTP 302
    https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html Page URL
  2. https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php Page URL

Page Statistics

111
Requests

98 %
HTTPS

0 %
IPv6

37
Domains

49
Subdomains

38
IPs

5
Countries

2495 kB
Transfer

5534 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://imghq.xyz/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html HTTP 302
    https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html Page URL
  2. https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://imghq.xyz/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html HTTP 302
  • https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
Request Chain 46
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMzk5ODk2NzE3Iiwic3BvdF9pZCI6OTU0OX0sImJhbm5lciI6eyJ3IjoxLCJoIjoxfX1dLCJzaXRlIjp7ImlkIjoiOTU0OSIsInBhZ2UiOiJodHRwczovL3BpY3Jvay5jb20vVlFjTTVyRUh2VXVSSERmbHA0OEV2aWlTWFZoNllyLWJBdy5waHAifSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiNDJhNWYyMzUwNDA2YjViMzRhZmU0OWZmNTE3ZWNiM2IifSwiZXh0Ijp7ImR0IjoxNjM1NTMzNDEzMzIyfX0= HTTP 302
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=42a5f2350406b5b34afe49ff517ecb3b&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4= HTTP 302
  • https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Request Chain 69
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
picrok.com/wel7gj5g2iw7/
Redirect Chain
  • https://imghq.xyz/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
  • https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
0ebafdeeaed2c8f5e42189ad3db0dce04ff3dede546d139b03406de1f2871201
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self';
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mc10kD3YDBEUM5EbC7cu%2FFSqTyo0VA3xz5MiGWi%2FInrJxmdPGRJDQUFbCH0lzLl3qHGcolUDxHlrQtiH71POFIcOp0E9NTFXSwXKi3gmwTQJzyKKiKm2%2BgiBK79m"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a5e96921b6a2c3e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-type
text/html
location
https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
strict-transport-security
max-age=2592000; preload;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6kP1vOzx%2BT56zpd6HzuvQMj0i7AwLDjAwo0MNiiQIcfQSR8bY3hJ3gxemxQGvsHg8sGBxuT0W%2Ba9KoRoKZ3J0O%2B%2BApuN59bqOhsk6K7sHpppgH1XJwqToEUULQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a5e96916abc5caa-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
picrok.com/ 		111 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Requested by
Host: picrok.com
URL: https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
2fe06ee352a3b85d254aab0a47a0310cbe7fa64222e0aa3b6c8eb3232c42b842
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/wel7gj5g2iw7/84296UHAP-uRz95dwrHgo+gDnPA2898.jpg.html

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-type
text/html
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self';
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRLCV9Bur7nltQd73OBkoRoLOO7ZzjpWHIk0bapwTC8kIjNhxwCUqOS7pFCDP4DKJrQOd9Bj0n8fZ59dDFadyQCiya89yuZ790W7h9TiZnw31AcL83rnRv93pz9P"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a5e96930d222c3e-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
main2.css
picrok.com/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://picrok.com/css/main2.css?13
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad07cb4c7cfa09ab01d181b97c0f8dc7ca6a77dff706ba6e4b84a8ecdb8046cb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3842
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 29 Oct 2021 17:46:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtwwYV2e0sykbAlyBpEY7H1Mtk%2FukRYZwZhGoU9gndNFv8JPCHIe4y5gTqsBYTvINbiyVazzhJv7yyQMwzlNcWYOTPOJ2rQviBeyNY3RLZGExWDmFUtrYWvf%2B3KR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=7200
cf-ray
6a5e9694fcc77037-FRA
expires
Fri, 29 Oct 2021 19:46:10 GMT
jquery-1.10.2.min.js
picrok.com/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://picrok.com/js/jquery-1.10.2.min.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3776
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 29 Oct 2021 17:47:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1y6Uyirjl8tNtuFEzMR2AItdxfEgdjMUXvkNAcIlt6rf7736u12vs4JFHBVw0RsQZkEmg0zIgTZAOtKj5z7%2Fkdi0HrF7jqeuISBY%2FbS6dMNI8QllZrCqbb3PuHb"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a5e9694fcca7037-FRA
expires
Fri, 29 Oct 2021 19:47:16 GMT
xupload.js
picrok.com/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://picrok.com/js/xupload.js?
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b117668baa1c446d21372e6fdc04d3a49387071cd31a267b948b35891cb9f7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 29 Oct 2021 17:47:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCb4LJ5q%2FNS7BcscYEp6DIjo2X3cdRo%2F8Vs1%2F%2ByhgpvL%2BVmfbGaP9EDL3LdAmY2KerNlJZ3eKUS9dA3BH%2BFwZw1TyZ64J%2FswRXA8CFpB%2FBrFeenc5txuidCuZOWt"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a5e9694fccd7037-FRA
expires
Fri, 29 Oct 2021 19:47:44 GMT
/
d.smopy.com/d/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.smopy.com/d/?resource=pubJS
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.153.42.228 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx / Express
Resource Hash
f172a815ca9b2c510183fee18c83113d7522309547e8ac4e53ed92710c5fa0fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Content-Encoding
gzip
ETag
W/"8ac1-UzHlMSz1UDMS+r9N3o7Nlbjf2ZY"
Server
nginx
X-Powered-By
Express
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Credentials
true
Connection
keep-alive
jquery.cookie.js
picrok.com/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://picrok.com/js/jquery.cookie.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.187.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dbe6727aa5a99c8f0b4e25e71829246ad3bcacdc84a13e6b5b12c8ea6fafc78
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5481
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 29 Oct 2021 17:18:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; preload;
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPAI5eN%2F3PkmAPnOQyPLFaR3s78F3kdFlNa09VOZPx%2BFE8Hgqp72JRS4eUoyO4m99rucucJysfHqsblaDwNwv%2BhMQms9whOWxEqSDvk8VhlHoRmljQlAKUMyzmTe"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=7200
cf-ray
6a5e9694fcd17037-FRA
expires
Fri, 29 Oct 2021 19:18:51 GMT
/
d1ev866ubw90c6.cloudfront.net/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ev866ubw90c6.cloudfront.net/?buved=669323
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-150.fra50.r.cloudfront.net
Software
/
Resource Hash
01b4fe8f8e83646976690342f1e741f7f218f5c53c1a7c9b1c651cc140171719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:19:32 GMT
content-encoding
gzip
age
1840
x-cache
Hit from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
x-amz-cf-pop
FRA50-C1
content-length
53121
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-id
q8HQzDESZMhHy4sBMlxLOPIdjpEGyzhA3Bvrj_Ok5QOjLCh1n5e0RA==
9056f859.js
dendranthe4edm7um.com/aas/r45d/vki/1823484/ 		68 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dendranthe4edm7um.com/aas/r45d/vki/1823484/9056f859.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6d9a7d6fff73563acdacb5172b6e625a74208aa072acf28eb069e0617f9b3ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 11:40:30 GMT
server
nginx
etag
W/"616eaeae-111e6"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
code.js
stagepopkek.com/lv/esnk/1836026/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/lv/esnk/1836026/code.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1cb8b2702535f8135ff96d3a2606e0b0b93417acd13daf5c2a81afbce5e388a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 09:40:52 GMT
server
nginx
etag
W/"6177cd24-22299"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
code.js
stagepopkek.com/lv/esnk/1836027/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/lv/esnk/1836027/code.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c2a20e1980149da9c5b1559ce37b1242dee9f3ebe223376a82ae9f56431fddae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
last-modified
Tue, 26 Oct 2021 09:40:52 GMT
server
nginx
etag
W/"6177cd24-22299"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
utx
iesboughts.xyz/ 		0
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://iesboughts.xyz/utx?cb=i9THzqxP9y75&top=picrok.com&tid=669323
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=669323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-83.fra50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:12 GMT
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://picrok.com
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
yqdxCBJ4269JwQnuDVUv-pxAsPFQsNza0GTeQ5rclghHeT6bJ4Bo_w==
EwwiWy0qATNRMSIPK0IXEQhdcB0YKDdqbTgsAmQwIiZdBgIpOhZwBFMbN3o5CQAzBgEJCzMKAAMHFGoWJikwASYjBlQCECEmCkIQLhs1djsAKDdfNi8vAmgaMT0vBhAuGFBgFloeI0ghDis0USINCzcFElscQAATLh4Oe3MBOQpcJVYlF30zABwVXDA7Hw9c
iesboughts.xyz/MlVrSmVTNwgnWlNoCWwQQDlWb1d0cFkMAQMwHXJTBCAJPVwCNl1kBl46Hi4DQDoFPktcMB9vV3QHPw4zAAY/KRNlPQw8JnY9CA8LYxcOLR10MBwYFGoiPicyZiIiDTFGYSAmUVUaPSEVaAYmIDJlJSkOJgIeDQgoUx4tIRdxEyo5MmFtIhhXCw... Frame 0458 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://iesboughts.xyz/MlVrSmVTNwgnWlNoCWwQQDlWb1d0cFkMAQMwHXJTBCAJPVwCNl1kBl46Hi4DQDoFPktcMB9vV3QHPw4zAAY/KRNlPQw8JnY9CA8LYxcOLR10MBwYFGoiPicyZiIiDTFGYSAmUVUaPSEVaAYmIDJlJSkOJgIeDQgoUx4tIRdxEyo5MmFtIhhXCwIgDAF+MzkPUWAHACMmWzEoDB90ByAcPHQfBxgUYxcPejJbGzsCHGQ3JxgndxEcAAxwAyV9JwAHKAIcVgEieix0NyocXWUiITknaiIuGAhRHQobPAI3KhxdYz1TJCRqMjoYNEEGDS0wfTMcBAl3EEYYUGQ/EwwiWy0qATNRMSIPK0IXEQhdcB0YKDdqbTgsAmQwIiZdBgIpOhZwBFMbN3o5CQAzBgEJCzMKAAMHFGoWJikwASYjBlQCECEmCkIQLhs1djsAKDdfNi8vAmgaMT0vBhAuGFBgFloeI0ghDis0USINCzcFElscQAATLh4Oe3MBOQpcJVYlF30zABwVXDA7Hw9c
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=669323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.83 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-83.fra50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
9de1026f2d5c654a16c4d2c76ca625cec40e64f537fc14cece3b908b8b85c2b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/

Response headers

content-type
text/html
content-length
1238
date
Fri, 29 Oct 2021 18:50:12 GMT
server
openresty/1.17.8.2
cache-control
no-store, no-cache, must-revalidate, no-transform
pragma
no-cache
p3p
CP="NID DSP ALL COR"
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qSrojg54xHRwUEWtgLgA2uTjGbZ2H2Wvl0Ea7Xc-KuXEUcpZP-6Aug==
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.20.35 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
ServiceLogin
accounts.google.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.205 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f13.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
popper.min.js
www.visariomedia.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visariomedia.com/popper.min.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.175.54 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-53.cdn77.com
Software
CDN77-Turbo /
Resource Hash
736763f0f554c88846bcdfd441225537d1a03441f31c0c60e60795265c14347f

Request headers

Referer
https://picrok.com/
Origin
https://picrok.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
br
x-77-cache
HIT
x-cache
HIT
x-age
105358
alt-svc
quic="195.181.175.53:443"; ma=2592000; v="44,43,39"
x-77-nzt
AcO1rzXzrn/vjpsBAA==
x-accel-expires
@1636032854
server
CDN77-Turbo
x-77-nzt-ray
TJO/DufKTcA=
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=604800
link
<https://visariomedia.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires
Thu, 04 Nov 2021 13:34:14 GMT
3ead1e42c9599cb676b34fca95612c38.js
f00961160c.25391ebf69.com/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f00961160c.25391ebf69.com/3ead1e42c9599cb676b34fca95612c38.js
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e

Request headers

Referer
https://picrok.com/
Origin
https://picrok.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 13:42:02 GMT
server
nginx/1.18.0
etag
W/"616ecb2a-1014d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 19:50:12 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
1836026
stagepopkek.com/get/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/get/1836026?zoneid=1836026&jp=_cld56qbjjcmqik9pijyhi&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0
Requested by
Host: stagepopkek.com
URL: https://stagepopkek.com/lv/esnk/1836026/code.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
16f6ce9e778f9cf6c02cdd72c1cd3998bccea3beaad6b5a0b755ae372979bcb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
1836027
stagepopkek.com/get/ 		2 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stagepopkek.com/get/1836027?zoneid=1836027&jp=_cl6q984cnb0ja7sbqk0oh7&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=undefined&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0
Requested by
Host: stagepopkek.com
URL: https://stagepopkek.com/lv/esnk/1836027/code.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
05594b9b2c705f620d286533caf7a03e6a80c8658b43f0406d1db36dade1835b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:12 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
1823484
dendranthe4edm7um.com/get/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dendranthe4edm7um.com/get/1823484?zoneid=1823484&jp=_clwvap6a20xevsnly5ggno&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=0&sp=0
Requested by
Host: dendranthe4edm7um.com
URL: https://dendranthe4edm7um.com/aas/r45d/vki/1823484/9056f859.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
925ea03cce925a6d435f415654824150eef6c3ebfa4ac2a3761896891f53acad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
/
c.adsco.re/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: www.visariomedia.com
URL: https://www.visariomedia.com/popper.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.166.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
11406779
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6a5e9697fbd8f9d2-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Nov 2021 18:50:13 GMT
/
freychang.fun/ 		16 B
711 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://freychang.fun/?f=42a5f2350406b5b34afe49ff517ecb3b
Requested by
Host: d1ev866ubw90c6.cloudfront.net
URL: https://d1ev866ubw90c6.cloudfront.net/?buved=669323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.221 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3887a003ee95881d4fa90eaae1c95cf9ba273ff0809a5b5e41a64a7949e246e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://picrok.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqZiBRybdwC8onLmJLBypfYdTZsz1D1zgQGmnpO9eN7xp5dkTd3iWSnvb%2BtgewUTOUeyHljKik9cT0YFzK3X4zHlGVfO%2F0%2F5VFBeM1QZZAGICEwsXYT%2FOOJ4kPjege9N"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
6a5e9698082bf9de-PRG
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
3158
f00961160c.25391ebf69.com/ea4b24ade90600e22a1101cae36c727b/ 		2 KB
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://f00961160c.25391ebf69.com/ea4b24ade90600e22a1101cae36c727b/3158
Requested by
Host: f00961160c.25391ebf69.com
URL: https://f00961160c.25391ebf69.com/3ead1e42c9599cb676b34fca95612c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8751bb40a60109e78c17f67fcb6e3e2b6c9bd9ed820002650018d438e3222877

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
server
nginx/1.18.0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 19:50:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: f00961160c.25391ebf69.com
URL: https://f00961160c.25391ebf69.com/3ead1e42c9599cb676b34fca95612c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 19:50:13 GMT
cache-control
max-age=3600
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
5c763a492225ad61f153f519aef868e4606be6fc.gif
cdn.bncloudfl.com/bn/5c7/63a/492/ Frame EC7B 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bncloudfl.com/bn/5c7/63a/492/5c763a492225ad61f153f519aef868e4606be6fc.gif
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b2de298314e0616811998d963d8ca09e5e07d92c94dbfc132744f5fbdc7772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
x-openstack-request-id
tx3272f48270ce4772afa38-0060cb507b
cf-cache-status
HIT
age
47509
cf-polished
status=not_needed
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj
imgq:100,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-trans-id
tx3272f48270ce4772afa38-0060cb507b
accept-ranges
bytes
last-modified
Fri, 14 May 2021 15:10:12 GMT
server
cloudflare
etag
40819607f574be5112ca684a25a0b4f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-timestamp
1621005011.96338
cache-control
max-age=432000
content-length
37900
cf-ray
6a5e96984cc5413e-PRG
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
expires
Sun, 31 Oct 2021 05:38:24 GMT
ETkI
d1ev866ubw90c6.cloudfront.net/RTDV2STcvWhgvCDhcEnQBegxFewRqXwUmWTwIGTt4Kl4gOVkpZSMjWWpBDC0KfBMaKFkrCFAsWS8IR29WKFdLfRE4RRkiCidCFzFRKVYFJlRqQBd0WiNPHyVbLRBEDwJiBVN7B2RCHydTI0IFbAV8WwJsBXwERmcHaQY0bA... Frame 0458 		765 B
824 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1ev866ubw90c6.cloudfront.net/RTDV2STcvWhgvCDhcEnQBegxFewRqXwUmWTwIGTt4Kl4gOVkpZSMjWWpBDC0KfBMaKFkrCFAsWS8IR29WKFdLfRE4RRkiCidCFzFRKVYFJlRqQBd0WiNPHyVbLRBEDwJiBVN7B2RCHydTI0IFbAV8WwJsBXwERmcHaQY0bAV8Qh8nAXgQRQsSfgUOfwNlEE-R5VjxFGixAKVcdIENpBzB8BHsbRX8SfgVeIl84WBpsBQ8QRHlbJV4TbAV8UhMqXCMcU3sHL10EJlopEEQPDnkbRmcDegZOZwJ4EER5RC1TFzteaQcwfAR7G0V/ETkI
Requested by
Host: iesboughts.xyz
URL: https://iesboughts.xyz/MlVrSmVTNwgnWlNoCWwQQDlWb1d0cFkMAQMwHXJTBCAJPVwCNl1kBl46Hi4DQDoFPktcMB9vV3QHPw4zAAY/KRNlPQw8JnY9CA8LYxcOLR10MBwYFGoiPicyZiIiDTFGYSAmUVUaPSEVaAYmIDJlJSkOJgIeDQgoUx4tIRdxEyo5MmFtIhhXCwIgDAF+MzkPUWAHACMmWzEoDB90ByAcPHQfBxgUYxcPejJbGzsCHGQ3JxgndxEcAAxwAyV9JwAHKAIcVgEieix0NyocXWUiITknaiIuGAhRHQobPAI3KhxdYz1TJCRqMjoYNEEGDS0wfTMcBAl3EEYYUGQ/EwwiWy0qATNRMSIPK0IXEQhdcB0YKDdqbTgsAmQwIiZdBgIpOhZwBFMbN3o5CQAzBgEJCzMKAAMHFGoWJikwASYjBlQCECEmCkIQLhs1djsAKDdfNi8vAmgaMT0vBhAuGFBgFloeI0ghDis0USINCzcFElscQAATLh4Oe3MBOQpcJVYlF30zABwVXDA7Hw9c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-150.fra50.r.cloudfront.net
Software
/
Resource Hash
6e2d9cc145ae1b84c7f004452dc92301c3a0cd81f3a1ee97be9394c060124f2f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://iesboughts.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
547
via
1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-cf-id
CJRuRQHmxdK5qm5JfnfwcTlzWi1ZmBsMk0o7-ChcfVvyZkJc4PGJ5g==
/
ilusors.com/ssp/req/1823484/ 		7 B
190 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ilusors.com/ssp/req/1823484/?pb=92fadaa083d902d5edf11566d857bce21635540613&psp=3FzEEFOoRtT3U0_Uygk7hlPPVc9R93Y1eIQG8ctdByMdtDr9jkZQX9TxKnM0GQPZfi44An-8oEJjNIE5Kui7SFwrp649Iyj-8uSgi-wbBQ86ra-prvZV4Xn2CQU2KXWDh7lcnG5eTsgx8q8MOqpQRM38iO2d6nqcOfxCFHNiTAGN5SBwu0NF9hfbYcdZkVvgRn8b0OxwyJRQWXMAMc-jfQK7PAyQFNnaN7EzIK0-5NK32ncIg0VsVLQldVgLum22dMddebxGSYlzc0F8KVmxtb6Mac8_NfkVN7SZj3Wo0VVQWeUa3Tv-JPZLDzXCpnObnIHtqRp_OOo6huZ45oEAICqG_ZomEOucZTI-beivRJUyH3PNCiVnV6aKfNBDA77rVkUfekHs8hclzZ-ag1Ao6wVrl6gewyq9XONDto5OQsxZ-HyYh6fpL4wRHDcUHlsQqwzsejc6rXHEXlmCQQDds14KoQvU6YGNafhXQpd_mF9UrraaZL1azjWrERvsYlvn2Z1tNfAx-H5_p74FUlc_YENDbpiz7N-wmT0kKXKDadECzpA5FWPqgBPHquJZm0F1FkxtaMXPrFxWmvw0kPm1w33r6srVgti0ztLmxQnDQ48KSWAtDz_mc1HlcrNn0kZ-wRtYjTcZHJFO5ie5l3_nI03cnbliap1XIHi8chzqGE0aihFda9m_EPC0mRUYW3EAQ7hXOYXUGEVd8kIxJnazEek=&cb=_cln5f0t8kmjhi2rzaafmxl&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24
Requested by
Host: dendranthe4edm7um.com
URL: https://dendranthe4edm7um.com/aas/r45d/vki/1823484/9056f859.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
nginx
timing-allow-origin
*
content-length
7
content-type
text/javascript
/
6.adsco.re/ 		0
384 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Origin
https://picrok.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://picrok.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a5e96988b064119-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
4.adsco.re/ 		0
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Origin
https://picrok.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://picrok.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
5c763a492225ad61f153f519aef868e4606be6fc.gif
cdn.bncloudfl.com/bn/5c7/63a/492/ Frame 92DC 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bncloudfl.com/bn/5c7/63a/492/5c763a492225ad61f153f519aef868e4606be6fc.gif
Requested by
Host: stagepopkek.com
URL: https://stagepopkek.com/lv/esnk/1836027/code.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.14.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b2de298314e0616811998d963d8ca09e5e07d92c94dbfc132744f5fbdc7772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
x-openstack-request-id
tx3272f48270ce4772afa38-0060cb507b
cf-cache-status
HIT
age
47509
cf-polished
status=not_needed
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj
imgq:100,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-trans-id
tx3272f48270ce4772afa38-0060cb507b
accept-ranges
bytes
last-modified
Fri, 14 May 2021 15:10:12 GMT
server
cloudflare
etag
40819607f574be5112ca684a25a0b4f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-timestamp
1621005011.96338
cache-control
max-age=432000
content-length
37900
cf-ray
6a5e96984ce1413e-PRG
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
expires
Sun, 31 Oct 2021 05:38:24 GMT
p
adsco.re/ 		0
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
AS-P-4
OK
Transfer-Encoding
chunked
AS-P-1
OK lon223
Access-Control-Allow-Origin
https://picrok.com
Access-Control-Max-Age
2592000
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
Connection
keep-alive
AS-E
ND
AS-P-2
OK
AS-P-3
OK
/
4.adsco.re/ 		48 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
52b6422d2e5d9a0bbe5ac3c5a72fcb7f649dd20ca36403b25880b25cbe5aa71c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://picrok.com
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
/
6.adsco.re/ 		0
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://picrok.com
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a5e96988b054119-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
9spmjmu2ixhr.l4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://9spmjmu2ixhr.l4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS
adscore.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Last-Modified
Tue, 31 Jul 2018 22:16:15 GMT
ETag
"5b60dfaf-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
9spmjmu2ixhr.n4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://9spmjmu2ixhr.n4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Last-Modified
Mon, 30 Jul 2018 15:32:42 GMT
ETag
"5b5f2f9a-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
9spmjmu2ixhr.s4.adsco.re/ 		0
464 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://9spmjmu2ixhr.s4.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.200.116.90 Singapore, Singapore, ASN9009 (M247, GB),
Reverse DNS
no-mans-land.m247.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://picrok.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 29 Oct 2021 18:50:15 GMT
Last-Modified
Mon, 30 Jul 2018 15:38:01 GMT
ETag
"5b5f30d9-0"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length
0
/
c.adsco.re/ Frame 8602 		62 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.166.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-type
text/html
cache-control
public, max-age=2678400
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
expires
Mon, 29 Nov 2021 18:50:13 GMT
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
cf-cache-status
HIT
age
11406779
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
6a5e9698bb484114-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
6.adsco.re/ Frame 8602 		0
363 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6.adsco.re/
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.167.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
cloudflare
access-control-allow-headers
Content-Type
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain;charset=UTF-8
access-control-allow-origin
https://c.adsco.re
access-control-max-age
2592000
cache-control
private, max-age=10
cf-ray
6a5e9699fa8b4125-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
/
4.adsco.re/ Frame 8602 		0
457 B 		Other
General
Check archive.org
Download Go to
Full URL
https://4.adsco.re/
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://c.adsco.re/
Origin
https://c.adsco.re
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:13 GMT
Content-Encoding
gzip
Access-Control-Max-Age
2592000
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://c.adsco.re
Cache-Control
private, max-age=5
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
5c763a492225ad61f153f519aef868e4606be6fc.gif
cdn.bncloudfl.com/bn/5c7/63a/492/ Frame 92DC 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.bncloudfl.com/bn/5c7/63a/492/5c763a492225ad61f153f519aef868e4606be6fc.gif
Requested by
Host: stagepopkek.com
URL: https://stagepopkek.com/lv/esnk/1836027/code.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.22.14.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85b2de298314e0616811998d963d8ca09e5e07d92c94dbfc132744f5fbdc7772

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
x-openstack-request-id
tx3272f48270ce4772afa38-0060cb507b
cf-cache-status
HIT
age
47509
cf-polished
status=not_needed
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cf-bgj
imgq:100,h2pri
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-trans-id
tx3272f48270ce4772afa38-0060cb507b
accept-ranges
bytes
last-modified
Fri, 14 May 2021 15:10:12 GMT
server
cloudflare
etag
40819607f574be5112ca684a25a0b4f0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/gif
access-control-allow-origin
*
x-timestamp
1621005011.96338
cache-control
max-age=432000
content-length
37900
cf-ray
6a5e9699da5927c0-PRG
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
expires
Sun, 31 Oct 2021 05:38:24 GMT
chicken.gif
stagepopkek.com/ Frame EC7B 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stagepopkek.com/chicken.gif?z=1836026&pb=7127454cebf8a88b05e31602bc0228e01635540612&psp=SPgz3WwgpqaZoc8-qP5wT3eDoAAKZ3hMr8FLlX2znKg5lUZywU6SjHJFLp9qo8-uYBQITGaJlB3Qhmss9d_aEeSBaYZtKvIZd7dJbxYnjtWV6JozSJ_23UBOsWGJFTCKf6XvqSHrHcSJ7ULf-hfkXC49k3oTp-enzloOWW7bd_pQPo_SxK1LDwJw57vIZCp5oBiGOycvgyOdBY83x5pDnK00FILrqew709ThYKXfDyrWqGZb3BTY3p2TnjFRSCURQ5lM_VtkN7nWgaufBroJhGRE_v8FbH03MrTste-5QAUslIVZUKr971rWWxbKq4ct9x5ED-o1hcj-m8p-TJvayP4SIvyQmITNA401Fj3xa4GP4awFchh9nR_MkkSHI2aAFZeXCBuUGdj0J3AOS6pauvk3t64WH1QgmhlVZTMx7whWlus6KA51oNLf_2ZHm8GaGNqXFElDyunjc11Uqi8RpvBwm0aNqeskvIx1fVkm
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
/
c.adsco.re/ Frame 8602 		62 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.adsco.re/
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.166.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://c.adsco.re/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
11406779
etag
W/"2Ma3006J78KgzL0RD+7gUg=="
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html
link
<//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control
public, max-age=2678400
cf-ray
6a5e969a2dfc4114-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 29 Nov 2021 18:50:13 GMT
ec6233b68df27e79b369dfe653b6ab65.js
f00961160c.25391ebf69.com/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f00961160c.25391ebf69.com/ec6233b68df27e79b369dfe653b6ab65.js
Requested by
Host: f00961160c.25391ebf69.com
URL: https://f00961160c.25391ebf69.com/3ead1e42c9599cb676b34fca95612c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d821e26847d8c47a1d3238dbdd2c1dfd5794b72c10c29365f34730eec688be9a

Request headers

Referer
https://picrok.com/
Origin
https://picrok.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
last-modified
Mon, 11 Oct 2021 15:02:55 GMT
server
nginx/1.18.0
etag
W/"6164521f-78ea"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 19:50:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
build.js
js.cabnnr.com/banner-admanager/ 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cabnnr.com/banner-admanager/build.js
Requested by
Host: f00961160c.25391ebf69.com
URL: https://f00961160c.25391ebf69.com/3ead1e42c9599cb676b34fca95612c38.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 08:56:00 GMT
server
nginx/1.18.0
etag
W/"6167f0a0-adb5"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Fri, 29 Oct 2021 19:50:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
chicken.gif
stagepopkek.com/ Frame 92DC 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stagepopkek.com/chicken.gif?z=1836027&pb=7127454cebf8a88b05e31602bc0228e01635540612&psp=0j_TX5YPL2C4qIAFmGJ0icGFLeclvZDlV3uP72T2chJfS54ouQEYX5FVh6MuEehCEod8bsyb7gTAyzBXd8yQ5Q9b7Tq-h_PjiGpJDIiJ4i8XAHd2vLtoBUHkLSvoOKVEPoWJx2Fw84OHH8S9LxsK2m30JMRz-f4WoPkZYzXXzJFAjtTEZgI-I4j0vSmwuYxvk_5m9sDWDiLnZI9WL4FA8x9jA3pM2iUErlxXH9dzaeDJcrZEMnVtXC7YKQ8-a09lxL3Wm7z-pPJAXnWk5tKxko_4CItIvNZ-mm96U9BI1uOtp-NndSvc1V8OEbiXJN_1P63153MlcKbIwLmbjrPE4ILudMw2N38FJ4zEO3EB8NwQGX0Eh7JzJWat1lOD6md0KWbejWUbw-x6wdGferwukBIR1rCvdfMowZNlChDhV-8-RpM9dY519aZW4ZQUWPK2-wswJSgF-Sk4QLD8HLMzuuWyWAnrrstampX-jJ--
Requested by
Host: picrok.com
URL: https://picrok.com/VQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
multy
wpunativesh.com/in/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wpunativesh.com/in/multy?spot_size=4&spot_id=4747&subid=1728943672&label=1&session_id=a4cad063-7f73-4630-aac6-bfc50f429054&cpa=91ecea3d-7ce0-43c7-bd77-269c961078e9&ver=5.1.1&adblock=0&ad_type=native&iw=241&ih=241
Requested by
Host: f00961160c.25391ebf69.com
URL: https://f00961160c.25391ebf69.com/ec6233b68df27e79b369dfe653b6ab65.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.133.127.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213-133-127-134.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash
c4abed06375af560355245e85765372cfcd587b6dcd42298a892987d66f7873a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 29 Oct 2021 18:49:19 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
server
nginx/1.16.0
content-length
6748
content-type
application/json; charset=utf-8
banner
stream.vast.wtf/youtube/ Frame DB27
Redirect Chain
  • https://rtbbnr.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxNjk1LCJzcGFjZWlkIjoxNjk1LCJpZHpvbmUiOm51bGwsImFkX3RhZ3MiOiIiLCJsYWJlbHMiOiIiLCJ0aXRsZSI6IiIsInN1YmlkIjoiMzk5ODk2NzE3Iiw...
  • https://tb.baimgfroggd.site/in/1739/?screen_resolution=1600x1200&zone=ssp_cpm&w=1&h=1&spaceid=1695&user_id=42a5f2350406b5b34afe49ff517ecb3b&bid=0.0400&katds_labels=&utm1=&utm2=&utm3=&utm4=
  • https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: js.cabnnr.com
URL: https://js.cabnnr.com/banner-admanager/build.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7279333c2610bb99ffb34954bd8d027c78ee0402e56f9c1f26cec1d73e972026

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-type
text/html; charset=utf-8
access-control-allow-credentials
true
access-control-allow-origin
*
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFHkuAu%2FPSSVO4vXfFqPbhhxCwuqM3vzPfwI83n0zs%2F8pQdDbkcoFfbTeZ%2ByHFun%2BVRNhEnaGxhCrYDHUSneVn08KTtqQjLNBD0qFNKGInlAX0wjxHAWLmBWvtvO0YzYIHQ%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a5e969bdb38f9da-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server
nginx/1.17.2
date
Fri, 29 Oct 2021 18:50:13 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
pragma
no-cache
vary
*
cache-control
no-cache, no-store, must-revalidate
popunder.gif
pleastindustress.xyz/ 		35 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pleastindustress.xyz/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.20.40 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-20-40.bru50.r.cloudfront.net
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
public
date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
x-amz-cf-pop
BRU50-C1
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
content-length
58
via
1.1 854e69d09dba9252a1cd2401bf2be25e.cloudfront.net (CloudFront)
x-amz-cf-id
Ip_LugBZOa5p6NCVEY-X9X8JTLumziX6EhpJTNfKh19n6MhmZIb8ug==
p
adsco.re/ 		166 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsco.re/p
Requested by
Host: c.adsco.re
URL: https://c.adsco.re/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software
/
Resource Hash
e7d381d90f29b9cc26391393dd12fa3a34b4db10524608e4e0c688b7d0f8cfdb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

AS-P-G
OK
Date
Fri, 29 Oct 2021 18:50:13 GMT
AS-P-7
OK
AS-P-9
OK
AS-P-C
OK
Transfer-Encoding
chunked
AS-P-5
OK
AS-P-F
OK
Connection
keep-alive
Content-Encoding
gzip
AS-P-2
OK
AS-P-D
OK
AS-P-6
OK
AS-P-B
OK
AS-P-H
OK
AS-P-4
OK
AS-P-A
OK
Access-Control-Max-Age
2592000
AS-P-1
OK lon223
Access-Control-Allow-Origin
https://picrok.com
Cache-Control
no-transform
Access-Control-Allow-Credentials
true
AS-P-8
OK
Content-Type
text/html; charset=UTF-8
AS-P-E
OK
AS-P-3
OK
vast-player.min.js
cdn.jsdelivr.net/npm/vast-player@latest/dist/ Frame DB27 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.86.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c97607147b09e31e70026e23eb61dc4917b5655e4b03ee103cb50d62f6616a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
36172
x-jsd-version
0.2.10
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19144-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"101a3-kqflBbwdvbQ4APoFNu3h5vzUaKQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6a5e969c8f1e4125-PRG
Zxk.asp
visariomedia.com/ 		44 B
140 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visariomedia.com/Zxk.asp?_=BAYAYXxCZQFhfEJlgAGBAsAAIHtf0PM3COD-SKIQk3f5HF6eQCO7f7DhdEXwXyCcn1QUwQBGMEQCIDIZ9V57zoQ2ufI2okCqCpDCR9OFYRrO2moX6d0VWz3ZAiATzXaOj2dbEbAmEZLVgDapSGUajrn1S6VRGTuigpPJbQ&v=4&KGsitOVN=4360211&minBid=&UYLjpaqn=0,0&BLJlIDqO=&umelyrAg=https%3A%2F%2Fpicrok.com%2Fwel7gj5g2iw7%2F84296UHAP-uRz95dwrHgo%2BgDnPA2898.jpg.html&s=1600,1200,1,1600,1200,0
Requested by
Host: www.visariomedia.com
URL: https://www.visariomedia.com/popper.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.21.12.16 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
216-21-12-16.customer.totaluptime.net
Software
/
Resource Hash
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Oct 2021 18:50:13 GMT
popads-ec
ASB
asf
9
content-length
44
content-type
text/javascript;charset=UTF-8
/
wpunativesh.com/in/show/ 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wpunativesh.com/in/show/?&cid=742&session_id=a4cad063-7f73-4630-aac6-bfc50f429054&response_size=0&cryp=eyJhbGciOiJIUzI1NiJ9.eyJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImFkX3Bvc2l0aW9uIjoxLCJhZF90eXBlIjoibmF0aXZlIiwiYXVjdGlvbl9pZCI6Nzc5MjQ5Njk3LCJicm93c2VyX2ZhbWlseSI6IkNocm9tZSIsImJyb3dzZXJfbmFtZSI6IkNocm9tZSA5NSIsImNhbXBhaWduX2lkIjo3NDIsImNvdW50cnkiOiJERSIsImNwYyI6MCwiY3BtIjowLjAwNywiY3JlYXRpdmVfaWQiOiI4OGY0NWRmNThmNWMxMjRlZmQzNmI4MzBiYTE4M2E4OCIsImVjcG0iOjAuMDA2NzMzMywiZXh0X2NyZWF0aXZlX2lkIjoiMjI3NzEyOCIsImZyb21fc3RvcmFnZSI6ZmFsc2UsImlhdCI6MTYzNTUzMzM1OS41NzYxNjgzLCJpcCI6IjIxNi4xMzEuMTE0LjE5OCIsImlzX2NwbSI6MSwib3NfZmFtaWx5Ijoid2luZG93cyIsIm9zX3R5cGUiOiJjb21wdXRlciIsInJlc3BvbnNlX3NpemUiOjAsInJuIjowLCJzZXNzaW9uX2lkIjoiYTRjYWQwNjMtN2Y3My00NjMwLWFhYzYtYmZjNTBmNDI5MDU0Iiwic2l0ZSI6InBpY3Jvay5jb20iLCJzb3VyY2VfaWQiOjE3Mjg5NDM2NzIsInNwb3RfaWQiOjQ3NDcsInNwb3Rfc2l6ZSI6NCwic3ViIjoiYXVjdGlvbi1uYXRpdmUtcHJvZCIsInVybCI6IiIsInVzYWdlX3R5cGUiOiJEQ0giLCJ1c2VyX2lkIjozMDYzMjM1MDQ4LCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fc291cmNlIjoiIiwidmVyIjoiNS4xLjEifQ.89M70O-ghDCEiaq9OQgNZFxATf5-5eP5jnx4HUqmirU
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.133.127.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.213-133-127-134.clients.your-server.de
Software
nginx/1.16.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:49:19 GMT
content-length
0
server
nginx/1.16.0
p.gif
pxl.tsyndicate.com/api/v1/p/ 		35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.tsyndicate.com/api/v1/p/p.gif?p=e0SEGUNHhI4YLETQOXNQhI0wN2SIESPjRgsxOMyYaUHDjMcWOWjEKNOijIyRYkbauIHDhg0RCse4mXNwhgwbCsPUGePwxo0cKHPYyHEjpggxacj4BCqUqFGdZOwcjAEDx4waCuHUEUMV5UudcOAcdIlT4Rw4BnXMyFEWxg2FZfDQ-YJWrQgaN_IeHdNm7NoYEmlkHUjGzEEbMhSKcePmoAyLN2LIwKGwjZuGOkbmSCgCzuXMgWHAyCmijhw2j2uwtEGjdB0ZDtHQoQNnjo4XL-jIGbPGRRo3Zt68MBPGjA0xZmKIwZiDTIyOMFCGhCEGegwbMczcYIsjx4wYNH6QKWMnzZgyX-jkgVOmB5QhXOqMxvlmTo8rwMm8uTMHRFX56ENODv7mKEOOHoZAg8A2yghQOhvGCEMOOdI4sIcHcZLQrzDSOMONL5TqATzBasjQhjnSoCM9NOyjowc65qhDLDbycGGMN9o4UTg52gjjRTd-TMMOB-eDMAwy0HqDriAb7MEJIYk8EckegiBihi-CpGPIksR4o7E8TlyjjDzueEOOJDE0UkMXe4DBBRhiOHEMNs5bQ8Qw3FjiBiVuUOMLKmBooQok6lBCCDqE0IIGLc4IIogl2GjiUSKGyMNKPahA4o5HOw1CCCfGyCGIIZb4YghPH73DiTSqWOOo_dpwKMYZ4ajxxhz5-vGgLSDrQiveqCoJBsLegCNYhIYlLLmD3hyNsDE---LYnnRw9i2F5LDjrxlgiCtaWa2Fs7M66kjDITJGIgOHMchoy4zRKoKBhjLaGi2HtsoYwwwcaLCojKPS-EsEGbBzIQbwDg7v4LaOqiMMh5p4Q4802GAjjBdqgBMEFPJzY7_-QHCCiv-c3QEEj1s7GY_WUgAhCBrLuKIMMZZQMeMZbnBhBhs4XgIJKppgggUQ6hwThCP0XeMNlxVksIwXctD4TddmwMGFGmgAYQrjJkwDZ5155qtaEYgo4qgzvxiDbLOPYoPtsxUiz44v5CgjNYRquKGGGGrod7RsPzyoKBrkLu8LMeQgy3C623hjKR0oC09uAqlSyL6DCveMQDzyeEzuPBzTYbc6yjhLW4cIpOPHM1uoww0VWyDWBTLGgEqE2tFNr_bb6QgXO6xqmGGGkWZQyPfYELIh-OGLr6EGxQqruwy0vthVeeaJR1gnMe4ir7g62DBIq7eblekzuuUQ8g3LRRgjNBj6UCAg&r=1&s=fbcedf769bc7cf9a6f9671e276be9ab934f6339165b96bbb1be3f9eaef0963631635533413&w=t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
78.46.40.103 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.103.40.46.78.clients.your-server.de
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
server
nginx
x-robots-tag
noindex, nofollow
content-length
35
content-type
image/gif; charset=utf-8
main.jpg
lcdn.tsyndicate.com/images/3/7/ca7655b47673da6dbfdf2eaa89f96c535dd7bd/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lcdn.tsyndicate.com/images/3/7/ca7655b47673da6dbfdf2eaa89f96c535dd7bd/main.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.27.234.121 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx /
Resource Hash
81adf41f79d5df9e92755efb2c3666f2d68b2e5b0d07bb94c6b6105d912e4be4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 14:39:03 GMT
server
nginx
age
19447227
etag
W/"5f85bc07-10813"
vary
Accept-Encoding
content-type
image/jpeg
x-robots-tag
noindex, nofollow
1.jpg
tn.txxx.tube/contents/videos_screenshots/80000/80408/288x162/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.txxx.tube/contents/videos_screenshots/80000/80408/288x162/1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
a6796d7f7b1174e097ea6e29ce18b67575ed0b60337e9ae474a33903a898ebd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
last-modified
Fri, 15 Mar 2019 18:13:28 GMT
server
nginx/1.18.0
etag
"5c8beb48-41b8"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 18:50:13 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16824
x-proxy-cache
HIT
1.jpg
tn.hclips.com/contents/videos_screenshots/7487000/7487361/240x180/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.hclips.com/contents/videos_screenshots/7487000/7487361/240x180/1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
cd35782897bde721750cf4ee711e0eafd945a9d93216813a8309f66e8181cab7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
last-modified
Fri, 01 May 2020 12:30:34 GMT
server
nginx/1.18.0
etag
"5eac166a-63dd"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 18:50:13 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
25565
x-proxy-cache
HIT
1.jpg
tn.voyeurhit.com/contents/videos_screenshots/348000/348279/240x180/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tn.voyeurhit.com/contents/videos_screenshots/348000/348279/240x180/1.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
acd7f7d8b76758ed10d169e4ced2db06dc225613da242a310d64824706620565

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
last-modified
Sat, 16 Oct 2021 23:48:11 GMT
server
nginx/1.18.0
etag
"616b64bb-35b4"
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 27 Jan 2022 18:50:13 GMT
cache-control
max-age=7776000
accept-ranges
bytes
content-length
13748
x-proxy-cache
HIT
/
vs.videonet.online/sts/ Frame DB27 		2 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vs.videonet.online/sts/?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw&type=impression
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
109.206.161.77 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
109.206.161.77.serverel.net
Software
nginx/1.20.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Oct 2021 18:50:13 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
content-length
2
content-type
application/json
vast
stream.vast.wtf/youtube/ Frame DB27 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/youtube/vast?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cafb39275e7071918be2ab6f25e6e9963e7a93e3d3eeee6b2bdfa1bfc51c50f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6a5e969d4d3d2778-PRG
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52QjBD850vPq9dNbwvD9k2D98F9bmjSDJCcjoV%2Fq6uxr%2BfFNEF1he0wHgZSb22lCDnemBagRGMFnU6PWbOW60LdvR6nxAXLYcdI%2FsUIJOxWjJeI3Rh%2FstJJqwR%2F1mkaGRis%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/xml
access-control-allow-origin
*
access-control-allow-credentials
true
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
tbz.jpg
12007250.pix-cdn.org/native/tmp/ Frame DB27 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12007250.pix-cdn.org/native/tmp/tbz.jpg
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2427970
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20782
last-modified
Thu, 30 Sep 2021 13:59:58 GMT
server
nginx/1.18.0
etag
"6155c2de-512e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSD2UV6yMHx512wNGqmLHJ6E1Zn5smuVtEW%2F4AjOA1qkZpFuNMEIXjv%2BYBOQuqzl2xs19MdRCNCEQW3UDrukRg%2FhqoKb8197MpPkgj7tCO3X4ICX9kBFph4lliqH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
6a58abd259646d91-MUC
x-proxy-cache
HIT
expires
Fri, 29 Oct 2021 19:50:13 GMT
vpaid.js
stream.vast.wtf/files/youtube/ Frame 6422 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stream.vast.wtf/files/youtube/vpaid.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/vast-player@latest/dist/vast-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.34.6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6004cbbdfd65a4a6059250ea0595c41799d38cc264a567f22db8e90e87915b26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:14 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3343
cf-polished
origSize=24046
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Thu, 21 Oct 2021 14:31:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gkstm19vpe41as7b4PR%2Bwmr4NMMN4P9hf%2B%2BOgTXlFTvoTOkNYCndUClmtnd%2FBmxkuMowxQPaBnCnbm0Th3lZqpvFB6RraewsMEn4qc%2F%2B22q5enSbif1HS1E0BgMzmkcjdfI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6a5e969d9dbf2778-PRG
cf-bgj
minify
url
www.google.com/ Frame 6CAA 		603 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/3qNnkS7U3N8%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Requested by
Host: stream.vast.wtf
URL: https://stream.vast.wtf/files/youtube/vpaid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
gws /
Resource Hash
7a41beb1ba494a2dd2713b065b0d5cd88dcf21f58d51f2dced0fdcd79b655ded
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://stream.vast.wtf/

Response headers

location
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
cache-control
private
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=31536000
bfcache-opt-in
unload
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Fri, 29 Oct 2021 18:50:14 GMT
server
gws
content-length
603
x-xss-protection
0
expires
Fri, 29 Oct 2021 18:50:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3qNnkS7U3N8
www.youtube.com/embed/ Frame 6CAA 		59 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=D&q=https://www.youtube.com/embed/3qNnkS7U3N8%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
479b636df61f0267565d3b75323e7b18602f4dbe560f2ab499cc26ec6c4d406c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 29 Oct 2021 18:50:14 GMT
strict-transport-security
max-age=31536000
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t.php
d.maldini.xyz/ 		0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.maldini.xyz/t.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.244.212 Phoenix, United States, ASN20454 (SSASN2, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://picrok.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 29 Oct 2021 18:50:15 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
www-player-webp.css
www.youtube.com/s/player/9216d1f7/ Frame 6CAA 		334 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
180110
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46958
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:24 GMT
www-embed-player.js
www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/ Frame 6CAA 		208 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
180116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69750
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:18 GMT
base.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		2 MB
513 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
180116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525254
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:18 GMT
fetch-polyfill.js
www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/ Frame 6CAA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
180116
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6CAA 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 04:18:33 GMT
x-content-type-options
nosniff
age
52301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 29 Oct 2022 04:18:33 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 6CAA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H3
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
451aa685fa0af7c58862cfc734dfc14bb48f2353fbfac858aa5644a826d276b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 29 Oct 2021 18:50:14 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6CAA 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f6.1e100.net
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:43:00 GMT
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Oct 2021 18:58:00 GMT
qyJQO4Qb9Jkfd50q3TR7-uCotD5hxe5ATFzR7CPnEOE.js
www.google.com/js/th/ Frame 6CAA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/qyJQO4Qb9Jkfd50q3TR7-uCotD5hxe5ATFzR7CPnEOE.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f4.1e100.net
Software
sffe /
Resource Hash
ab22503b841bf4991f779d2add347bfae0a8b43e61c5ee404c5cd1ec23e710e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 17:27:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
91336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13512
x-xss-protection
0
last-modified
Tue, 19 Oct 2021 13:00:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 28 Oct 2022 17:27:58 GMT
embed.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
180114
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7348
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:20 GMT
player
www.youtube.com/youtubei/v1/ Frame 6CAA 		202 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
f1ca4f72a1935cadc2f2e03da34b2ba9e6f61063bb9b1bd30e7c8b448f6cd6d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211026.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id
CgtjVEFBMnhxN0l1byjmhPGLBg%3D%3D
Content-Type
application/json

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54517
x-xss-protection
0
truncated
/ Frame 6CAA 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
dEqrGA64VQARN7PYkcRBgz7G7BmOaLayU82x5gV_cARFUlaWIQ4pTewv3SRNvT_ubyhrJCnchA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6CAA 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/dEqrGA64VQARN7PYkcRBgz7G7BmOaLayU82x5gV_cARFUlaWIQ4pTewv3SRNvT_ubyhrJCnchA=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
fife /
Resource Hash
2d33915981633b6ef0484c02761f877f4cbc50d0a2c19caf25dd5fda68506ff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:03:36 GMT
x-content-type-options
nosniff
age
2798
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2282
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Oct 2021 18:03:36 GMT
truncated
/ Frame 6CAA 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
generate_204
www.youtube.com/ Frame 6CAA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?2RFZTw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube.com/api/stats/ Frame 6CAA 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=133&afmt=140&cpn=vkMiJrqAhW-dh0bD&ei=ZkJ8YbbwNZOTgQf21JvgDQ&el=embedded&docid=3qNnkS7U3N8&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24116772&cl=405751832&live=live&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211026.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.408:S,0.418:S,0.418:S&cmt=0.007:0.000,0.408:0.000,0.418:0.000&afs=0.417:140::i&vfs=0.418:133:134::r&view=0.418:1:1&bwe=0.418:130000&bat=0.418:1:1&vis=0.418:0&bh=0.418:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
remote.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:48:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
180092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29616
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:48:43 GMT
endscreen.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
62aa72673edf214afa30a41de2055d1973084395fbd809fc84490140ac286cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:49:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
180056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7227
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:49:19 GMT
heartbeat.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/heartbeat.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
7e1030b6b9919efdf0a19b5a3cb9a307b426366addcd6bbf77a4bcf7b88f1d85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
180059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9137
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:49:16 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 6CAA 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 10:11:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117552
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 28 Oct 2022 10:11:03 GMT
qoe
www.youtube.com/api/stats/ Frame 6CAA 		0
19 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=pdHNjsRGD-GwxpLF&ei=Z0J8YfPOCpOTgQf21JvgDQ&el=adunit&docid=Ah8ZU2e0rOI&content_v=3qNnkS7U3N8&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24116772&cl=405751832&adformat=2_2_1&seq=1&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211026.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.002:N&afs=0.002:251::i&vfs=0.002:243:243::r&view=0.002:1:1&bwe=0.002:130000&vis=0.002:0&cmt=0.002:0.000&bh=0.002:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		76 KB
77 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=0-78186&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
aecd8e405ab1e123878d5a18942f4e58f211497c6abaa788c335c6e5c2ee8b8b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:15 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
78187
Last-Modified
Mon, 25 Oct 2021 11:34:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Fri, 29 Oct 2021 18:50:15 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		64 KB
65 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=251&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=audio%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=242252&dur=15.021&lmt=1635161238403496&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEHabja0rWWUF6ViXFiVMi9JzMrIwNCfvE0IdsU6Y-pkCICgxbq7TLB3pse1HC_EhEN66im1qvDbN1RVY10ewold8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=0-65835&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
c090982caa6dbc18fb22f3bb4d65a5799cae45a31ed6f59d27924d2f00cc5ef9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Fri, 29 Oct 2021 18:50:15 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
65836
Last-Modified
Mon, 25 Oct 2021 11:27:18 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Fri, 29 Oct 2021 18:50:15 GMT
captions.js
www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/ Frame 6CAA 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
sffe /
Resource Hash
a72420c33001675997382d9b310d923fe5b24bfd1946b603058c46d012c9a8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 16:49:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
180061
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24457
x-xss-protection
0
last-modified
Wed, 27 Oct 2021 00:15:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 27 Oct 2022 16:49:14 GMT
next
www.youtube.com/youtubei/v1/ Frame 6CAA 		62 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
3e257417b264250b71c12c86beadb04bf29f7a7fdcc55d06f7ce024c73287e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211026.01.00
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
X-Goog-Visitor-Id
CgtjVEFBMnhxN0l1byjmhPGLBg%3D%3D
Content-Type
application/json

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5533
x-xss-protection
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6CAA 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Oct 2021 18:50:15 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 278A 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8727
date
Tue, 26 Oct 2021 12:49:36 GMT
expires
Wed, 26 Oct 2022 12:49:36 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
280839
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		0
0
cast_sender.js
www.gstatic.com/eureka/clank/95/ Frame 6CAA 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/95/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 10:44:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15249
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 23:31:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="cloudview-release"
expires
Sat, 30 Oct 2021 10:44:50 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		76 KB
76 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=269-78186&rn=4&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
4ecf98ce907353e00d343620678621e20bdbb7191e3cf6da32c566c76471a965
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77918
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:34:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 29 Oct 2021 18:50:15 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6CAA 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version
1.20211026.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtjVEFBMnhxN0l1byjmhPGLBg%3D%3D
X-YouTube-Ad-Signals
dt=1635533414490&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image&bid=ANyPxKq6lGSYAqfVV8_TM5YROWxdC7UyPezaLZpksfkSRUcdtRd6Td0fYAtI38vbU3Du1k3U6GA7jHQAqhbo5ukfsAFc9AqUYg

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 6CAA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFWbfZkJ8Yb2yOtXt3wOi0jKdt7eMZrCmw4GED7CQHxABIOP7kwNglQKgAbDriZUDyAEFqQJKdKY41V-zPqgDAZgEBaoEzQFP0OVN1JFT5dFOGyCiNMwRZZE7CTC7NGdNQsepF_Xm5zXPrpQUh41q-Ehodh-K4BuEBNR47arHekXpaFCY2ddlFMFkXKVDlD96RQt9_NsI65rmMvvh6t5WuWz75XC2Jubqye2O0hNwqAwbDdy9pefSu8kYMIlT1My6rBULz7cYRr6O_2vlNiwvETCuB34HLA92HMr2qt8rrGO8kKX9qzBa8CWi0hv2O0MR_nF3qd6qfH0m0lL4TMdgKsr5ggTUfY4be8qG5W0TjH03AbAMwATmoMOQ1QOSBQYIBBAFGA-SBQYIBBABGAGSBQYIExAFGA-SBQYIExABGAGgBlSAB7iU9mqoB_DZG6gH8tkbqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRD_p6ABqAgB0ggJCIDhgFAQARhf8ggfY2EteXQtaG9zdC1wdWItMzY3NjIzMjU4MTYyOTYyMoAKAaELp5I5wrmTohnICwLCEwYYsOuJlQPYEwLQFQGAFwGgFwGyFxwKGggAEhRwdWItNjIxOTgxMTc0NzA0OTM3MRgA&sigh=KVhKS02j_iU&uach_m=[UACH]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
paralleladview
www.youtube.com/pagead/ Frame 6CAA 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/pagead/paralleladview?ai=CRQLkZkJ8YerPN5WF9u8PnNyG6AIAsKbDgYQPABABIABglQKCARdjYS1wdWItNjIxOTgxMTc0NzA0OTM3MagDBKoEG0_QUZtT2-9_qp5vSaexszUfOcKacyFcKWgfrNIIAhABsAsBugs0CAEQARgGIAEoBDABQDhIAVgsYABoAXABeAGIAQCYAQGiAREKABgBIAFIAVgAYAFwAJgCAaAXAQ&sigh=xAlN_WJizrA&cid=CAASFeRobhQoExdDRuJykJuZQCyWqQG_2Q&vt=0&ad_mt=8&ad_cpn=pdHNjsRGD-GwxpLF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 29 Oct 2021 18:50:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
ads
www.youtube.com/api/stats/ Frame 6CAA 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/ads?ver=2&ns=1&event=2&device=56&content_v=3qNnkS7U3N8&el=embedded&ei=ZkJ8YbbwNZOTgQf21JvgDQ&devicever=1.20211026.01.00&cplayer=2&bti=9477942&format=2_2_1&break_type=1&conn=0&cpn=vkMiJrqAhW-dh0bD&lact=598&m_pos=0&mt=0&p_h=1&p_w=1&rwt=[RWT]&sdkv=h.3.0.0&slot_pos=0&vis=0&vol=0&wt=1635533415139&ad_cpn=pdHNjsRGD-GwxpLF&ad_id=%2C516473017136&ad_len=15000&ad_mt=8&ad_sys=YT%3AAdSense%2CAdSense&ad_v=Ah8ZU2e0rOI&aqi=ZkJ8YerPN5WF9u8PnNyG6AI&live=1&ad_rmp=1&sli=1&slfs=1&loginael=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6CAA 		42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzF71tRcI-_9ARUxmSPfYwerIq_EYYH7UmWvbf-8yv3LHn-W1OHhn7IC5AXBqB0xdPwr09Pthvx3E0qhoKClEURJCJyrchRw4FY-cB9IkHFtdcmuJyqg&sai=AMfl-YQZVYU9xghuxA52aHBme_-ReqSkbOlzTktFJ_pnQ1v_5o8GT-zv8mO14GR-ZuL7AbOh1LzmXwAm1MB0&sig=Cg0ArKJSzP4vzia3eGGeEAE&id=lidarv&acvw=sv%3D20211026%26cb%3Dyw%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Db%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15000%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D119668215%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D653%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635533415127&avm=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6CAA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvRd4ZkJ8Yb2yOtXt3wOi0jKdt7eMZrCmw4GED7CQHxABIOP7kwNglQKgAbDriZUDyAEFqQJKdKY41V-zPqgDAZgEBaoEzQFP0OVN1JFT5dFOGyCiNMwRZZE7CTC7NGdNQsepF_Xm5zXPrpQUh41q-Ehodh-K4BuEBNR47arHekXpaFCY2ddlFMFkXKVDlD96RQt9_NsI65rmMvvh6t5WuWz75XC2Jubqye2O0hNwqAwbDdy9pefSu8kYMIlT1My6rBULz7cYRr6O_2vlNiwvETCuB34HLA92HMr2qt8rrGO8kKX9qzBa8CWi0hv2O0MR_nF3qd6qfH0m0lL4TMdgKsr5ggTUfY4be8qG5W0TjH03AbAMwATmoMOQ1QOgBlSAB7iU9mqoB_DZG6gH8tkbqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAUBABGF_yCB9jYS15dC1ob3N0LXB1Yi0zNjc2MjMyNTgxNjI5NjIygAoBoQunkjnCuZOiGcgLAtgTAtAVAYAXAaAXAQ&sigh=8gPwZT8m14I&label=part2viewed&ad_mt=8&acvw=sv%3D20211026%26cb%3Dyw%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Db%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D1%26dur%3D15000%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D119668215%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D655%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635533415127
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 6CAA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CvRd4ZkJ8Yb2yOtXt3wOi0jKdt7eMZrCmw4GED7CQHxABIOP7kwNglQKgAbDriZUDyAEFqQJKdKY41V-zPqgDAZgEBaoEzQFP0OVN1JFT5dFOGyCiNMwRZZE7CTC7NGdNQsepF_Xm5zXPrpQUh41q-Ehodh-K4BuEBNR47arHekXpaFCY2ddlFMFkXKVDlD96RQt9_NsI65rmMvvh6t5WuWz75XC2Jubqye2O0hNwqAwbDdy9pefSu8kYMIlT1My6rBULz7cYRr6O_2vlNiwvETCuB34HLA92HMr2qt8rrGO8kKX9qzBa8CWi0hv2O0MR_nF3qd6qfH0m0lL4TMdgKsr5ggTUfY4be8qG5W0TjH03AbAMwATmoMOQ1QOgBlSAB7iU9mqoB_DZG6gH8tkbqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAUBABGF_yCB9jYS15dC1ob3N0LXB1Yi0zNjc2MjMyNTgxNjI5NjIygAoBoQunkjnCuZOiGcgLAtgTAtAVAYAXAaAXAQ&sigh=8gPwZT8m14I&label=admute&ad_mt=8&acvw=sv%3D20211026%26cb%3Dyw%26e%3D10%26nas%3D1%26if%3D1%26sdk%3Db%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26nmt%3D0%26tcm%3D1%26bt%3D6%26pst%3D1%26dur%3D15000%26vmtime%3D7%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D4096%26cs%3D4114%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D119668215%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D658%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1635533415127
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mqdefault_live.jpg
i.ytimg.com/vi/3qNnkS7U3N8/ Frame 6CAA 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/3qNnkS7U3N8/mqdefault_live.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.86 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f22.1e100.net
Software
sffe /
Resource Hash
f70ee82ab86756eb56b1b7c4d7b5b4a441e640aa5cfdb537f9a60a93ee73b5e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:49:45 GMT
x-content-type-options
nosniff
age
30
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16888
x-xss-protection
0
server
sffe
etag
"1635530465"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 29 Oct 2021 18:54:45 GMT
LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js
pagead2.googlesyndication.com/bg/ Frame 278A 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LnuN3C34rR70L3hG8w6Spma0p50xn6UkBXRbbJn0q6o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 27 Oct 2021 21:18:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
163888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13394
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Thu, 27 Oct 2022 21:18:47 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		64 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=251&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=audio%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=242252&dur=15.021&lmt=1635161238403496&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEHabja0rWWUF6ViXFiVMi9JzMrIwNCfvE0IdsU6Y-pkCICgxbq7TLB3pse1HC_EhEN66im1qvDbN1RVY10ewold8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=300-65835&rn=5&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
779c1c22d7d58dc75fd2b472b3e55a30734a26378078e6724296e3c3a5c7eca9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:27:18 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 29 Oct 2021 18:50:15 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		76 KB
76 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=78187-156104&rn=6&rbuf=2644
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
b8117157cd36f9cfb6742db5289757961c04d0136e6af03e3f7d7c621bbbbc5f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77918
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:34:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 29 Oct 2021 18:50:15 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		64 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=251&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=audio%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=242252&dur=15.021&lmt=1635161238403496&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEHabja0rWWUF6ViXFiVMi9JzMrIwNCfvE0IdsU6Y-pkCICgxbq7TLB3pse1HC_EhEN66im1qvDbN1RVY10ewold8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=65836-131371&rn=7&rbuf=4040
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
d92cbfdc0ed7cab1521120ad4f099f6e035cb3f5bb7e42eb3e316793c59656bf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:27:18 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 29 Oct 2021 18:50:15 GMT
playback
www.youtube.com/api/stats/ Frame 6CAA 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=adunit&cpn=pdHNjsRGD-GwxpLF&docid=Ah8ZU2e0rOI&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%3Fenablejsapi%3D1%26origin%3D*%26playsinline%3D1%26autoplay%3D1%26mute%3D1&cmt=0.008&ei=Z0J8YfPOCpOTgQf21JvgDQ&fmt=243&fs=0&rt=0.256&of=-_xhI4eL4MjOL53E0nwGhA&adformat=2_2_1&content_v=3qNnkS7U3N8&euri=https%3A%2F%2Fwww.google.com%2F&lact=731&cl=405751832&mos=1&vm=CAEQABgEOjJBS1JhaHdEU19OaVBQVlpOeXJ3Y1ktcTR4RTFLX3QxN05HN3UxcXhlNVJRa3h2SmcwQWJTQVBta0tETFhhSlM5TjR0bjBHMWd5U2E1Y1NqMjFwM2RwVGpSOW1JQ2l6OGRDNTkxNlhpZVRXR2E0eWE4ZXRValg4SlpqXzlMQWhMRnJRdGtrNFE&volume=100&aqi=ZkJ8YerPN5WF9u8PnNyG6AI&cbr=Chrome&cbrver=95.0.4638.54&c=WEB_EMBEDDED_PLAYER&cver=1.20211026.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=13&hl=de_DE&cr=DE&len=15.021&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24064555%2C24080738%2C24082661%2C24101841%2C24116772&rtn=11&afmt=251&size=1%3A1&inview=0&muted=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 6CAA 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=Ah8ZU2e0rOI&cpn=pdHNjsRGD-GwxpLF&ei=Z0J8YfPOCpOTgQf21JvgDQ&ptk=youtube_host&ptchn=youtube_host&pltype=adhost&content_v=3qNnkS7U3N8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		159 KB
159 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=156105-319334&rn=8&rbuf=5297
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
5fccb6a1da06ab8402f7b8a3d6871fa65009ab196268c10204c416bad340a706
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
163230
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:34:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 29 Oct 2021 18:50:15 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		108 KB
108 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=251&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=audio%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=242252&dur=15.021&lmt=1635161238403496&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgEHabja0rWWUF6ViXFiVMi9JzMrIwNCfvE0IdsU6Y-pkCICgxbq7TLB3pse1HC_EhEN66im1qvDbN1RVY10ewold8&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=131372-242251&rn=9&rbuf=8088
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
615060687bccc814f815d08efb5995e50f9708925d0413e23af1673a0f870f62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110880
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:27:18 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 29 Oct 2021 18:50:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 278A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.0.0.0&bgai=BPpXsZkJ8Yb2yOtXt3wOi0jIAAAAAOAG6BRMI0Knd4aTw8wIVF-S7CB1gmAja&bg=!lpWlldHNAAZzbWp4c207ACkAdvg8WuOP-Eoia5UOeP0ytD032Jj5TTBCkL8yxx7BlKHQ5jp_CtDLlgIAAACLUgAAAApoAQeZApN6b-VYzJN3HpjHwntc7Ecm0ovryz5eRAhH2u8-j6GS4CLZCypvPspK9HED4JLpNt03H0sMMji_-tYyyBjBtTctvyYrK1bvZvz8sH-BkcD3IhaRr_aJCVTzsiIlw60kCA3-Gwd08v8uFJFpi_et-SEBua2b2v1h4kegRcNguHo0th6979kqCLBnqtbG_zLdKScNmfFvx6KEK7vbpZ3HktLLnIJJzjFiuWL_pVy3sTGF01qPOELBlQcnugP87397KC-ZqQ7r6cjrMq6J1FE4WPJGFY_htyVeLGqxHrsFVCucUHOu0mMJgqSV6MGKiVgX9TPrmEJi-aeMCZFLayswnFjuUvFYN3DFH0Uyyn9vRIf3W0J8Inpn3l7rzdwGYiAz7xfy4NJYlohmzrBfDx8L9HayxT1KqbOPajyY33-3X_nhXY-gelIqyuAZlFOa-iPshC4UuMM-3DG5hMeOL5CIYLyq3vDBnv02NkUu_ciAeopNg_NgVBv9E3BLCReOCL9SLtVEpMb1r1e6mfc5QXVK49Y-NHLDDp0kl-97pDyhS_Vlxods7Q-KVb7TK0baUMIbyUuHrAgk7wPqTiaJgqoQsvIFe_OdZq6eTH9LybRo64CcM16Z_7nsRQDM3QZds3yEm0TplouiQsT4eBr0Dq8EJgu9BS8aUyt5DsPpUfrx4wryi4O78dR0Rv2vlMlWBelewse0AiEF_Heb5DW6msXiuG03gEawAj2zDmn7RD0B8VaaqIWueIknTJtbzMn97UhTxZ7cl80D9sUu8hjQ0pI5e_nEmeT-9KxYrP6QIWqOnrQ7aBYntPthxpbd9x3bPfOw4oRsvFAbfA58ofaXeS04AGdQr2YrOrIjq6HC-mArQdj2MUAPkw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Oct 2021 18:50:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r1---sn-4g5lznes.googlevideo.com/ Frame 6CAA 		204 KB
204 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=319335-528154&rn=10&rbuf=9632
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.160.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s13-in-f6.1e100.net
Software
gvs 1.0 /
Resource Hash
bc4f22d27a6f19999c3119c2c5317fd46c74b32721bbb973f690bdea396ce565
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 29 Oct 2021 18:50:15 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208820
client-protocol
quic
last-modified
Mon, 25 Oct 2021 11:34:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Fri, 29 Oct 2021 18:50:15 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6CAA 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9216d1f7/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/3qNnkS7U3N8?enablejsapi=1&origin=*&playsinline=1&autoplay=1&mute=1
X-YouTube-Client-Version
1.20211026.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtjVEFBMnhxN0l1byjmhPGLBg%3D%3D
X-YouTube-Ad-Signals
dt=1635533414407&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1%2C1&vis=1&wgl=true&ca_type=image&bid=ANyPxKq6lGSYAqfVV8_TM5YROWxdC7UyPezaLZpksfkSRUcdtRd6Td0fYAtI38vbU3Du1k3U6GA7jHQAqhbo5ukfsAFc9AqUYg

Response headers

date
Fri, 29 Oct 2021 18:50:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r1---sn-4g5lznes.googlevideo.com
URL
https://r1---sn-4g5lznes.googlevideo.com/videoplayback?expire=1635555015&ei=ZkJ8YbbwNZOTgQf21JvgDQ&ip=216.131.114.198&id=o-AE6rRS0n7gNjcZ0yaQoskzuKv0QM0P3yiAMo-b3f_og9&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278&source=youtube&requiressl=yes&mh=FL&mm=31%2C26&mn=sn-4g5lznes%2Csn-2gb7sn7z&ms=au%2Conr&mv=m&mvi=1&pl=24&ctier=L&initcwndbps=263750&vprv=1&mime=video%2Fwebm&ns=DIjwXFWEloYu-O2qp_9AAW8G&gir=yes&clen=528155&dur=15.000&lmt=1635161676362676&mt=1635533097&fvip=1&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=ZOfFC0AZyrP9GQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cctier%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAPr8L4TJ5wBHLQmu2VoDo4ElTS19rTtErgLHqGlBFx_bAiEA_HJKSgK9sRa8htsBv03i0Xzo7-DxWGorhbH7eLFHFYY%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdAoWY9IVPMdC7CuaaGxbXuDVxgwQ7f8ivo9fH4pT0c0CIDKEgDYf-jU0g-stuiMk4ZqmVS67gV3HZeS5uv1_uJFl&alr=yes&cpn=pdHNjsRGD-GwxpLF&cver=1.20211026.01.00&range=78187-156104&rn=3&rbuf=2652

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| $ function| jQuery number| show_fname_chars string| upload_type undefined| form_action undefined| x function| $$ function| openStatusWindow function| StartUpload function| StartUploadZIP function| openStatusWindowZIP function| StartUploadBox function| checkExt function| checkSize function| getFileSize function| fixLength function| MultiSelector function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| submitCommentsForm function| scaleImg function| OpenWin function| player_start function| copy function| convertSize number| LAST_CORRECT_EVENT_TIME number| _4037708811 function| O6HH function| W6HH function| g6HH function| D6HH function| D4zz undefined| c5H number| a5H number| B8dddd function| umM6 string| m function| _nperisow function| _ellrib object| _pop object| jQuery1102045999238475410786 function| T number| b number| asJN@2jn object| detectZoom object| iframe object| where object| win object| _pao number| l5pppp function| T677 function| w91 function| e677 undefined| handleException function| R3ff function| _clwvap6a20xevsnly5ggno number| X1IIII function| t39 function| e7rr function| S7rr function| h0kk function| _cld56qbjjcmqik9pijyhi undefined| __optimize undefined| __residual undefined| __abstract function| _cl6q984cnb0ja7sbqk0oh7 number| iinf object| __adFormats object| __formatsGetters object| AdManager object| a3klsam function| _cln5f0t8kmjhi2rzaafmxl function| onClickTrigger boolean| zfgloadedpopup object| $jscomp function| $jscomp$lookupPolyfilledValue function| AdscoreInit object| pako string| txt number| a function| ed number| t string| property number| r number| g string| bt string| VCN boolean| face boolean| face_Url boolean| face_widget_id boolean| face_cookie_name boolean| nativeInjectionPlugs boolean| burst boolean| p_name boolean| p_settings boolean| p_expires boolean| p_widget_id boolean| sn boolean| snId boolean| snCN boolean| ipn boolean| ipnId boolean| tars boolean| vOw function| vOwf boolean| vOwb boolean| vOwbi boolean| vOwv boolean| vOwvi boolean| updates boolean| updatesId boolean| tnl string| domains_delivery string| conf_delivery_resource_http string| conf_delivery_resource_ws string| nativeInjectionPlugsId string| kodak_moment string| integrationScriptCreatedTimestamp string| rfrr string| integrationTypeAdblockSafe object| Pub2a function| Pub2b undefined| nativeInjectionAd number| _WiState object| pub function| Pub2 function| verGenerate function| getStyle function| createCANativeAd object| regeneratorRuntime function| __banner-init boolean| pubappended

19 Cookies

Domain/Path Name / Value
picrok.com/ Name: randno
Value: bm8tcmVm
stagepopkek.com/ Name: UID
Value: 21102913503a2621a8f0ac410bb73884281c
dendranthe4edm7um.com/ Name: UID
Value: 2110291350cc75b4b248f34d169d51e046f6
picrok.com/ Name:
Value: __test
picrok.com/ Name: __PPU___PPU_SESSION_URL
Value: %2FVQcM5rEHvUuRHDflp48EviiSXVh6Yr-bAw.php
picrok.com/ Name: a
Value: lFht5s6MaI1QT9Zbe74sPPJTUPblwJJe
ilusors.com/ Name: UID
Value: 2110291350d15b3ade1a9846d8b4fb18dead
picrok.com/ Name: bnState
Value: {"impressions":2,"delayStarted":0}
stagepopkek.com/ Name: OACIBLOCK
Value: ABsljwAAAABhfEJl
stagepopkek.com/ Name: ppucnt
Value: 0
stagepopkek.com/ Name: OACICAP
Value: ABsljwAAAAAAAAAC
tb.baimgfroggd.site/ Name: 1739.988224
Value: 1
picrok.com/ Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c
Value: BAYAYXxCZQFhfEJlgAGBAsAAIHtf0PM3COD-SKIQk3f5HF6eQCO7f7DhdEXwXyCcn1QUwQBGMEQCIDIZ9V57zoQ2ufI2okCqCpDCR9OFYRrO2moX6d0VWz3ZAiATzXaOj2dbEbAmEZLVgDapSGUajrn1S6VRGTuigpPJbQ
picrok.com/ Name: _popprepop
Value: 1
.google.com/ Name: NID
Value: 511=sBiQoLplpJR5TaIjuGTyfuaiFOzpaWFePEVbeDneinGBuqfIsh1F8zFlqCRwwskKJui3wzUgksg2Xa2kwA0yHhCm8yjex6dFHLYRN2HeO6O6YD72XYnr3qGkyo_wv3g3gveh69Yu8KSJYl8o9SoIpYz4ANH806TaZcr2m1oEhuA
.youtube.com/ Name: YSC
Value: XU_314HHkBg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: cTAA2xq7Iuo
.doubleclick.net/ Name: IDE
Value: AHWqTUnKlgHjnZFJkqjkWRdma_bD5KxrQXyagxZkHmHHCi9lAeSEoDECXU9uXESd
.maldini.xyz/ Name: guid
Value: 16024f8b-3314-4782-9165-bc4d8fcbd24f

1 Console Messages

Source Level URL
Text
deprecation warning URL: https://stream.vast.wtf/youtube/banner?vi=3qNnkS7U3N8&eu=https%3A%2F%2Fwww.google.com%2Furl%3Fsa%3DD%26q%3Dhttps%3A%2F%2Fwww.youtube.com%2Fembed%2F3qNnkS7U3N8%253Fenablejsapi%253D1%2526origin%253D%2A%2526playsinline%253D1%2526autoplay%253D1%2526mute%253D1&ee=https%3A%2F%2Fvs.videonet.online%2Fsts%2F&pid=43038&p=0.0200&oid=988224&sp=0.0400&spp=1000&se=impression&tcbbi=https%3A%2F%2F12007250.pix-cdn.org%2Fnative%2Ftmp%2Ftbz.jpg&tcbbc=https%3A%2F%2Ftube.biz%2F%3Futm_source%3Dtbz%26utm_medium%3Dbanner%26utm_campaign%3Dasites%26ref%3Dnq1a9fVMKw(Line 33)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12007250.pix-cdn.org
4.adsco.re
6.adsco.re
9spmjmu2ixhr.l4.adsco.re
9spmjmu2ixhr.n4.adsco.re
9spmjmu2ixhr.s4.adsco.re
accounts.google.com
adsco.re
c.adsco.re
cdn.bncloudfl.com
cdn.jsdelivr.net
d.maldini.xyz
d.smopy.com
d1ev866ubw90c6.cloudfront.net
dendranthe4edm7um.com
f00961160c.25391ebf69.com
fonts.gstatic.com
freychang.fun
googleads.g.doubleclick.net
i.ytimg.com
iesboughts.xyz
ilusors.com
imghq.xyz
js.cabnnr.com
js.wpadmngr.com
lcdn.tsyndicate.com
pagead2.googlesyndication.com
picrok.com
pleastindustress.xyz
pxl.tsyndicate.com
r1---sn-4g5lznes.googlevideo.com
rtbbnr.com
stagepopkek.com
static.doubleclick.net
stream.vast.wtf
tb.baimgfroggd.site
tn.hclips.com
tn.txxx.tube
tn.voyeurhit.com
tpc.googlesyndication.com
visariomedia.com
vs.videonet.online
wpunativesh.com
www.facebook.com
www.google.com
www.gstatic.com
www.visariomedia.com
www.youtube.com
yt3.ggpht.com
r1---sn-4g5lznes.googlevideo.com
104.16.86.20
104.17.166.186
104.17.167.186
104.21.34.6
104.21.57.67
104.22.14.198
109.206.161.77
109.206.162.83
109.206.163.64
13.225.20.40
131.153.42.228
142.250.181.225
142.250.181.238
142.250.184.194
142.250.184.230
142.250.185.131
142.250.185.193
142.250.185.205
142.250.185.66
142.250.185.86
142.250.186.36
143.204.101.150
143.204.98.83
157.240.20.35
162.252.214.5
162.55.139.130
172.67.187.37
172.67.218.221
185.200.116.90
185.200.118.90
195.181.175.54
213.133.127.134
213.174.135.24
213.174.135.25
216.21.12.16
23.235.244.212
38.132.109.186
67.27.234.121
74.125.160.38
78.46.40.103
01b4fe8f8e83646976690342f1e741f7f218f5c53c1a7c9b1c651cc140171719
05594b9b2c705f620d286533caf7a03e6a80c8658b43f0406d1db36dade1835b
0a500f83955139786d6ad6b9c95cbe603dceb315cf5c87005cfcf3fe2b199c2e
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0ebafdeeaed2c8f5e42189ad3db0dce04ff3dede546d139b03406de1f2871201
16f6ce9e778f9cf6c02cdd72c1cd3998bccea3beaad6b5a0b755ae372979bcb5
1cb8b2702535f8135ff96d3a2606e0b0b93417acd13daf5c2a81afbce5e388a2
24b117668baa1c446d21372e6fdc04d3a49387071cd31a267b948b35891cb9f7
2d33915981633b6ef0484c02761f877f4cbc50d0a2c19caf25dd5fda68506ff7
2e7b8ddc2df8ad1ef42f7846f30e92a666b4a79d319fa52405745b6c99f4abaa
2fe06ee352a3b85d254aab0a47a0310cbe7fa64222e0aa3b6c8eb3232c42b842
38fd2fa1c9bb4724854dc55617ab234182eeca455e3b72fdc9f1e6ddca9ffd1a
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e257417b264250b71c12c86beadb04bf29f7a7fdcc55d06f7ce024c73287e4a
4031dea4a8a48b0efd5836f07da70d2f72a3fcd76d50f2d411b3ccec4e980b28
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
451aa685fa0af7c58862cfc734dfc14bb48f2353fbfac858aa5644a826d276b4
479b636df61f0267565d3b75323e7b18602f4dbe560f2ab499cc26ec6c4d406c
4c797355fdbc5008cb1c2db5648cd47acc0c8f6f92dfac3e6a8e903667761c0f
4ecf98ce907353e00d343620678621e20bdbb7191e3cf6da32c566c76471a965
52b6422d2e5d9a0bbe5ac3c5a72fcb7f649dd20ca36403b25880b25cbe5aa71c
5fccb6a1da06ab8402f7b8a3d6871fa65009ab196268c10204c416bad340a706
6004cbbdfd65a4a6059250ea0595c41799d38cc264a567f22db8e90e87915b26
615060687bccc814f815d08efb5995e50f9708925d0413e23af1673a0f870f62
62aa72673edf214afa30a41de2055d1973084395fbd809fc84490140ac286cb4
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d9a7d6fff73563acdacb5172b6e625a74208aa072acf28eb069e0617f9b3ad1
6e2d9cc145ae1b84c7f004452dc92301c3a0cd81f3a1ee97be9394c060124f2f
7279333c2610bb99ffb34954bd8d027c78ee0402e56f9c1f26cec1d73e972026
736763f0f554c88846bcdfd441225537d1a03441f31c0c60e60795265c14347f
779c1c22d7d58dc75fd2b472b3e55a30734a26378078e6724296e3c3a5c7eca9
7a41beb1ba494a2dd2713b065b0d5cd88dcf21f58d51f2dced0fdcd79b655ded
7c97607147b09e31e70026e23eb61dc4917b5655e4b03ee103cb50d62f6616a9
7cafb39275e7071918be2ab6f25e6e9963e7a93e3d3eeee6b2bdfa1bfc51c50f
7e1030b6b9919efdf0a19b5a3cb9a307b426366addcd6bbf77a4bcf7b88f1d85
81adf41f79d5df9e92755efb2c3666f2d68b2e5b0d07bb94c6b6105d912e4be4
831b502b7f9c15c2cd3ee726d68d5e1b0a7637b2fd1c01f190af2cf43c56d902
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b2de298314e0616811998d963d8ca09e5e07d92c94dbfc132744f5fbdc7772
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8751bb40a60109e78c17f67fcb6e3e2b6c9bd9ed820002650018d438e3222877
8dbe6727aa5a99c8f0b4e25e71829246ad3bcacdc84a13e6b5b12c8ea6fafc78
925ea03cce925a6d435f415654824150eef6c3ebfa4ac2a3761896891f53acad
99efa94f95887196c5d36a4092fdbcfa58af90696ceca363d4b6f4bff6fa6e8e
9aaaac87a4cddb7db367764a7080fd31491c36ae256ba81391c270f8c4b2d0f8
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
9de1026f2d5c654a16c4d2c76ca625cec40e64f537fc14cece3b908b8b85c2b1
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
a6796d7f7b1174e097ea6e29ce18b67575ed0b60337e9ae474a33903a898ebd5
a72420c33001675997382d9b310d923fe5b24bfd1946b603058c46d012c9a8ee
ab22503b841bf4991f779d2add347bfae0a8b43e61c5ee404c5cd1ec23e710e1
acd7f7d8b76758ed10d169e4ced2db06dc225613da242a310d64824706620565
ad07cb4c7cfa09ab01d181b97c0f8dc7ca6a77dff706ba6e4b84a8ecdb8046cb
aecd8e405ab1e123878d5a18942f4e58f211497c6abaa788c335c6e5c2ee8b8b
b8117157cd36f9cfb6742db5289757961c04d0136e6af03e3f7d7c621bbbbc5f
bc4f22d27a6f19999c3119c2c5317fd46c74b32721bbb973f690bdea396ce565
c090982caa6dbc18fb22f3bb4d65a5799cae45a31ed6f59d27924d2f00cc5ef9
c2a20e1980149da9c5b1559ce37b1242dee9f3ebe223376a82ae9f56431fddae
c4abed06375af560355245e85765372cfcd587b6dcd42298a892987d66f7873a
c9ca9fbe90c932d2954e1c8cb18dea47e37035aea6157e8e10a97e70f09402fe
cb69ebef736d09eb8e46d48b3ffb05ac7b1223085825f4159ce62a8d68770021
cd35782897bde721750cf4ee711e0eafd945a9d93216813a8309f66e8181cab7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d821e26847d8c47a1d3238dbdd2c1dfd5794b72c10c29365f34730eec688be9a
d92cbfdc0ed7cab1521120ad4f099f6e035cb3f5bb7e42eb3e316793c59656bf
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3887a003ee95881d4fa90eaae1c95cf9ba273ff0809a5b5e41a64a7949e246e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d381d90f29b9cc26391393dd12fa3a34b4db10524608e4e0c688b7d0f8cfdb
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0308b66cb2b979ed7a606b4523d62a3a56342906cd69bbaa17490b69cfdd738
f172a815ca9b2c510183fee18c83113d7522309547e8ac4e53ed92710c5fa0fd
f1ca4f72a1935cadc2f2e03da34b2ba9e6f61063bb9b1bd30e7c8b448f6cd6d3
f70ee82ab86756eb56b1b7c4d7b5b4a441e640aa5cfdb537f9a60a93ee73b5e9
ffb35efd480af56d9f533db9624e16256a9ffe66621e6d34fb8689510d70381a